Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

.NET 4.5.2 and Visual C++ 2010 install failure


  • Please log in to reply

#16
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - Owner - Tue 08/19/2014 - 18:19:47.51.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1  
***** START SCAN Tue 08/19/2014 18:19:48.00 *****
 
---------- TDSSKiller logs ----------
 
TDSSKiller.3.0.0.40_18.08.2014_15.28.40_log.txt
TDSSKiller.3.0.0.40_18.08.2014_15.30.07_log.txt
TDSSKiller.3.0.0.40_18.08.2014_15.53.00_log.txt
TDSSKiller.3.0.0.40_18.08.2014_15.54.02_log.txt
TDSSKiller.3.0.0.40_18.08.2014_15.54.38_log.txt
 
---------- TDSSStarter logs ----------
 
 
---------- DIR LIST ----------
 
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\object.ini
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\file0000
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\file0000\object.ini
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\file0000\tsk0000.ini
C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\file0000\tsk0000.dta
 
---------- INI FILES ----------
 
=== C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\object.ini
 
[InfectedObject]
Verdict: UnsignedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\file0000\object.ini
 
[InfectedObject]
Type: File
 
 
=== C:\TDSSKiller_Quarantine\18.08.2014_15.30.09\susp0000\file0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
md5: 4A0477ADCD07EC9D21257A2E456B16C5
sha256: CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79
 
 
***** END SCAN Tue 08/19/2014 18:19:48.23 *****
 


  • 0

Advertisements


#17
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,395 posts

Hi,

 

  • Please download the file Fix.cmd and save it to the Desktop
  • Right click the file Fix.cmd and select Run as Administrator
  • A log will be created on the Desktop called Output.txt please post its contents

  • 0

#18
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

        1 file(s) copied.
 


  • 0

#19
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,395 posts

        1 file(s) copied.
 

 

Good, file restored. :thumbsup:

 

Let's see if we can fix Malwarebytes.

  1. Download and run mbam-clean.exe
  2. Restart your computer when prompted
  3. Reinstall Malwarebytes

Let me know the result.


  • 0

#20
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Nope. It still crashes.


  • 0

#21
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,395 posts

I need to see the result of new scan with aswMBR, similar to what you did on Step 4 of post #4

 

But this time before clicking the Scan button change the AV Scan: box to (None)

aswMBR_None.png

 

Please post the resulting log.


  • 0

#22
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-20 14:03:47
-----------------------------
14:03:47.045    OS Version: Windows x64 6.1.7601 Service Pack 1
14:03:47.045    Number of processors: 4 586 0x3C03
14:03:47.046    ComputerName: OWNER-PC  UserName: Owner
14:03:47.150    Initialize success
14:03:47.164    VM: initialized successfully
14:03:47.169    VM: Intel CPU supported
14:03:49.191    VM: disk I/O iaStorA.sys
14:05:12.221    AVAST engine defs: 14082000
14:08:45.691    Disk 0  \Device\Harddisk0\DR0 -> \Device\00000071
14:08:45.694    Disk 0 Vendor: ST2000DM CC43 Size: 1907729MB BusType: 11
14:08:45.697    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000072
14:08:45.704    Disk 1 Vendor: Samsung_ EXT0 Size: 114473MB BusType: 11
14:08:45.707    Disk 1 MBR read successfully
14:08:45.710    Disk 1 MBR scan
14:08:45.767    Disk 1 Windows 7 default MBR code
14:08:45.777    Disk 1 Partition 1 00     07    HPFS/NTFS NTFS       114471 MB offset 2048
14:08:45.785    Disk 1 scanning C:\Windows\system32\drivers
14:08:48.605    Service scanning
14:08:49.981    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
14:08:49.998    Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
14:08:50.014    Service bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys **LOCKED** 5
14:08:55.855    Modules scanning
14:08:55.856    Disk 1 trace - called modules:
14:08:55.858    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys >>UNKNOWN [0xfffffa80071242c0]<<sptd.sys storport.sys hal.dll iaStorA.sys
14:08:55.859    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8009b58060]
14:08:55.859    3 CLASSPNP.SYS[fffff88001bcb43f] -> nt!IofCallDriver -> [0xfffffa8009a5b860]
14:08:55.860    5 iaStorF.sys[fffff88001dd4a84] -> nt!IofCallDriver -> \Device\00000072[0xfffffa80076e39c0]
14:08:55.860    \Driver\iaStorA[0xfffffa8007663c10] -> IRP_MJ_CREATE -> 0xfffffa80071242c0
14:08:55.860    Scan finished successfully
14:10:41.532    Disk 1 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
14:10:41.570    The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

 


  • 0

#23
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,395 posts

Did you uninstall Daemon Tools?


  • 0

#24
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Did you uninstall Daemon Tools?

I did, yes. Let me double check


  • 0

#25
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Yep, it's not on my list of programs


  • 0

Advertisements


#26
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,395 posts

Yep, it's not on my list of programs

 

Ok, but there are traces of it on the system.

 

Please download SPTDinst-v186-x64 run the tool

In dialog that appears press "Uninstall" button and then SPTD will remove itself from your Windows installation.


  • 0

#27
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Done. Will reboot in a minute


  • 0

#28
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Done and rebooted


  • 0

#29
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,395 posts

Done and rebooted

 

Good, repeat the aswMBR scan again please.


  • 0

#30
Reascr

Reascr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-20 15:02:49
-----------------------------
15:02:49.788    OS Version: Windows x64 6.1.7601 Service Pack 1
15:02:49.788    Number of processors: 4 586 0x3C03
15:02:49.789    ComputerName: OWNER-PC  UserName: Owner
15:02:49.893    Initialize success
15:02:49.907    VM: initialized successfully
15:02:49.912    VM: Intel CPU supported
15:02:52.900    VM: disk I/O iaStorA.sys
15:03:07.930    AVAST engine defs: 14082000
15:03:15.672    Disk 0  \Device\Harddisk0\DR0 -> \Device\00000070
15:03:15.677    Disk 0 Vendor: ST2000DM CC43 Size: 1907729MB BusType: 11
15:03:15.682    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000071
15:03:15.687    Disk 1 Vendor: Samsung_ EXT0 Size: 114473MB BusType: 11
15:03:15.701    Disk 1 MBR read successfully
15:03:15.707    Disk 1 MBR scan
15:03:15.766    Disk 1 Windows 7 default MBR code
15:03:15.768    Disk 1 Partition 1 00     07    HPFS/NTFS NTFS       114471 MB offset 2048
15:03:15.778    Disk 1 scanning C:\Windows\system32\drivers
15:03:18.264    Service scanning
15:03:19.357    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
15:03:19.375    Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
15:03:19.391    Service bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys **LOCKED** 5
15:03:24.745    Modules scanning
15:03:24.757    Disk 1 trace - called modules:
15:03:24.771    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
15:03:24.780    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007935060]
15:03:24.787    3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> [0xfffffa800783abf0]
15:03:24.794    5 iaStorF.sys[fffff88001bdfa84] -> nt!IofCallDriver -> \Device\00000071[0xfffffa80072929c0]
15:03:24.800    Scan finished successfully
15:03:31.908    Disk 1 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
15:03:31.949    The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP