To FIX or NOT to FIX? That is my question

Viruses and worms
1

[b]Advice would be very much appreciated. Do I have a problem or is everything OK?

Malwarebites finds nothing. Neither do Norton and McCafee. Kaspersky has suspicions about Akamai, which I think is ok. It doesn’t suggest fixing or deleting it. But two others show problems even though maybe Avast doesn’t. I can’t understand any of it.[/b]

Here is the aswMBR log which I can’t understand:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-17 15:20:25

15:20:25.113 OS Version: Windows 6.0.6002 Service Pack 2
15:20:25.113 Number of processors: 2 586 0xF06
15:20:25.113 ComputerName: TT-LAP UserName: TT
15:20:27.282 Initialize success
15:20:49.719 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IdeDeviceP0T0L0-0
15:20:49.719 Disk 0 Vendor: WDC_WD3200BEKT-60V5T1 12.01A12 Size: 305245MB BusType: 3
15:20:49.766 Disk 0 MBR read successfully
15:20:49.766 Disk 0 MBR scan
15:20:49.782 Disk 0 Windows VISTA default MBR code
15:20:49.782 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 203 MB offset 63
15:20:49.797 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 6549 MB offset 417690
15:20:49.797 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 298488 MB offset 13831965
15:20:49.813 Disk 0 scanning sectors +625137345
15:20:49.875 Disk 0 scanning C:\Windows\system32\drivers
15:20:56.599 Service scanning
15:21:10.764 Modules scanning
15:21:16.863 Disk 0 trace - called modules:
15:21:16.895 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:21:16.895 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0x872ad1b0]
15:21:16.910 3 CLASSPNP.SYS[8c7738b3] → nt!IofCallDriver → [0x870d4918]
15:21:16.910 5 acpi.sys[8069b6bc] → nt!IofCallDriver → \Device\Ide\IdeDeviceP0T0L0-0[0x870d6528]
15:21:16.926 Scan finished successfully
15:45:10.504 Disk 0 MBR has been saved successfully to “C:\Users\TT\Desktop\MBR.dat”
15:45:10.508 The log file has been saved successfully to “C:\Users\TT\Desktop\aswMBR.txt”

Let me also post what RootkitBuster from TrendMicro found, which seems to indicate a problem. Here is the full log of it:

see attached file #2

And that’s it. What do I do? Thank you.

2

All look good to me … Are you having problems ?

3

RootkitBuster’s log is OK too? Great! I did have a problem which seems to be resolved, but the logs (the RootkitBuster one in particular) made we wonder whether it was still lurking somewhere and parts of the malware remained. The computer doesn’t have any “symptoms” now. Thanks!

4

Those hidden registry keys are legitimate

5

Thanks again! Resolved.