Deleted important files with tddskiller

View previous topic View next topic Go down

Deleted important files with tddskiller

Post by paulray on 8th May 2013, 9:24 pm

I deleted some important files with tddskiller and i've downloaded tddsqlook to try and fix it but i'm unable to,here's the log of the scan can you help please.

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - Christina Curtis - 08/05/2013 - 20:59:11.89.
InstallShield* 6.1.7600 Scripts=disabled
***** START SCAN 08/05/2013 20:59:16.74 *****

---------- TDSSKiller logs ----------

TDSSKiller.2.8.15.0_11.02.2013_19.26.21_log.txt
TDSSKiller.2.8.15.0_14.11.2012_19.58.47_log.txt
TDSSKiller.2.8.16.0_07.05.2013_02.27.36_log.txt
TDSSKiller.2.8.16.0_07.05.2013_02.43.53_log.txt
TDSSKiller.2.8.16.0_07.05.2013_02.49.08_log.txt

---------- TDSSStarter logs ----------


---------- DIR LIST ----------

C:\TDSSKiller_Quarantine\07.05.2013_02.43.53
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\svc0000
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\svc0000
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\svc0000
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\svc0000
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\svc0000\tsk0000.ini

---------- INI FILES ----------

=== C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\svc0000\object.ini

[InfectedObject]
Type: Service
Name: IconMan_R
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: "C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"


=== C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0000\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
md5: 4DE2EE2A5186D74BABC4E7F60D2AE989


=== C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\svc0000\object.ini

[InfectedObject]
Type: Service
Name: USBAAPL64
Type: Kernel driver (0x1)
Start: Demand (0x3)
ImagePath: System32\Drivers\usbaapl64.sys


=== C:\TDSSKiller_Quarantine\07.05.2013_02.27.36\susp0001\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\Drivers\usbaapl64.sys
md5: 43228F8EDD1B0BCDD3145AD246E63D39


=== C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\svc0000\object.ini

[InfectedObject]
Type: Service
Name: IconMan_R
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: "C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"


=== C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0000\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
md5: 4DE2EE2A5186D74BABC4E7F60D2AE989


=== C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\svc0000\object.ini

[InfectedObject]
Type: Service
Name: USBAAPL64
Type: Kernel driver (0x1)
Start: Demand (0x3)
ImagePath: System32\Drivers\usbaapl64.sys


=== C:\TDSSKiller_Quarantine\07.05.2013_02.43.53\susp0001\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\Drivers\usbaapl64.sys
md5: 43228F8EDD1B0BCDD3145AD246E63D39


***** END SCAN 08/05/2013 20:59:17.25 *****

paulray
Novice
Novice

Posts Posts : 41
Joined Joined : 2012-07-28
OS OS : windows 7
Points Points : 16377
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Deleted important files with tddskiller

Post by Superdave on 8th May 2013, 10:59 pm

What kind of files are you talking about?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Deleted important files with tddskiller

Post by paulray on 9th May 2013, 4:23 am

I don't know what kind of files they are but her's the log that was made made when i deleted them.I just need help with the fix process with TDDSQlook.


paulray
Novice
Novice

Posts Posts : 41
Joined Joined : 2012-07-28
OS OS : windows 7
Points Points : 16377
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Deleted important files with tddskiller

Post by Superdave on 9th May 2013, 6:14 pm

These are the files that were deleted: How's your computer running? Is everything working ok?

02:45:39.0599 7040 C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe - copied to quarantine
02:45:39.0667 7040 HKLM\SYSTEM\ControlSet001\services\IconMan_R - will be deleted on reboot
02:45:39.0690 7040 HKLM\SYSTEM\ControlSet002\services\IconMan_R - will be deleted on reboot
02:45:39.0871 7040 C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe - will be deleted on reboot
02:45:39.0872 7040 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Delete
02:45:39.0920 7040 C:\Windows\system32\Drivers\usbaapl64.sys - copied to quarantine
02:45:39.0929 7040 HKLM\SYSTEM\ControlSet001\services\USBAAPL64 - will be deleted on reboot
02:45:39.0930 7040 HKLM\SYSTEM\ControlSet002\services\USBAAPL64 - will be deleted on reboot
02:45:39.0937 7040 C:\Windows\system32\Drivers\usbaapl64.sys - will be deleted on reboot
02:45:39.0937 7040 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Delete

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Deleted important files with tddskiller

Post by paulray on 9th May 2013, 6:52 pm

My computer's running like normal and as far as i can tell everything's working ok but i don't use many things on it so perhaps the files i've deleted are affecting other things.

paulray
Novice
Novice

Posts Posts : 41
Joined Joined : 2012-07-28
OS OS : windows 7
Points Points : 16377
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Deleted important files with tddskiller

Post by Superdave on 9th May 2013, 10:10 pm

Well, there's not much I can do to help at the moment. You shouldn't run programs like TDSSKiller or ComboFix on your own. They are powerful scanners and can do a lot of harm to your computer.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum