suzanne89 Posted October 22, 2010 ID:331866 Share Posted October 22, 2010 On Tuesday night I made the mistake of letting my roommate use my computer. Now I have a rootkit. I'm running Vista. I first tried TDSSKiller which detected rootkit.win32.tdss.tdl4, where I select "Cure," and it asks to reboot. But when my computer needs to reboot, it just stays on the "shutting down..." screen until blackout, then reboots to improper shutdown screen. When I restart my computer, TDSSKiller just detects again and the process continues. It at least made it possible for me to get online, but it's hard to keep sites from redirecting. I can run and install programs now also. Malwarebytes doesn't detect anything either. The following scans were taken after running TDSSKiller.Sorry if this is a repost, but in some of the other posts I read, they seemed to be directed at individual systems. -SuzanneMalwarebytes Log:Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4052Windows 6.1.7600Internet Explorer 8.0.7600.1638510/22/2010 1:15:37 PMmbam-log-2010-10-22 (13-15-37).txtScan type: Full scan (C:\|)Objects scanned: 233776Time elapsed: 32 minute(s), 9 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)As for gmer, I may not be scanning right:GMER 1.0.15.15477 - http://www.gmer.netRootkit scan 2010-10-22 13:59:49Windows 6.1.7600 Running: gmer.exe---- Files - GMER 1.0.15 ----File C:\Users\Suzanne\AppData\Local\Temp\~DF30E96F138765B58B.TMP 512 bytesFile C:\Windows\Temp\avg-55d82e19-4e28-461a-961f-704428a08812 0 bytesFile C:\Windows\Temp\avg-7445fc01-3db0-4b42-bd0b-6b75b9d8870e 0 bytes---- EOF - GMER 1.0.15 ---- Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:331993 Share Posted October 23, 2010 Welcome to the forum.Can you post the logs from TDSSKiller, MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:331998 Share Posted October 23, 2010 Thank you so much for your help.Here's the most recent log:2010/10/22 17:06:04.0650 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:592010/10/22 17:06:04.0650 ================================================================================2010/10/22 17:06:04.0650 SystemInfo:2010/10/22 17:06:04.0650 2010/10/22 17:06:04.0650 OS Version: 6.1.7600 ServicePack: 0.02010/10/22 17:06:04.0650 Product type: Workstation2010/10/22 17:06:04.0650 ComputerName: ADA2010/10/22 17:06:04.0651 UserName: Suzanne2010/10/22 17:06:04.0651 Windows directory: C:\Windows2010/10/22 17:06:04.0651 System windows directory: C:\Windows2010/10/22 17:06:04.0651 Running under WOW642010/10/22 17:06:04.0651 Processor architecture: Intel x642010/10/22 17:06:04.0651 Number of processors: 42010/10/22 17:06:04.0651 Page size: 0x10002010/10/22 17:06:04.0651 Boot type: Normal boot2010/10/22 17:06:04.0651 ================================================================================2010/10/22 17:06:04.0651 Utility is running under WOW642010/10/22 17:06:04.0838 Initialize success2010/10/22 17:06:07.0139 ================================================================================2010/10/22 17:06:07.0140 Scan started2010/10/22 17:06:07.0140 Mode: Manual;2010/10/22 17:06:07.0140 ================================================================================2010/10/22 17:06:08.0129 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys2010/10/22 17:06:08.0157 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys2010/10/22 17:06:08.0196 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys2010/10/22 17:06:08.0230 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys2010/10/22 17:06:08.0249 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys2010/10/22 17:06:08.0264 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys2010/10/22 17:06:08.0316 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys2010/10/22 17:06:08.0340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys2010/10/22 17:06:08.0396 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys2010/10/22 17:06:08.0415 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys2010/10/22 17:06:08.0440 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys2010/10/22 17:06:08.0608 amdkmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys2010/10/22 17:06:08.0784 amdkmdap (99ab7e4b24c80155dc4296f657faf3c7) C:\Windows\system32\DRIVERS\atikmpag.sys2010/10/22 17:06:08.0816 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys2010/10/22 17:06:08.0837 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys2010/10/22 17:06:08.0865 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys2010/10/22 17:06:08.0890 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys2010/10/22 17:06:08.0918 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys2010/10/22 17:06:08.0955 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys2010/10/22 17:06:08.0974 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys2010/10/22 17:06:09.0006 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys2010/10/22 17:06:09.0026 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys2010/10/22 17:06:09.0076 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys2010/10/22 17:06:09.0159 AVGIDSDriver (0f562e8bcf79facdfb58a5b3b95e5cfe) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys2010/10/22 17:06:09.0180 AVGIDSEH (656366fd0c0e2481a89196fb3d1be49a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys2010/10/22 17:06:09.0199 AVGIDSFilter (fdf9f596316bc1bc10726ece268a0237) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys2010/10/22 17:06:09.0229 Avgldx64 (ef415e445e5376624ed78685ee9647d4) C:\Windows\system32\DRIVERS\avgldx64.sys2010/10/22 17:06:09.0270 Avgmfx64 (f5ffa3053d26c55edc112e66197eed09) C:\Windows\system32\DRIVERS\avgmfx64.sys2010/10/22 17:06:09.0295 Avgrkx64 (5b3f127b26c08b1c7df5c5f111ca4030) C:\Windows\system32\DRIVERS\avgrkx64.sys2010/10/22 17:06:09.0325 Avgtdia (ee472479301fef0b6a17e16d8a0deceb) C:\Windows\system32\DRIVERS\avgtdia.sys2010/10/22 17:06:09.0426 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys2010/10/22 17:06:09.0476 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys2010/10/22 17:06:09.0513 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys2010/10/22 17:06:09.0565 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys2010/10/22 17:06:09.0585 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys2010/10/22 17:06:09.0597 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys2010/10/22 17:06:09.0613 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys2010/10/22 17:06:09.0631 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys2010/10/22 17:06:09.0644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys2010/10/22 17:06:09.0657 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys2010/10/22 17:06:09.0669 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys2010/10/22 17:06:09.0683 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys2010/10/22 17:06:09.0708 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys2010/10/22 17:06:09.0742 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys2010/10/22 17:06:09.0758 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys2010/10/22 17:06:09.0798 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys2010/10/22 17:06:09.0846 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys2010/10/22 17:06:09.0871 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys2010/10/22 17:06:09.0893 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys2010/10/22 17:06:09.0915 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys2010/10/22 17:06:09.0934 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys2010/10/22 17:06:09.0954 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys2010/10/22 17:06:10.0020 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys2010/10/22 17:06:10.0153 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys2010/10/22 17:06:10.0192 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys2010/10/22 17:06:10.0217 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys2010/10/22 17:06:10.0265 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys2010/10/22 17:06:10.0302 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys2010/10/22 17:06:10.0397 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys2010/10/22 17:06:10.0521 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys2010/10/22 17:06:10.0547 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys2010/10/22 17:06:10.0571 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys2010/10/22 17:06:10.0593 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys2010/10/22 17:06:10.0610 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys2010/10/22 17:06:10.0635 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys2010/10/22 17:06:10.0657 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys2010/10/22 17:06:10.0669 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys2010/10/22 17:06:10.0695 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys2010/10/22 17:06:10.0728 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys2010/10/22 17:06:10.0743 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys2010/10/22 17:06:10.0819 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys2010/10/22 17:06:10.0859 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys2010/10/22 17:06:10.0914 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys2010/10/22 17:06:10.0965 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys2010/10/22 17:06:11.0003 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys2010/10/22 17:06:11.0028 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys2010/10/22 17:06:11.0046 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys2010/10/22 17:06:11.0061 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys2010/10/22 17:06:11.0132 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys2010/10/22 17:06:11.0195 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys2010/10/22 17:06:11.0235 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys2010/10/22 17:06:11.0265 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys2010/10/22 17:06:11.0296 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys2010/10/22 17:06:11.0326 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys2010/10/22 17:06:11.0356 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys2010/10/22 17:06:11.0448 IntcAzAudAddService (d8bce8176cb1084c6f5830c019d47166) C:\Windows\system32\drivers\RTKVHD64.sys2010/10/22 17:06:11.0515 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys2010/10/22 17:06:11.0545 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys2010/10/22 17:06:11.0561 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys2010/10/22 17:06:11.0578 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys2010/10/22 17:06:11.0592 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys2010/10/22 17:06:11.0622 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys2010/10/22 17:06:11.0642 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys2010/10/22 17:06:11.0663 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys2010/10/22 17:06:11.0689 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys2010/10/22 17:06:11.0710 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys2010/10/22 17:06:11.0738 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys2010/10/22 17:06:11.0779 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys2010/10/22 17:06:11.0798 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys2010/10/22 17:06:11.0847 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys2010/10/22 17:06:11.0872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys2010/10/22 17:06:11.0892 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys2010/10/22 17:06:11.0917 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys2010/10/22 17:06:11.0947 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys2010/10/22 17:06:11.0960 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys2010/10/22 17:06:11.0977 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys2010/10/22 17:06:12.0004 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys2010/10/22 17:06:12.0056 MEMSWEEP2 (d70476ad02d6fd75282b196d3b58831d) C:\Windows\system32\A159.tmp2010/10/22 17:06:12.0091 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys2010/10/22 17:06:12.0116 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys2010/10/22 17:06:12.0148 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys2010/10/22 17:06:12.0163 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys2010/10/22 17:06:12.0185 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys2010/10/22 17:06:12.0224 MpFilter (c4d8c3031c7cd5884ca856b15307e997) C:\Windows\system32\DRIVERS\MpFilter.sys2010/10/22 17:06:12.0241 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys2010/10/22 17:06:12.0257 MpNWMon (a768f58c55d3f303e686a7646348aec3) C:\Windows\system32\DRIVERS\MpNWMon.sys2010/10/22 17:06:12.0278 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys2010/10/22 17:06:12.0301 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys2010/10/22 17:06:12.0328 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys2010/10/22 17:06:12.0347 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys2010/10/22 17:06:12.0371 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys2010/10/22 17:06:12.0399 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys2010/10/22 17:06:12.0425 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys2010/10/22 17:06:12.0466 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys2010/10/22 17:06:12.0487 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys2010/10/22 17:06:12.0518 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys2010/10/22 17:06:12.0554 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys2010/10/22 17:06:12.0573 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys2010/10/22 17:06:12.0587 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys2010/10/22 17:06:12.0618 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys2010/10/22 17:06:12.0636 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys2010/10/22 17:06:12.0654 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys2010/10/22 17:06:12.0681 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys2010/10/22 17:06:12.0712 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys2010/10/22 17:06:12.0746 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys2010/10/22 17:06:12.0774 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys2010/10/22 17:06:12.0801 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys2010/10/22 17:06:12.0834 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys2010/10/22 17:06:12.0857 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys2010/10/22 17:06:12.0881 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys2010/10/22 17:06:12.0894 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys2010/10/22 17:06:12.0913 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys2010/10/22 17:06:12.0938 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys2010/10/22 17:06:12.0975 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys2010/10/22 17:06:12.0992 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys2010/10/22 17:06:13.0021 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys2010/10/22 17:06:13.0070 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys2010/10/22 17:06:13.0114 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys2010/10/22 17:06:13.0133 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys2010/10/22 17:06:13.0164 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys2010/10/22 17:06:13.0186 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys2010/10/22 17:06:13.0219 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys2010/10/22 17:06:13.0254 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys2010/10/22 17:06:13.0277 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys2010/10/22 17:06:13.0294 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys2010/10/22 17:06:13.0311 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys2010/10/22 17:06:13.0340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys2010/10/22 17:06:13.0367 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys2010/10/22 17:06:13.0390 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys2010/10/22 17:06:13.0460 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys2010/10/22 17:06:13.0473 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys2010/10/22 17:06:13.0500 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys2010/10/22 17:06:13.0534 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys2010/10/22 17:06:13.0569 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys2010/10/22 17:06:13.0585 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys2010/10/22 17:06:13.0613 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys2010/10/22 17:06:13.0648 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys2010/10/22 17:06:13.0676 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys2010/10/22 17:06:13.0708 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys2010/10/22 17:06:13.0726 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys2010/10/22 17:06:13.0740 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys2010/10/22 17:06:13.0765 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys2010/10/22 17:06:13.0780 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys2010/10/22 17:06:13.0816 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys2010/10/22 17:06:13.0837 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys2010/10/22 17:06:13.0854 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys2010/10/22 17:06:13.0874 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys2010/10/22 17:06:13.0888 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys2010/10/22 17:06:13.0979 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys2010/10/22 17:06:14.0038 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys2010/10/22 17:06:14.0095 RTL8192cu (f886e4d6d405b27e7bffde1ccefb101d) C:\Windows\system32\DRIVERS\RTL8192cu.sys2010/10/22 17:06:14.0144 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys2010/10/22 17:06:14.0187 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys2010/10/22 17:06:14.0214 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys2010/10/22 17:06:14.0240 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys2010/10/22 17:06:14.0280 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys2010/10/22 17:06:14.0309 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys2010/10/22 17:06:14.0349 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys2010/10/22 17:06:14.0377 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys2010/10/22 17:06:14.0410 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys2010/10/22 17:06:14.0423 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys2010/10/22 17:06:14.0436 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys2010/10/22 17:06:14.0450 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys2010/10/22 17:06:14.0477 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys2010/10/22 17:06:14.0499 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys2010/10/22 17:06:14.0513 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys2010/10/22 17:06:14.0571 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys2010/10/22 17:06:14.0614 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys2010/10/22 17:06:14.0678 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys2010/10/22 17:06:14.0709 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys2010/10/22 17:06:14.0770 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys2010/10/22 17:06:14.0810 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys2010/10/22 17:06:14.0837 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys2010/10/22 17:06:14.0852 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys2010/10/22 17:06:14.0940 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys2010/10/22 17:06:15.0004 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys2010/10/22 17:06:15.0034 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys2010/10/22 17:06:15.0056 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys2010/10/22 17:06:15.0067 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys2010/10/22 17:06:15.0095 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys2010/10/22 17:06:15.0113 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys2010/10/22 17:06:15.0204 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys2010/10/22 17:06:15.0255 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys2010/10/22 17:06:15.0272 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys2010/10/22 17:06:15.0303 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys2010/10/22 17:06:15.0327 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys2010/10/22 17:06:15.0356 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys2010/10/22 17:06:15.0368 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys2010/10/22 17:06:15.0388 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys2010/10/22 17:06:15.0411 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys2010/10/22 17:06:15.0437 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys2010/10/22 17:06:15.0452 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys2010/10/22 17:06:15.0472 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys2010/10/22 17:06:15.0508 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys2010/10/22 17:06:15.0550 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys2010/10/22 17:06:15.0585 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS2010/10/22 17:06:15.0602 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys2010/10/22 17:06:15.0641 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys2010/10/22 17:06:15.0660 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys2010/10/22 17:06:15.0681 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys2010/10/22 17:06:15.0714 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys2010/10/22 17:06:15.0745 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys2010/10/22 17:06:15.0780 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys2010/10/22 17:06:15.0801 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys2010/10/22 17:06:15.0819 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys2010/10/22 17:06:15.0848 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys2010/10/22 17:06:15.0865 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys2010/10/22 17:06:15.0888 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys2010/10/22 17:06:15.0914 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys2010/10/22 17:06:15.0951 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys2010/10/22 17:06:15.0986 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys2010/10/22 17:06:16.0009 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys2010/10/22 17:06:16.0035 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2010/10/22 17:06:16.0044 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2010/10/22 17:06:16.0079 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys2010/10/22 17:06:16.0111 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys2010/10/22 17:06:16.0156 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys2010/10/22 17:06:16.0178 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys2010/10/22 17:06:16.0220 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys2010/10/22 17:06:16.0243 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys2010/10/22 17:06:16.0277 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys2010/10/22 17:06:16.0313 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys2010/10/22 17:06:16.0331 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys2010/10/22 17:06:16.0382 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys2010/10/22 17:06:16.0439 \HardDisk0\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)2010/10/22 17:06:16.0442 ================================================================================2010/10/22 17:06:16.0442 Scan finished2010/10/22 17:06:16.0442 ================================================================================2010/10/22 17:06:16.0450 Detected object count: 12010/10/22 17:06:21.0530 \HardDisk0\MBR - will be cured after reboot2010/10/22 17:06:21.0530 Rootkit.Win32.TDSS.tdl4(\HardDisk0\MBR) - User select action: Cure2010/10/22 17:06:31.0234 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332006 Share Posted October 23, 2010 What's your operating system? XP, Vista, W7?32 or 64 bit?Here's how to tell if you don't know:http://support.microsoft.com/kb/827218MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332011 Share Posted October 23, 2010 Windows 7 64 bit Professional Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332030 Share Posted October 23, 2010 64bit.... TDSSKiller should run OKDownload a fresh copy of TDSSKiller.Reboot into safe mode and run TDSSKiller, see what happens. MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332044 Share Posted October 23, 2010 Did what you asked but now I can't startup. Windows fails to start and cannot fix the problem thru startup repair or start normally. Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332047 Share Posted October 23, 2010 Do you have the W7 disk? MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332049 Share Posted October 23, 2010 the diagnoses and repair details does say:Root cause found:Unspecified changes to system configuration might have caused the problem.Session details:System Disk = \DevicePHarddisk0Window directory = D:\WindowsAutochk Run = 0Number of root cause = 1All error codes come back as = 0x0I don't know if any of that is relevant. Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332052 Share Posted October 23, 2010 Do you have the W7 disk? MrCyes, licensed burned copy.I can also get it to run system recovery options. Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332058 Share Posted October 23, 2010 2010/10/22 17:06:16.0439 \HardDisk0\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)2010/10/22 17:06:16.0442 ================================================================================2010/10/22 17:06:16.0442 Scan finished2010/10/22 17:06:16.0442 ================================================================================2010/10/22 17:06:16.0450 Detected object count: 12010/10/22 17:06:21.0530 \HardDisk0\MBR - will be cured after reboot2010/10/22 17:06:21.0530 Rootkit.Win32.TDSS.tdl4(\HardDisk0\MBR) - User select action: Cure2010/10/22 17:06:31.0234 Deinitialize successI know that the MBR (Master Boot Reord) is infected, that's what we're trying to fix with TDSSKller.Do you have the Windows 7 disk?MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332072 Share Posted October 23, 2010 I have a burned copy of student iso on disk Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332078 Share Posted October 23, 2010 Boot the computer and use this command at the command prompt: bootrec /fixmbrLink below explains:http://support.microsoft.com/kb/927392That will rebuild the MBR and the computer should start.MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332095 Share Posted October 23, 2010 I'm going to back up new files quickly thru ubuntu before this gets worse. Will reply as soonas I do as you advised. Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332195 Share Posted October 23, 2010 It didn't work at first. For quite a few tries so I followed the instructions listed under the note to rebuild. Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332197 Share Posted October 23, 2010 I ran TDSSKiller when I rebooted. Finally did not detect the original rootkit. Found a suspicious object which I have quarantined until your response. Here is the latest log:2010/10/23 01:54:32.0049 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:592010/10/23 01:54:32.0049 ================================================================================2010/10/23 01:54:32.0049 SystemInfo:2010/10/23 01:54:32.0049 2010/10/23 01:54:32.0049 OS Version: 6.1.7600 ServicePack: 0.02010/10/23 01:54:32.0049 Product type: Workstation2010/10/23 01:54:32.0049 ComputerName: ADA2010/10/23 01:54:32.0050 UserName: Suzanne2010/10/23 01:54:32.0050 Windows directory: C:\Windows2010/10/23 01:54:32.0050 System windows directory: C:\Windows2010/10/23 01:54:32.0050 Running under WOW642010/10/23 01:54:32.0050 Processor architecture: Intel x642010/10/23 01:54:32.0050 Number of processors: 42010/10/23 01:54:32.0050 Page size: 0x10002010/10/23 01:54:32.0050 Boot type: Normal boot2010/10/23 01:54:32.0050 ================================================================================2010/10/23 01:54:32.0050 Utility is running under WOW642010/10/23 01:54:32.0299 Initialize success2010/10/23 01:54:33.0392 ================================================================================2010/10/23 01:54:33.0392 Scan started2010/10/23 01:54:33.0392 Mode: Manual;2010/10/23 01:54:33.0392 ================================================================================2010/10/23 01:54:34.0680 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys2010/10/23 01:54:34.0743 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys2010/10/23 01:54:34.0793 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys2010/10/23 01:54:34.0850 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys2010/10/23 01:54:34.0875 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys2010/10/23 01:54:34.0894 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys2010/10/23 01:54:34.0971 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys2010/10/23 01:54:35.0015 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys2010/10/23 01:54:35.0071 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys2010/10/23 01:54:35.0090 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys2010/10/23 01:54:35.0118 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys2010/10/23 01:54:35.0335 amdkmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys2010/10/23 01:54:35.0449 amdkmdap (99ab7e4b24c80155dc4296f657faf3c7) C:\Windows\system32\DRIVERS\atikmpag.sys2010/10/23 01:54:35.0535 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys2010/10/23 01:54:35.0590 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys2010/10/23 01:54:35.0630 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys2010/10/23 01:54:35.0665 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys2010/10/23 01:54:35.0715 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys2010/10/23 01:54:35.0786 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys2010/10/23 01:54:35.0804 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys2010/10/23 01:54:35.0859 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys2010/10/23 01:54:35.0890 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys2010/10/23 01:54:35.0962 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys2010/10/23 01:54:36.0041 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys2010/10/23 01:54:36.0075 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys2010/10/23 01:54:36.0121 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys2010/10/23 01:54:36.0184 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys2010/10/23 01:54:36.0204 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys2010/10/23 01:54:36.0221 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys2010/10/23 01:54:36.0234 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys2010/10/23 01:54:36.0262 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys2010/10/23 01:54:36.0277 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys2010/10/23 01:54:36.0292 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys2010/10/23 01:54:36.0306 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys2010/10/23 01:54:36.0339 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys2010/10/23 01:54:36.0383 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys2010/10/23 01:54:36.0439 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys2010/10/23 01:54:36.0458 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys2010/10/23 01:54:36.0495 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys2010/10/23 01:54:36.0551 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys2010/10/23 01:54:36.0579 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys2010/10/23 01:54:36.0602 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys2010/10/23 01:54:36.0623 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys2010/10/23 01:54:36.0664 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys2010/10/23 01:54:36.0682 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys2010/10/23 01:54:36.0729 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys2010/10/23 01:54:36.0771 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys2010/10/23 01:54:36.0800 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys2010/10/23 01:54:36.0850 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys2010/10/23 01:54:36.0906 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys2010/10/23 01:54:36.0944 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys2010/10/23 01:54:37.0042 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys2010/10/23 01:54:37.0107 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys2010/10/23 01:54:37.0133 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys2010/10/23 01:54:37.0161 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys2010/10/23 01:54:37.0191 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys2010/10/23 01:54:37.0210 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys2010/10/23 01:54:37.0243 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys2010/10/23 01:54:37.0265 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys2010/10/23 01:54:37.0280 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys2010/10/23 01:54:37.0304 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys2010/10/23 01:54:37.0325 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys2010/10/23 01:54:37.0340 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys2010/10/23 01:54:37.0381 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys2010/10/23 01:54:37.0400 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys2010/10/23 01:54:37.0522 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys2010/10/23 01:54:37.0597 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys2010/10/23 01:54:37.0677 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys2010/10/23 01:54:37.0698 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys2010/10/23 01:54:37.0714 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys2010/10/23 01:54:37.0729 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys2010/10/23 01:54:37.0784 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys2010/10/23 01:54:37.0815 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys2010/10/23 01:54:37.0865 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys2010/10/23 01:54:37.0895 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys2010/10/23 01:54:37.0948 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys2010/10/23 01:54:37.0979 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys2010/10/23 01:54:38.0031 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys2010/10/23 01:54:38.0155 IntcAzAudAddService (d8bce8176cb1084c6f5830c019d47166) C:\Windows\system32\drivers\RTKVHD64.sys2010/10/23 01:54:38.0179 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys2010/10/23 01:54:38.0209 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys2010/10/23 01:54:38.0230 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys2010/10/23 01:54:38.0251 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys2010/10/23 01:54:38.0267 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys2010/10/23 01:54:38.0297 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys2010/10/23 01:54:38.0317 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys2010/10/23 01:54:38.0337 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys2010/10/23 01:54:38.0386 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys2010/10/23 01:54:38.0419 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys2010/10/23 01:54:38.0509 klmdb (721117c01761340908081f647f177a45) C:\Windows\system32\drivers\klmdb.sys2010/10/23 01:54:38.0546 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys2010/10/23 01:54:38.0587 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys2010/10/23 01:54:38.0607 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys2010/10/23 01:54:38.0677 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys2010/10/23 01:54:38.0859 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys2010/10/23 01:54:38.0967 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys2010/10/23 01:54:39.0003 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys2010/10/23 01:54:39.0067 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys2010/10/23 01:54:39.0095 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys2010/10/23 01:54:39.0130 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys2010/10/23 01:54:39.0156 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys2010/10/23 01:54:39.0211 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys2010/10/23 01:54:39.0258 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys2010/10/23 01:54:39.0301 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys2010/10/23 01:54:39.0349 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys2010/10/23 01:54:39.0394 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys2010/10/23 01:54:39.0454 MpFilter (c4d8c3031c7cd5884ca856b15307e997) C:\Windows\system32\DRIVERS\MpFilter.sys2010/10/23 01:54:39.0472 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys2010/10/23 01:54:39.0498 MpNWMon (a768f58c55d3f303e686a7646348aec3) C:\Windows\system32\DRIVERS\MpNWMon.sys2010/10/23 01:54:39.0519 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys2010/10/23 01:54:39.0554 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys2010/10/23 01:54:39.0581 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys2010/10/23 01:54:39.0611 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys2010/10/23 01:54:39.0635 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys2010/10/23 01:54:39.0685 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys2010/10/23 01:54:39.0711 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys2010/10/23 01:54:39.0763 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys2010/10/23 01:54:39.0784 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys2010/10/23 01:54:39.0804 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys2010/10/23 01:54:39.0862 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys2010/10/23 01:54:39.0893 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys2010/10/23 01:54:39.0907 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys2010/10/23 01:54:39.0948 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys2010/10/23 01:54:39.0965 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys2010/10/23 01:54:39.0979 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys2010/10/23 01:54:40.0000 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys2010/10/23 01:54:40.0043 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys2010/10/23 01:54:40.0112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys2010/10/23 01:54:40.0184 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys2010/10/23 01:54:40.0243 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys2010/10/23 01:54:40.0309 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys2010/10/23 01:54:40.0376 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys2010/10/23 01:54:40.0400 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys2010/10/23 01:54:40.0431 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys2010/10/23 01:54:40.0455 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys2010/10/23 01:54:40.0479 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys2010/10/23 01:54:40.0539 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys2010/10/23 01:54:40.0589 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys2010/10/23 01:54:40.0640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys2010/10/23 01:54:40.0700 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys2010/10/23 01:54:40.0733 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys2010/10/23 01:54:40.0753 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys2010/10/23 01:54:40.0806 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys2010/10/23 01:54:40.0827 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys2010/10/23 01:54:40.0882 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys2010/10/23 01:54:40.0948 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys2010/10/23 01:54:40.0974 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys2010/10/23 01:54:40.0990 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys2010/10/23 01:54:41.0020 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys2010/10/23 01:54:41.0032 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys2010/10/23 01:54:41.0053 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys2010/10/23 01:54:41.0070 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys2010/10/23 01:54:41.0151 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys2010/10/23 01:54:41.0167 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys2010/10/23 01:54:41.0209 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys2010/10/23 01:54:41.0250 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys2010/10/23 01:54:41.0288 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys2010/10/23 01:54:41.0304 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys2010/10/23 01:54:41.0332 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys2010/10/23 01:54:41.0378 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys2010/10/23 01:54:41.0406 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys2010/10/23 01:54:41.0449 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys2010/10/23 01:54:41.0513 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys2010/10/23 01:54:41.0549 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys2010/10/23 01:54:41.0584 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys2010/10/23 01:54:41.0611 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys2010/10/23 01:54:41.0646 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys2010/10/23 01:54:41.0678 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys2010/10/23 01:54:41.0698 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys2010/10/23 01:54:41.0727 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys2010/10/23 01:54:41.0765 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys2010/10/23 01:54:41.0832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys2010/10/23 01:54:41.0902 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys2010/10/23 01:54:41.0959 RTL8192cu (f886e4d6d405b27e7bffde1ccefb101d) C:\Windows\system32\DRIVERS\RTL8192cu.sys2010/10/23 01:54:42.0045 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys2010/10/23 01:54:42.0106 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys2010/10/23 01:54:42.0144 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys2010/10/23 01:54:42.0171 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys2010/10/23 01:54:42.0199 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys2010/10/23 01:54:42.0239 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys2010/10/23 01:54:42.0268 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys2010/10/23 01:54:42.0282 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys2010/10/23 01:54:42.0309 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys2010/10/23 01:54:42.0324 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys2010/10/23 01:54:42.0338 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys2010/10/23 01:54:42.0352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys2010/10/23 01:54:42.0408 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys2010/10/23 01:54:42.0441 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys2010/10/23 01:54:42.0469 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys2010/10/23 01:54:42.0523 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys2010/10/23 01:54:42.0633 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys2010/10/23 01:54:42.0633 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb2010/10/23 01:54:42.0645 sptd - detected Locked file (1)2010/10/23 01:54:42.0689 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys2010/10/23 01:54:42.0742 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys2010/10/23 01:54:42.0784 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys2010/10/23 01:54:42.0845 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys2010/10/23 01:54:42.0908 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys2010/10/23 01:54:42.0956 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys2010/10/23 01:54:42.0972 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys2010/10/23 01:54:43.0064 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys2010/10/23 01:54:43.0180 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys2010/10/23 01:54:43.0220 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys2010/10/23 01:54:43.0253 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys2010/10/23 01:54:43.0268 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys2010/10/23 01:54:43.0293 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys2010/10/23 01:54:43.0321 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys2010/10/23 01:54:43.0356 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys2010/10/23 01:54:43.0420 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys2010/10/23 01:54:43.0451 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys2010/10/23 01:54:43.0477 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys2010/10/23 01:54:43.0505 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys2010/10/23 01:54:43.0554 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys2010/10/23 01:54:43.0586 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys2010/10/23 01:54:43.0617 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys2010/10/23 01:54:43.0664 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys2010/10/23 01:54:43.0690 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys2010/10/23 01:54:43.0707 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys2010/10/23 01:54:43.0736 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys2010/10/23 01:54:43.0794 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys2010/10/23 01:54:43.0824 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys2010/10/23 01:54:43.0871 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS2010/10/23 01:54:43.0887 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys2010/10/23 01:54:43.0927 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys2010/10/23 01:54:43.0983 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys2010/10/23 01:54:44.0012 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys2010/10/23 01:54:44.0033 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys2010/10/23 01:54:44.0064 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys2010/10/23 01:54:44.0099 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys2010/10/23 01:54:44.0120 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys2010/10/23 01:54:44.0150 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys2010/10/23 01:54:44.0178 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys2010/10/23 01:54:44.0215 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys2010/10/23 01:54:44.0252 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys2010/10/23 01:54:44.0278 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys2010/10/23 01:54:44.0326 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys2010/10/23 01:54:44.0383 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys2010/10/23 01:54:44.0417 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys2010/10/23 01:54:44.0456 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2010/10/23 01:54:44.0479 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2010/10/23 01:54:44.0520 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys2010/10/23 01:54:44.0552 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys2010/10/23 01:54:44.0620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys2010/10/23 01:54:44.0642 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys2010/10/23 01:54:44.0717 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys2010/10/23 01:54:44.0740 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys2010/10/23 01:54:44.0774 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys2010/10/23 01:54:44.0810 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys2010/10/23 01:54:44.0839 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys2010/10/23 01:54:44.0915 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys2010/10/23 01:54:45.0021 ================================================================================2010/10/23 01:54:45.0021 Scan finished2010/10/23 01:54:45.0021 ================================================================================2010/10/23 01:54:45.0029 Detected object count: 12010/10/23 01:55:19.0321 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys2010/10/23 01:55:19.0321 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb2010/10/23 01:55:19.0327 C:\Windows\system32\Drivers\sptd.sys - quarantined2010/10/23 01:55:19.0348 Locked file(sptd) - User select action: Quarantine2010/10/23 01:55:23.0570 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332253 Share Posted October 23, 2010 OK that's good news. What command did you use to "fix" the MBR??Below is the official TDSSKiller page, I just want you to see that I didn't steer you wrong about it running on all systems including 64 bit ones.http://support.kaspersky.com/viruses/solutions?qid=208280684Unfortunately sometimes things go wrong but there's usually ways to recover.--------------------------Please run TDSSKiller again and nothing should be found.------------------------Update and run a quick scan with MBAM and post the log, MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332420 Share Posted October 23, 2010 I appreciate your help and support. I'm confident in your suggestions and figure my computer can only get better from here. When you mentioned the Windows 7 disk, I thought reformat/recovery. So I backed up what I could.When I just typed bootrec /fixmbr the computer reported the problem fixed, but nothing changed. So I followed the instructions on the site you referenced:Note If rebuilding the BCD does not resolve the startup issue, you can export and delete the BCD, and then run this option again. By doing this, you make sure that the BCD is completely rebuilt. To do this, type the following commands at the Windows RE command prompt: * bcdedit /export C:\BCD_Backup * c: * cd boot * attrib bcd -s -h -r * ren c:\boot\bcd bcd.old * bootrec /RebuildBcdThen I typed bootrec /fixmbr, restarted and succeeded in properly restarting for the first time since the virus infected my system. I will restart and post logs from TDSSKiller and MBAM Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332427 Share Posted October 23, 2010 OK....Thanks MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332431 Share Posted October 23, 2010 Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4927Windows 6.1.7600Internet Explorer 8.0.7600.1638510/23/2010 8:58:48 AMmbam-log-2010-10-23 (08-58-48).txtScan type: Quick scanObjects scanned: 140410Time elapsed: 3 minute(s), 47 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)2010/10/23 08:47:50.0005 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:592010/10/23 08:47:50.0005 ================================================================================2010/10/23 08:47:50.0005 SystemInfo:2010/10/23 08:47:50.0005 2010/10/23 08:47:50.0005 OS Version: 6.1.7600 ServicePack: 0.02010/10/23 08:47:50.0005 Product type: Workstation2010/10/23 08:47:50.0005 ComputerName: ADA2010/10/23 08:47:50.0005 UserName: Suzanne2010/10/23 08:47:50.0005 Windows directory: C:\Windows2010/10/23 08:47:50.0005 System windows directory: C:\Windows2010/10/23 08:47:50.0005 Running under WOW642010/10/23 08:47:50.0005 Processor architecture: Intel x642010/10/23 08:47:50.0005 Number of processors: 42010/10/23 08:47:50.0005 Page size: 0x10002010/10/23 08:47:50.0005 Boot type: Normal boot2010/10/23 08:47:50.0005 ================================================================================2010/10/23 08:47:50.0005 Utility is running under WOW642010/10/23 08:47:50.0348 Initialize success2010/10/23 08:47:51.0518 ================================================================================2010/10/23 08:47:51.0518 Scan started2010/10/23 08:47:51.0518 Mode: Manual;2010/10/23 08:47:51.0518 ================================================================================2010/10/23 08:47:53.0951 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys2010/10/23 08:47:54.0029 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys2010/10/23 08:47:54.0092 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys2010/10/23 08:47:54.0217 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys2010/10/23 08:47:54.0341 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys2010/10/23 08:47:54.0497 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys2010/10/23 08:47:54.0700 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys2010/10/23 08:47:54.0934 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys2010/10/23 08:47:55.0075 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys2010/10/23 08:47:55.0153 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys2010/10/23 08:47:55.0168 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys2010/10/23 08:47:55.0433 amdkmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys2010/10/23 08:47:55.0589 amdkmdap (99ab7e4b24c80155dc4296f657faf3c7) C:\Windows\system32\DRIVERS\atikmpag.sys2010/10/23 08:47:55.0636 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys2010/10/23 08:47:55.0667 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys2010/10/23 08:47:55.0683 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys2010/10/23 08:47:55.0699 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys2010/10/23 08:47:55.0730 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys2010/10/23 08:47:55.0761 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys2010/10/23 08:47:55.0777 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys2010/10/23 08:47:55.0823 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys2010/10/23 08:47:55.0839 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys2010/10/23 08:47:55.0870 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys2010/10/23 08:47:55.0917 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys2010/10/23 08:47:55.0948 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys2010/10/23 08:47:55.0995 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys2010/10/23 08:47:56.0026 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys2010/10/23 08:47:56.0057 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys2010/10/23 08:47:56.0073 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys2010/10/23 08:47:56.0073 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys2010/10/23 08:47:56.0120 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys2010/10/23 08:47:56.0151 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys2010/10/23 08:47:56.0167 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys2010/10/23 08:47:56.0182 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys2010/10/23 08:47:56.0198 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys2010/10/23 08:47:56.0213 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys2010/10/23 08:47:56.0245 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys2010/10/23 08:47:56.0276 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys2010/10/23 08:47:56.0307 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys2010/10/23 08:47:56.0338 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys2010/10/23 08:47:56.0369 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys2010/10/23 08:47:56.0385 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys2010/10/23 08:47:56.0416 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys2010/10/23 08:47:56.0432 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys2010/10/23 08:47:56.0447 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys2010/10/23 08:47:56.0525 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys2010/10/23 08:47:56.0635 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys2010/10/23 08:47:56.0697 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys2010/10/23 08:47:56.0759 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys2010/10/23 08:47:56.0869 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys2010/10/23 08:47:56.0931 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys2010/10/23 08:47:57.0118 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys2010/10/23 08:47:57.0243 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys2010/10/23 08:47:57.0274 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys2010/10/23 08:47:57.0290 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys2010/10/23 08:47:57.0321 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys2010/10/23 08:47:57.0352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys2010/10/23 08:47:57.0383 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys2010/10/23 08:47:57.0399 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys2010/10/23 08:47:57.0415 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys2010/10/23 08:47:57.0446 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys2010/10/23 08:47:57.0477 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys2010/10/23 08:47:57.0493 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys2010/10/23 08:47:57.0524 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys2010/10/23 08:47:57.0555 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys2010/10/23 08:47:57.0602 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys2010/10/23 08:47:57.0649 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys2010/10/23 08:47:57.0695 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys2010/10/23 08:47:57.0695 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys2010/10/23 08:47:57.0711 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys2010/10/23 08:47:57.0727 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys2010/10/23 08:47:57.0758 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys2010/10/23 08:47:57.0789 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys2010/10/23 08:47:57.0820 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys2010/10/23 08:47:57.0851 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys2010/10/23 08:47:57.0867 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys2010/10/23 08:47:57.0898 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys2010/10/23 08:47:57.0929 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys2010/10/23 08:47:58.0039 IntcAzAudAddService (d8bce8176cb1084c6f5830c019d47166) C:\Windows\system32\drivers\RTKVHD64.sys2010/10/23 08:47:58.0085 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys2010/10/23 08:47:58.0117 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys2010/10/23 08:47:58.0148 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys2010/10/23 08:47:58.0163 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys2010/10/23 08:47:58.0179 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys2010/10/23 08:47:58.0195 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys2010/10/23 08:47:58.0226 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys2010/10/23 08:47:58.0241 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys2010/10/23 08:47:58.0273 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys2010/10/23 08:47:58.0288 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys2010/10/23 08:47:58.0319 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys2010/10/23 08:47:58.0351 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys2010/10/23 08:47:58.0382 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys2010/10/23 08:47:58.0429 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys2010/10/23 08:47:58.0475 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys2010/10/23 08:47:58.0507 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys2010/10/23 08:47:58.0522 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys2010/10/23 08:47:58.0553 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys2010/10/23 08:47:58.0553 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys2010/10/23 08:47:58.0585 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys2010/10/23 08:47:58.0600 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys2010/10/23 08:47:58.0631 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys2010/10/23 08:47:58.0678 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys2010/10/23 08:47:58.0709 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys2010/10/23 08:47:58.0725 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys2010/10/23 08:47:58.0756 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys2010/10/23 08:47:58.0787 MpFilter (c4d8c3031c7cd5884ca856b15307e997) C:\Windows\system32\DRIVERS\MpFilter.sys2010/10/23 08:47:58.0803 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys2010/10/23 08:47:58.0819 MpNWMon (a768f58c55d3f303e686a7646348aec3) C:\Windows\system32\DRIVERS\MpNWMon.sys2010/10/23 08:47:58.0850 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys2010/10/23 08:47:58.0897 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys2010/10/23 08:47:58.0928 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys2010/10/23 08:47:58.0959 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys2010/10/23 08:47:58.0975 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys2010/10/23 08:47:59.0021 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys2010/10/23 08:47:59.0037 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys2010/10/23 08:47:59.0084 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys2010/10/23 08:47:59.0115 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys2010/10/23 08:47:59.0131 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys2010/10/23 08:47:59.0162 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys2010/10/23 08:47:59.0209 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys2010/10/23 08:47:59.0240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys2010/10/23 08:47:59.0271 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys2010/10/23 08:47:59.0287 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys2010/10/23 08:47:59.0302 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys2010/10/23 08:47:59.0318 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys2010/10/23 08:47:59.0349 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys2010/10/23 08:47:59.0396 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys2010/10/23 08:47:59.0443 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys2010/10/23 08:47:59.0474 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys2010/10/23 08:47:59.0505 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys2010/10/23 08:47:59.0521 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys2010/10/23 08:47:59.0552 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys2010/10/23 08:47:59.0567 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys2010/10/23 08:47:59.0583 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys2010/10/23 08:47:59.0630 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys2010/10/23 08:47:59.0677 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys2010/10/23 08:47:59.0692 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys2010/10/23 08:47:59.0723 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys2010/10/23 08:47:59.0770 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys2010/10/23 08:47:59.0801 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys2010/10/23 08:47:59.0833 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys2010/10/23 08:47:59.0848 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys2010/10/23 08:47:59.0879 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys2010/10/23 08:47:59.0911 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys2010/10/23 08:47:59.0957 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys2010/10/23 08:47:59.0989 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys2010/10/23 08:48:00.0020 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys2010/10/23 08:48:00.0035 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys2010/10/23 08:48:00.0051 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys2010/10/23 08:48:00.0067 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys2010/10/23 08:48:00.0082 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys2010/10/23 08:48:00.0160 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys2010/10/23 08:48:00.0176 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys2010/10/23 08:48:00.0269 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys2010/10/23 08:48:00.0332 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys2010/10/23 08:48:00.0394 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys2010/10/23 08:48:00.0425 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys2010/10/23 08:48:00.0503 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys2010/10/23 08:48:00.0566 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys2010/10/23 08:48:00.0613 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys2010/10/23 08:48:00.0659 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys2010/10/23 08:48:00.0691 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys2010/10/23 08:48:00.0722 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys2010/10/23 08:48:00.0753 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys2010/10/23 08:48:00.0784 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys2010/10/23 08:48:00.0831 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys2010/10/23 08:48:00.0862 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys2010/10/23 08:48:00.0878 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys2010/10/23 08:48:00.0893 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys2010/10/23 08:48:00.0925 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys2010/10/23 08:48:00.0987 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys2010/10/23 08:48:01.0034 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys2010/10/23 08:48:01.0081 RTL8192cu (f886e4d6d405b27e7bffde1ccefb101d) C:\Windows\system32\DRIVERS\RTL8192cu.sys2010/10/23 08:48:01.0143 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys2010/10/23 08:48:01.0237 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys2010/10/23 08:48:01.0283 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys2010/10/23 08:48:01.0299 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys2010/10/23 08:48:01.0346 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys2010/10/23 08:48:01.0377 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys2010/10/23 08:48:01.0408 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys2010/10/23 08:48:01.0424 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys2010/10/23 08:48:01.0455 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys2010/10/23 08:48:01.0471 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys2010/10/23 08:48:01.0471 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys2010/10/23 08:48:01.0502 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys2010/10/23 08:48:01.0595 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys2010/10/23 08:48:01.0628 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys2010/10/23 08:48:01.0647 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys2010/10/23 08:48:01.0707 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys2010/10/23 08:48:01.0827 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys2010/10/23 08:48:02.0027 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys2010/10/23 08:48:02.0105 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys2010/10/23 08:48:02.0199 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys2010/10/23 08:48:02.0277 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys2010/10/23 08:48:02.0401 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys2010/10/23 08:48:02.0464 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys2010/10/23 08:48:02.0651 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys2010/10/23 08:48:02.0838 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys2010/10/23 08:48:02.0885 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys2010/10/23 08:48:02.0932 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys2010/10/23 08:48:02.0947 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys2010/10/23 08:48:03.0010 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys2010/10/23 08:48:03.0057 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys2010/10/23 08:48:03.0103 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys2010/10/23 08:48:03.0181 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys2010/10/23 08:48:03.0213 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys2010/10/23 08:48:03.0244 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys2010/10/23 08:48:03.0275 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys2010/10/23 08:48:03.0306 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys2010/10/23 08:48:03.0322 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys2010/10/23 08:48:03.0369 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys2010/10/23 08:48:03.0384 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys2010/10/23 08:48:03.0415 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys2010/10/23 08:48:03.0509 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys2010/10/23 08:48:03.0556 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys2010/10/23 08:48:03.0587 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys2010/10/23 08:48:03.0665 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys2010/10/23 08:48:03.0727 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS2010/10/23 08:48:03.0774 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys2010/10/23 08:48:03.0837 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys2010/10/23 08:48:03.0852 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys2010/10/23 08:48:03.0883 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys2010/10/23 08:48:03.0899 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys2010/10/23 08:48:03.0915 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys2010/10/23 08:48:03.0993 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys2010/10/23 08:48:04.0008 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys2010/10/23 08:48:04.0039 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys2010/10/23 08:48:04.0071 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys2010/10/23 08:48:04.0149 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys2010/10/23 08:48:04.0180 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys2010/10/23 08:48:04.0195 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys2010/10/23 08:48:04.0242 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys2010/10/23 08:48:04.0273 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys2010/10/23 08:48:04.0305 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys2010/10/23 08:48:04.0351 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2010/10/23 08:48:04.0367 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2010/10/23 08:48:04.0414 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys2010/10/23 08:48:04.0476 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys2010/10/23 08:48:04.0617 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys2010/10/23 08:48:04.0648 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys2010/10/23 08:48:04.0710 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys2010/10/23 08:48:04.0757 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys2010/10/23 08:48:04.0804 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys2010/10/23 08:48:04.0835 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys2010/10/23 08:48:04.0866 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys2010/10/23 08:48:04.0913 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys2010/10/23 08:48:04.0975 ================================================================================2010/10/23 08:48:04.0975 Scan finished2010/10/23 08:48:04.0975 ================================================================================2010/10/23 08:48:10.0794 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332440 Share Posted October 23, 2010 Good Job How is it?? MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332445 Share Posted October 23, 2010 AMAZING! Thank you thank you thank you!I'm at UCSD and it's midterms so having my computer back is indescribable! Link to post Share on other sites More sharing options...
MrCharlie Posted October 23, 2010 ID:332457 Share Posted October 23, 2010 GoodBefore you go....lets check your systems security for any holes:Please do this:Download Security Check by screen317 from HERE or HERE.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.MrC Link to post Share on other sites More sharing options...
suzanne89 Posted October 23, 2010 Author ID:332648 Share Posted October 23, 2010 Results of screen317's Security Check version 0.99.5 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 21 Adobe Flash Player 10.1.82.76 Adobe Reader 9.4.0 Mozilla Firefox (3.6.10) Firefox Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Microsoft Security Essentials msseces.exe ````````````````````````````````DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) ``````````End of Log```````````` Link to post Share on other sites More sharing options...
MrCharlie Posted October 24, 2010 ID:332950 Share Posted October 24, 2010 OK, just a couple of items: Older versions of programs are vulnerable to malwareJava Link to post Share on other sites More sharing options...
Recommended Posts