Jump to content

Recommended Posts

My home computer recently exhibited signs of running slow and internet explorer search results going to advertisements instead of the correct page. The computer currently has SuperAntiSpyware Free Edition, Malwarebytes Anti-Malware, and HiJack this. The logs are posted below.

It is running AVG Anti-Virus Free which was installed 2 days ago after the issues were noted. Previously running Symantec Antivirus and replaced with AVG after noticing computer issues.

AVG is indicating multiple Threat detections in C:\windows\system32\drivers\cdfs.sys - Trojan horse BackDoor.Generic13.BKVZ and Trojan horse Generic22.BLTM. AVG has been unable to clean.

I also installed TDSSKiller.exe and it identified an issue with C:\windows\system32\drivers\cdfs.sys. In trying to clean it indicated an error processing file. The log file is also attached.

The computer is a Dell Latitude D830 that was purchased used.

It is running Windows XP SP3

Intell 2 Dou CPU

T8300 @ 2.4GHZ

789MHZ 1.99 RAM

Thank you for your much needed assistance.

2011/05/31 22:04:10.0656 0396 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24

2011/05/31 22:04:11.0359 0396 ================================================================================

2011/05/31 22:04:11.0359 0396 SystemInfo:

2011/05/31 22:04:11.0359 0396

2011/05/31 22:04:11.0359 0396 OS Version: 5.1.2600 ServicePack: 3.0

2011/05/31 22:04:11.0359 0396 Product type: Workstation

2011/05/31 22:04:11.0359 0396 ComputerName: TTHOMPSON

2011/05/31 22:04:11.0359 0396 UserName: toddthompson

2011/05/31 22:04:11.0359 0396 Windows directory: C:\WINDOWS

2011/05/31 22:04:11.0359 0396 System windows directory: C:\WINDOWS

2011/05/31 22:04:11.0359 0396 Processor architecture: Intel x86

2011/05/31 22:04:11.0359 0396 Number of processors: 2

2011/05/31 22:04:11.0359 0396 Page size: 0x1000

2011/05/31 22:04:11.0359 0396 Boot type: Normal boot

2011/05/31 22:04:11.0359 0396 ================================================================================

2011/05/31 22:04:13.0421 0396 Initialize success

2011/05/31 22:04:20.0718 4056 ================================================================================

2011/05/31 22:04:20.0718 4056 Scan started

2011/05/31 22:04:20.0718 4056 Mode: Manual;

2011/05/31 22:04:20.0718 4056 ================================================================================

2011/05/31 22:04:22.0265 4056 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/05/31 22:04:22.0343 4056 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/05/31 22:04:22.0468 4056 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/05/31 22:04:22.0656 4056 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys

2011/05/31 22:04:22.0968 4056 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys

2011/05/31 22:04:23.0109 4056 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

2011/05/31 22:04:23.0234 4056 Arp1394 (2692d5744cc568ace61ab1bc6e3f487f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/05/31 22:04:23.0312 4056 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\arp1394.sys. md5: 2692d5744cc568ace61ab1bc6e3f487f

2011/05/31 22:04:23.0328 4056 Arp1394 - detected Rootkit.Win32.ZAccess.c (0)

2011/05/31 22:04:23.0625 4056 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/05/31 22:04:23.0718 4056 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/05/31 22:04:23.0859 4056 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/05/31 22:04:23.0953 4056 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/05/31 22:04:24.0078 4056 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys

2011/05/31 22:04:24.0218 4056 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys

2011/05/31 22:04:24.0328 4056 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\system32\Drivers\avgtdix.sys

2011/05/31 22:04:24.0421 4056 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

2011/05/31 22:04:24.0562 4056 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

2011/05/31 22:04:24.0859 4056 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/05/31 22:04:25.0000 4056 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/05/31 22:04:25.0109 4056 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/05/31 22:04:25.0218 4056 Cdfs (41c90f41af3366b67645b1f2d64bc196) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/05/31 22:04:25.0265 4056 Cdfs - detected Rootkit.Win32.ZAccess.c (0)

2011/05/31 22:04:25.0328 4056 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/05/31 22:04:25.0359 4056 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

2011/05/31 22:04:25.0484 4056 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2011/05/31 22:04:25.0875 4056 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2011/05/31 22:04:26.0062 4056 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys

2011/05/31 22:04:26.0296 4056 dfmirage (d8cd6a2a94f545858eec6117f0d5dff4) C:\WINDOWS\system32\DRIVERS\dfmirage.sys

2011/05/31 22:04:26.0421 4056 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/05/31 22:04:26.0531 4056 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS

2011/05/31 22:04:26.0609 4056 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

2011/05/31 22:04:26.0671 4056 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

2011/05/31 22:04:26.0750 4056 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS

2011/05/31 22:04:26.0812 4056 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

2011/05/31 22:04:26.0875 4056 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

2011/05/31 22:04:26.0984 4056 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

2011/05/31 22:04:27.0062 4056 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

2011/05/31 22:04:27.0125 4056 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

2011/05/31 22:04:27.0218 4056 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

2011/05/31 22:04:27.0343 4056 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2011/05/31 22:04:27.0437 4056 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2011/05/31 22:04:27.0515 4056 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/05/31 22:04:27.0593 4056 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/05/31 22:04:27.0734 4056 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/05/31 22:04:27.0843 4056 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

2011/05/31 22:04:27.0921 4056 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

2011/05/31 22:04:28.0109 4056 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

2011/05/31 22:04:28.0234 4056 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys

2011/05/31 22:04:28.0359 4056 EuMusDesignVirtualAudioCableWdm (0531fc85e96822d60d3e41f30f075fc2) C:\WINDOWS\system32\DRIVERS\PC2TVAudio.sys

2011/05/31 22:04:28.0468 4056 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/05/31 22:04:28.0562 4056 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

2011/05/31 22:04:28.0687 4056 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2011/05/31 22:04:28.0734 4056 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

2011/05/31 22:04:28.0875 4056 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2011/05/31 22:04:28.0937 4056 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/05/31 22:04:29.0046 4056 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/05/31 22:04:29.0125 4056 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2011/05/31 22:04:29.0203 4056 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/05/31 22:04:29.0312 4056 guardian2 (c0bdab85f3e8b2138c513255e2bcc4d8) C:\WINDOWS\system32\Drivers\oz776.sys

2011/05/31 22:04:29.0437 4056 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/05/31 22:04:29.0531 4056 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/05/31 22:04:29.0687 4056 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

2011/05/31 22:04:29.0765 4056 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

2011/05/31 22:04:29.0906 4056 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/05/31 22:04:30.0203 4056 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/05/31 22:04:30.0578 4056 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2011/05/31 22:04:30.0765 4056 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/05/31 22:04:30.0906 4056 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/05/31 22:04:30.0937 4056 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2011/05/31 22:04:30.0968 4056 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/05/31 22:04:31.0000 4056 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/05/31 22:04:31.0078 4056 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/05/31 22:04:31.0171 4056 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/05/31 22:04:31.0218 4056 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/05/31 22:04:31.0281 4056 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/05/31 22:04:31.0343 4056 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/05/31 22:04:31.0390 4056 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/05/31 22:04:31.0468 4056 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/05/31 22:04:31.0734 4056 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

2011/05/31 22:04:31.0812 4056 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/05/31 22:04:31.0921 4056 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2011/05/31 22:04:31.0968 4056 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/05/31 22:04:32.0093 4056 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/05/31 22:04:32.0140 4056 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/05/31 22:04:32.0265 4056 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/05/31 22:04:32.0359 4056 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/05/31 22:04:32.0453 4056 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/05/31 22:04:32.0546 4056 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/05/31 22:04:32.0578 4056 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/05/31 22:04:32.0609 4056 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/05/31 22:04:32.0703 4056 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/05/31 22:04:32.0734 4056 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2011/05/31 22:04:32.0781 4056 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/05/31 22:04:32.0828 4056 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/05/31 22:04:32.0906 4056 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/05/31 22:04:32.0984 4056 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/05/31 22:04:33.0046 4056 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/05/31 22:04:33.0140 4056 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/05/31 22:04:33.0218 4056 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/05/31 22:04:33.0312 4056 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/05/31 22:04:33.0359 4056 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/05/31 22:04:33.0437 4056 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/05/31 22:04:33.0500 4056 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/05/31 22:04:33.0875 4056 nv (77f427e51479c66c09f967d15b639b37) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/05/31 22:04:34.0109 4056 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/05/31 22:04:34.0171 4056 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/05/31 22:04:34.0265 4056 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/05/31 22:04:34.0500 4056 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

2011/05/31 22:04:34.0546 4056 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/05/31 22:04:34.0593 4056 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/05/31 22:04:34.0703 4056 PBADRV (9ec004140e1b675acdeb07f66ee797a4) C:\WINDOWS\system32\DRIVERS\PBADRV.sys

2011/05/31 22:04:34.0781 4056 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/05/31 22:04:34.0875 4056 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/05/31 22:04:34.0921 4056 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

2011/05/31 22:04:35.0265 4056 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/05/31 22:04:35.0328 4056 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/05/31 22:04:35.0390 4056 PTDUBus (dbaf8a53d7669efb4742896b458181d0) C:\WINDOWS\system32\DRIVERS\PTDUBus.sys

2011/05/31 22:04:35.0453 4056 PTDUMdm (fa4e2a5cf478624d3154fb045fb2d076) C:\WINDOWS\system32\DRIVERS\PTDUMdm.sys

2011/05/31 22:04:35.0593 4056 PTDUVsp (9c489b38ca13f251289004fe4f8631dd) C:\WINDOWS\system32\DRIVERS\PTDUVsp.sys

2011/05/31 22:04:35.0687 4056 PTDUWFLT (37a75ac00d26364a5ea2050a6f85c2d0) C:\WINDOWS\system32\DRIVERS\PTDUWFLT.sys

2011/05/31 22:04:35.0796 4056 PTDUWWAN (f4a789a94ff74a47eb321be4465259d0) C:\WINDOWS\system32\DRIVERS\PTDUWWAN.sys

2011/05/31 22:04:35.0828 4056 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/05/31 22:04:35.0968 4056 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/05/31 22:04:36.0250 4056 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/05/31 22:04:36.0390 4056 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/05/31 22:04:36.0453 4056 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/05/31 22:04:36.0500 4056 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/05/31 22:04:36.0562 4056 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/05/31 22:04:36.0640 4056 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/05/31 22:04:36.0703 4056 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/05/31 22:04:36.0828 4056 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/05/31 22:04:36.0890 4056 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/05/31 22:04:36.0968 4056 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

2011/05/31 22:04:37.0140 4056 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

2011/05/31 22:04:37.0171 4056 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

2011/05/31 22:04:37.0296 4056 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/05/31 22:04:37.0406 4056 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/05/31 22:04:37.0546 4056 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/05/31 22:04:37.0625 4056 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

2011/05/31 22:04:37.0828 4056 snapman (e78c98378a071ce4d48a7c514fa98fa1) C:\WINDOWS\system32\DRIVERS\snapman.sys

2011/05/31 22:04:38.0000 4056 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/05/31 22:04:38.0078 4056 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/05/31 22:04:38.0187 4056 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/05/31 22:04:38.0359 4056 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

2011/05/31 22:04:38.0515 4056 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

2011/05/31 22:04:38.0640 4056 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/05/31 22:04:38.0703 4056 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/05/31 22:04:38.0968 4056 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/05/31 22:04:39.0156 4056 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/05/31 22:04:39.0265 4056 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys

2011/05/31 22:04:39.0343 4056 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/05/31 22:04:39.0421 4056 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/05/31 22:04:39.0453 4056 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/05/31 22:04:39.0562 4056 tifsfilter (d352fff2a623b916c08ceacbfc8b5c32) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys

2011/05/31 22:04:39.0609 4056 timounter (64694b2a5c772e1c61feac300ed90ca6) C:\WINDOWS\system32\DRIVERS\timntr.sys

2011/05/31 22:04:39.0718 4056 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys

2011/05/31 22:04:39.0765 4056 tosrfbd (8c3bfaf3fca90502e6fa35503b8e979e) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys

2011/05/31 22:04:39.0828 4056 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

2011/05/31 22:04:39.0875 4056 Tosrfcom (4742f0bad28268ab093ed6f4ea857997) C:\WINDOWS\system32\Drivers\tosrfcom.sys

2011/05/31 22:04:39.0953 4056 Tosrfhid (7c807ba9660e2995cc0217a14a24094c) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

2011/05/31 22:04:40.0078 4056 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

2011/05/31 22:04:40.0171 4056 TosRfSnd (a4ce9572bc4ac8d329455059b43c5bea) C:\WINDOWS\system32\drivers\tosrfsnd.sys

2011/05/31 22:04:40.0203 4056 Tosrfusb (01c90086cd37e7e8d9a827e24167fcb7) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys

2011/05/31 22:04:40.0328 4056 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/05/31 22:04:40.0484 4056 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/05/31 22:04:40.0593 4056 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys

2011/05/31 22:04:40.0656 4056 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/05/31 22:04:40.0734 4056 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/05/31 22:04:40.0843 4056 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/05/31 22:04:41.0078 4056 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/05/31 22:04:41.0203 4056 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

2011/05/31 22:04:41.0296 4056 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/05/31 22:04:41.0390 4056 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/05/31 22:04:41.0531 4056 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/05/31 22:04:41.0609 4056 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/05/31 22:04:41.0687 4056 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

2011/05/31 22:04:41.0734 4056 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/05/31 22:04:41.0890 4056 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/05/31 22:04:41.0953 4056 vpnva (e1f2333a88ec4a5c8ea6be357323b72d) C:\WINDOWS\system32\DRIVERS\vpnva.sys

2011/05/31 22:04:42.0140 4056 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/05/31 22:04:42.0234 4056 WaveFDE (db626c46997c2430d4958da5c7ffb969) C:\WINDOWS\system32\DRIVERS\WaveFDE.sys

2011/05/31 22:04:42.0281 4056 WavxDMgr (51e756f2bfb5e3adcb15f966ad293231) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys

2011/05/31 22:04:42.0421 4056 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

2011/05/31 22:04:42.0484 4056 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/05/31 22:04:42.0687 4056 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

2011/05/31 22:04:42.0875 4056 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

2011/05/31 22:04:42.0953 4056 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

2011/05/31 22:04:43.0109 4056 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/05/31 22:04:43.0187 4056 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/05/31 22:04:43.0359 4056 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

2011/05/31 22:04:43.0609 4056 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2

2011/05/31 22:04:43.0640 4056 ================================================================================

2011/05/31 22:04:43.0640 4056 Scan finished

2011/05/31 22:04:43.0640 4056 ================================================================================

2011/05/31 22:04:43.0656 3420 Detected object count: 2

2011/05/31 22:04:43.0656 3420 Actual detected object count: 2

2011/05/31 22:05:04.0734 3420 Rootkit.Win32.ZAccess.c(Arp1394) - User select action: Skip

2011/05/31 22:05:04.0734 3420 Rootkit.Win32.ZAccess.c(Cdfs) - User select action: Skip

hijackthis.log

TDSSKiller.2.5.3.0_31.05.2011_22.04.10_log.txt

mbam-log-2011-05-31 (20-25-26).txt

SUPERAntiSpyware Scan Log - 12-15-2010 - 18-27-51.log

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

Run the TDSSKiller scan again and select Cure

If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.