Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Google Re-direct.


  • Please log in to reply
5 replies to this topic

#1 MyWill

MyWill

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 May 2011 - 12:48 PM

Hi there guys.. I've been scanning my PC with all the recommended software and guides from this site and I've come across a infected MBR i believe.

-----------------------------------------------------------
List of Software i have already scanned with is as follows.
Malwarebytes - Trojans, and malware. Including Trojans of the same type repeatedly appearing.
Spybots S&D - Minor pieces of spyware. Including a registry hijack that disables my Windows Security Center and has been discovered on multiple repeated scans.
Combofix - Trojan and malware removed
CA AntiVirus - Minor Infections and cookies.
TDSS killer - Found nothing, apart from a locked file which the program saw as suspicious.
-------------------------------------------------------------

With the same pieces of Malware and Spyware cropping up without TDSS finding a rootkit I've decided to dig a bit deeper and run...

- aswMBR
- MBRCheck.exe
- ESET Online Scanner (Which is currently still running with 0 infections so far)

Will post results in following posts.

Thanks for any help you can provide!!! :)

Edited by MyWill, 11 May 2011 - 12:53 PM.


BC AdBot (Login to Remove)

 


#2 MyWill

MyWill
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 May 2011 - 12:50 PM

MBR CHECK

-------------------------------

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Gigabyte Technology Co., Ltd.
BIOS Manufacturer: Award Software International, Inc.
System Manufacturer: Gigabyte Technology Co., Ltd.
System Product Name: P55-UD3R
Logical Drives Mask: 0x02000074

Kernel Drivers (total 201):
0x03818000 \SystemRoot\system32\ntoskrnl.exe
0x03E01000 \SystemRoot\system32\hal.dll
0x00BBB000 \SystemRoot\system32\kdcom.dll
0x00C6C000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CBB000 \SystemRoot\system32\PSHED.dll
0x00CCF000 \SystemRoot\system32\CLFS.SYS
0x00D2D000 \SystemRoot\system32\CI.dll
0x00E3C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EE0000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x0108B000 \SystemRoot\System32\Drivers\sprt.sys
0x011B1000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x011BA000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x01000000 \SystemRoot\system32\drivers\ACPI.sys
0x01057000 \SystemRoot\system32\drivers\msisadrv.sys
0x01061000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00EEF000 \SystemRoot\system32\drivers\pci.sys
0x0106E000 \SystemRoot\System32\drivers\partmgr.sys
0x011E9000 \SystemRoot\system32\drivers\volmgr.sys
0x00F22000 \SystemRoot\System32\drivers\volmgrx.sys
0x01083000 \SystemRoot\system32\drivers\pciide.sys
0x00F7E000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00F8E000 \SystemRoot\system32\DRIVERS\jraid.sys
0x00FAF000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E00000 \SystemRoot\system32\drivers\vmbus.sys
0x00FC9000 \SystemRoot\system32\drivers\winhv.sys
0x00FDD000 \SystemRoot\system32\drivers\atapi.sys
0x00C00000 \SystemRoot\system32\drivers\ataport.SYS
0x00FE6000 \SystemRoot\system32\drivers\amdxata.sys
0x012C1000 \SystemRoot\system32\drivers\fltmgr.sys
0x0130D000 \SystemRoot\system32\drivers\fileinfo.sys
0x01321000 \SystemRoot\system32\DRIVERS\KmxAMRT.sys
0x01455000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01357000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x0141B000 \SystemRoot\System32\drivers\pcw.sys
0x0142C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0164A000 \SystemRoot\system32\drivers\ndis.sys
0x0173D000 \SystemRoot\system32\drivers\NETIO.SYS
0x0179D000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01855000 \SystemRoot\System32\drivers\tcpip.sys
0x01A59000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AA3000 \SystemRoot\system32\drivers\vmstorfl.sys
0x01AB3000 \SystemRoot\system32\drivers\volsnap.sys
0x01AFF000 \SystemRoot\System32\Drivers\spldr.sys
0x01B07000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B41000 \SystemRoot\System32\Drivers\mup.sys
0x01B53000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B5C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B96000 \SystemRoot\system32\DRIVERS\disk.sys
0x01BAC000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01813000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0183D000 \SystemRoot\System32\Drivers\Null.SYS
0x01846000 \SystemRoot\System32\Drivers\Beep.SYS
0x017C8000 \SystemRoot\System32\drivers\vga.sys
0x017D6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01600000 \SystemRoot\System32\drivers\watchdog.sys
0x01610000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01619000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01622000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0162B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01636000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01272000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01436000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02E15000 \SystemRoot\system32\drivers\afd.sys
0x02E9E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02EE3000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02EEC000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02F12000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02F21000 \SystemRoot\system32\DRIVERS\serial.sys
0x02F3E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02F59000 \SystemRoot\system32\drivers\termdd.sys
0x02F6D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02FBE000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02FCA000 \SystemRoot\system32\drivers\mssmbios.sys
0x0440C000 \SystemRoot\System32\DRIVERS\kmxcfg.sys
0x0445D000 \SystemRoot\System32\drivers\discache.sys
0x0446C000 \SystemRoot\system32\drivers\csc.sys
0x044EF000 \SystemRoot\System32\Drivers\dfsc.sys
0x0450D000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0451E000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04544000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0455A000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04C34000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04277000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0436B000 \SystemRoot\System32\drivers\dxgmms1.sys
0x043B1000 \SystemRoot\system32\drivers\HDAudBus.sys
0x043D5000 \SystemRoot\system32\drivers\usbuhci.sys
0x04200000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04256000 \SystemRoot\system32\drivers\usbehci.sys
0x0556A000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x04267000 \SystemRoot\system32\DRIVERS\serenum.sys
0x043E2000 \SystemRoot\system32\DRIVERS\parport.sys
0x055D1000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x045A9000 \SystemRoot\System32\Drivers\an45k679.SYS
0x055DE000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04C00000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x02FD5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04C16000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x013B5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x013E4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01294000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x00C2A000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04C22000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x055EE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x045EE000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04273000 \SystemRoot\system32\drivers\swenum.sys
0x05AD0000 \SystemRoot\system32\drivers\ks.sys
0x05B13000 \SystemRoot\system32\drivers\umbus.sys
0x05B25000 \SystemRoot\system32\drivers\usbhub.sys
0x05B7F000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05B94000 \SystemRoot\system32\drivers\RtHDMIVX.sys
0x05A00000 \SystemRoot\system32\drivers\portcls.sys
0x05A3D000 \SystemRoot\system32\drivers\drmk.sys
0x05A5F000 \SystemRoot\system32\drivers\ksthunk.sys
0x06ECD000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x07137000 \SystemRoot\system32\drivers\t3.sys
0x071D6000 \SystemRoot\System32\DRIVERS\kmxagent.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x06E00000 \SystemRoot\System32\drivers\Dxapi.sys
0x06E0C000 \SystemRoot\system32\DRIVERS\udfs.sys
0x06E61000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00460000 \SystemRoot\System32\TSDDD.dll
0x00670000 \SystemRoot\System32\cdd.dll
0x071F5000 \SystemRoot\system32\drivers\HIDPARSE.SYS
0x05BD1000 \SystemRoot\system32\drivers\luafv.sys
0x01BDC000 \SystemRoot\system32\drivers\WudfPf.sys
0x01800000 \SystemRoot\System32\Drivers\crashdmp.sys
0x05BF4000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x04400000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x00C58000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x03CF3000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x03D24000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03D39000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03C00000 \SystemRoot\system32\drivers\HTTP.sys
0x03CC9000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03D51000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03D69000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03D96000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x07C14000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07C38000 \SystemRoot\system32\drivers\peauth.sys
0x07CDE000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07CE9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07D1A000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07D2C000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08265000 \SystemRoot\System32\DRIVERS\srv.sys
0x08386000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x083A3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x083A5000 \SystemRoot\system32\drivers\usbaudio.sys
0x083C0000 \SystemRoot\system32\drivers\hidusb.sys
0x083CE000 \SystemRoot\system32\drivers\HIDCLASS.SYS
0x08200000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x08211000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x0821D000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x08311000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x0831F000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x08334000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x08341000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x08360000 \SystemRoot\System32\Drivers\LGPBTDD.sys
0x0B28D000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x0B298000 \SystemRoot\system32\drivers\klmd.sys
0x0B2B6000 \??\C:\Users\Mik\AppData\Local\Temp\aswMBR.sys
0x77940000 \Windows\System32\ntdll.dll
0x47EE0000 \Windows\System32\smss.exe
0xFFC60000 \Windows\System32\apisetschema.dll
0xFF090000 \Windows\System32\autochk.exe
0xFFBB0000 \Windows\System32\clbcatq.dll
0xFFB10000 \Windows\System32\msvcrt.dll
0xFFB00000 \Windows\System32\nsi.dll
0xFFAF0000 \Windows\System32\lpk.dll
0xFFA80000 \Windows\System32\gdi32.dll
0xFFA50000 \Windows\System32\imm32.dll
0xFECC0000 \Windows\System32\shell32.dll
0x77B10000 \Windows\System32\normaliz.dll
0xFEA60000 \Windows\System32\iertutil.dll
0xFE950000 \Windows\System32\msctf.dll
0xFE930000 \Windows\System32\imagehlp.dll
0xFE910000 \Windows\System32\sechost.dll
0xFE870000 \Windows\System32\comdlg32.dll
0x77B00000 \Windows\System32\psapi.dll
0xFE790000 \Windows\System32\oleaut32.dll
0xFE660000 \Windows\System32\wininet.dll
0xFE5E0000 \Windows\System32\shlwapi.dll
0xFE460000 \Windows\System32\urlmon.dll
0xFE400000 \Windows\System32\Wldap32.dll
0x77820000 \Windows\System32\kernel32.dll
0xFE220000 \Windows\System32\setupapi.dll
0xFE1D0000 \Windows\System32\ws2_32.dll
0xFDFC0000 \Windows\System32\ole32.dll
0xFDEE0000 \Windows\System32\advapi32.dll
0xFDE60000 \Windows\System32\difxapi.dll
0xFDD30000 \Windows\System32\rpcrt4.dll
0xFDC60000 \Windows\System32\usp10.dll
0x77720000 \Windows\System32\user32.dll
0xFDBF0000 \Windows\System32\KernelBase.dll
0xFDBB0000 \Windows\System32\wintrust.dll
0xFDB10000 \Windows\System32\comctl32.dll
0xFDAF0000 \Windows\System32\devobj.dll
0xFDAB0000 \Windows\System32\cfgmgr32.dll
0xFD940000 \Windows\System32\crypt32.dll
0xFD930000 \Windows\System32\msasn1.dll

Processes (total 76):
0 System Idle Process
4 System
268 C:\Windows\System32\smss.exe
408 csrss.exe
480 C:\Windows\System32\wininit.exe
508 csrss.exe
540 C:\Windows\System32\services.exe
552 C:\Windows\System32\lsass.exe
560 C:\Windows\System32\lsm.exe
636 C:\Windows\System32\winlogon.exe
716 C:\Windows\System32\svchost.exe
792 C:\Windows\System32\svchost.exe
844 C:\Windows\System32\atiesrxx.exe
916 C:\Windows\System32\svchost.exe
952 C:\Windows\System32\svchost.exe
980 C:\Windows\System32\svchost.exe
284 C:\Windows\System32\svchost.exe
1136 WUDFHost.exe
1208 C:\Windows\System32\svchost.exe
1304 C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxCfg.exe
1352 C:\Windows\System32\taskeng.exe
1392 C:\Windows\System32\spoolsv.exe
1404 C:\Windows\System32\rundll32.exe
1432 C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxPol.exe
1468 C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
1492 C:\Windows\System32\svchost.exe
1604 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe
1656 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
1692 C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
1780 C:\Windows\System32\svchost.exe
1904 C:\Windows\SysWOW64\PnkBstrA.exe
1964 C:\Windows\System32\svchost.exe
1120 C:\Windows\SysWOW64\rundll32.exe
1228 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2184 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2808 C:\Windows\System32\svchost.exe
2840 WUDFHost.exe
2856 C:\Windows\System32\atieclxx.exe
696 C:\Windows\System32\taskhost.exe
2748 C:\Windows\System32\dwm.exe
3084 C:\Windows\explorer.exe
3128 C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
3156 C:\Windows\System32\rundll32.exe
3880 C:\Program Files\CA\CA Internet Security Suite\casc.exe
4004 C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
4044 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2568 C:\Program Files\Logitech Gaming Software\LCore.exe
1148 C:\Program Files (x86)\Steam\Steam.exe
1444 C:\Program Files (x86)\Xfire\Xfire.exe
4240 C:\Windows\System32\SearchIndexer.exe
4248 C:\Program Files (x86)\Xfire\xfire64.exe
4300 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
4396 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
4520 C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
4648 C:\Program Files (x86)\Windows Media Player\wmplayer.exe
4872 taskhost.exe
4208 C:\Program Files\Logitech\SetPointG\SetPointII.exe
4456 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4144 C:\Program Files (x86)\Xfire\xfire64.exe
2632 C:\Program Files\Windows Media Player\wmpnetwk.exe
2876 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe
652 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDCountdown.exe
5164 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
3400 C:\Windows\SysWOW64\PnkBstrB.exe
6084 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4064 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
5028 C:\Windows\System32\audiodg.exe
3856 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
3176 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
3996 C:\Windows\System32\conhost.exe
3712 C:\Users\Mik\Downloads\tdsskiller.exe
5664 C:\Users\Mik\Downloads\aswMBR.exe
3268 C:\Users\Mik\Downloads\MBRCheck.exe
5520 C:\Windows\System32\conhost.exe
5584 C:\Windows\System32\dllhost.exe
1068 WmiPrvSE.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`06500000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive1 Model Number: HitachiHDS721050CLA362, Rev: JP2OA39C
PhysicalDrive0 Model Number: SAMSUNGHD322HJ, Rev: 1AC01118

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive1 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

#3 MyWill

MyWill
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 May 2011 - 12:51 PM

aswMBR Scan

---------------------------------------

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-12 03:23:41
-----------------------------
03:23:41.433 OS Version: Windows x64 6.1.7601 Service Pack 1
03:23:41.433 Number of processors: 4 586 0x1E05
03:23:41.433 ComputerName: MIK-PC UserName: Mik
03:23:42.622 Initialize success
03:23:44.121 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
03:23:44.124 Disk 0 Vendor: Size: 0MB BusType: 0
03:23:44.126 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
03:23:44.129 Disk 1 Vendor: Size: 0MB BusType: 0
03:23:44.131 Disk 2 \Device\Harddisk2\DR4 -> \Device\000000e5
03:23:44.133 Disk 2 Vendor: Size: 0MB BusType: 0
03:23:46.182 Disk 1 MBR read successfully
03:23:46.186 Disk 1 MBR scan
03:23:46.189 Disk 1 Windows 7 default MBR code
03:23:46.191 Disk 1 MBR hidden
03:23:46.194 Service scanning
03:23:47.604 Disk 1 trace - called modules:
03:23:47.615 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006a8d170]<<
03:23:47.619 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004c03060]
03:23:47.623 Scan finished successfully
03:25:53.091 Disk 1 MBR has been saved successfully to "C:\Program Files (x86)\Mozilla Firefox\MBR.dat"
03:25:53.095 The log file has been saved successfully to "C:\Program Files (x86)\Mozilla Firefox\aswMBR.txt"

#4 MyWill

MyWill
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 May 2011 - 12:52 PM

TDSS Killer

-------------------------------

2011/05/12 03:22:56.0947 1008 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/12 03:22:58.0195 1008 ================================================================================
2011/05/12 03:22:58.0195 1008 SystemInfo:
2011/05/12 03:22:58.0195 1008
2011/05/12 03:22:58.0195 1008 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/12 03:22:58.0195 1008 Product type: Workstation
2011/05/12 03:22:58.0195 1008 ComputerName: MIK-PC
2011/05/12 03:22:58.0196 1008 UserName: Mik
2011/05/12 03:22:58.0196 1008 Windows directory: C:\Windows
2011/05/12 03:22:58.0196 1008 System windows directory: C:\Windows
2011/05/12 03:22:58.0196 1008 Running under WOW64
2011/05/12 03:22:58.0196 1008 Processor architecture: Intel x64
2011/05/12 03:22:58.0196 1008 Number of processors: 4
2011/05/12 03:22:58.0196 1008 Page size: 0x1000
2011/05/12 03:22:58.0196 1008 Boot type: Normal boot
2011/05/12 03:22:58.0196 1008 ================================================================================
2011/05/12 03:22:58.0589 1008 Initialize success
2011/05/12 03:23:06.0019 0392 ================================================================================
2011/05/12 03:23:06.0019 0392 Scan started
2011/05/12 03:23:06.0019 0392 Mode: Manual;
2011/05/12 03:23:06.0019 0392 ================================================================================
2011/05/12 03:23:07.0245 0392 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/12 03:23:07.0280 0392 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/12 03:23:07.0364 0392 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/12 03:23:07.0423 0392 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/12 03:23:07.0515 0392 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/12 03:23:07.0553 0392 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/12 03:23:07.0878 0392 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/12 03:23:07.0980 0392 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/12 03:23:08.0022 0392 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/12 03:23:08.0120 0392 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/12 03:23:08.0165 0392 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/12 03:23:08.0360 0392 amdkmdag (672faab1d50cb43e28063d95990c59bf) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/12 03:23:08.0529 0392 amdkmdap (35381e3f4c541e0d10623585946337e0) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/05/12 03:23:08.0575 0392 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/12 03:23:08.0647 0392 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/05/12 03:23:08.0724 0392 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/12 03:23:08.0764 0392 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/05/12 03:23:08.0863 0392 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/12 03:23:08.0924 0392 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/12 03:23:08.0977 0392 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/12 03:23:09.0011 0392 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/12 03:23:09.0064 0392 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/12 03:23:09.0157 0392 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
2011/05/12 03:23:09.0200 0392 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
2011/05/12 03:23:09.0296 0392 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/12 03:23:09.0344 0392 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/12 03:23:09.0441 0392 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/12 03:23:09.0488 0392 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/12 03:23:09.0565 0392 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/12 03:23:09.0594 0392 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/12 03:23:09.0611 0392 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/12 03:23:09.0635 0392 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/12 03:23:09.0654 0392 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/12 03:23:09.0671 0392 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/12 03:23:09.0688 0392 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/12 03:23:09.0707 0392 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/12 03:23:09.0836 0392 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/12 03:23:09.0901 0392 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/12 03:23:09.0973 0392 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/12 03:23:10.0015 0392 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/12 03:23:10.0108 0392 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/12 03:23:10.0167 0392 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/12 03:23:10.0271 0392 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/12 03:23:10.0313 0392 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/12 03:23:10.0413 0392 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/12 03:23:10.0459 0392 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/12 03:23:10.0565 0392 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/12 03:23:10.0649 0392 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/12 03:23:10.0795 0392 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/12 03:23:10.0854 0392 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/12 03:23:10.0945 0392 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/12 03:23:11.0018 0392 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/12 03:23:11.0139 0392 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/12 03:23:11.0259 0392 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/12 03:23:11.0329 0392 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/12 03:23:11.0413 0392 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/12 03:23:11.0443 0392 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/12 03:23:11.0525 0392 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/12 03:23:11.0573 0392 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/12 03:23:11.0603 0392 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/12 03:23:11.0669 0392 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/12 03:23:11.0736 0392 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/12 03:23:11.0793 0392 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/12 03:23:11.0872 0392 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/05/12 03:23:11.0951 0392 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/12 03:23:12.0021 0392 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/12 03:23:12.0096 0392 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/12 03:23:12.0131 0392 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/12 03:23:12.0212 0392 HabuFltr (c3096d7f9d0c529d538bc53a8b2895c7) C:\Windows\system32\drivers\habu.sys
2011/05/12 03:23:12.0253 0392 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/12 03:23:12.0359 0392 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/12 03:23:12.0403 0392 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/12 03:23:12.0455 0392 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/12 03:23:12.0476 0392 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/12 03:23:12.0504 0392 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/12 03:23:12.0568 0392 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/05/12 03:23:12.0633 0392 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/12 03:23:12.0748 0392 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/12 03:23:12.0798 0392 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/12 03:23:12.0928 0392 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/12 03:23:13.0146 0392 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/05/12 03:23:13.0225 0392 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/12 03:23:13.0301 0392 IntcAzAudAddService (dab7318ccfa8081200d5b7b486793f74) C:\Windows\system32\drivers\RTKVHD64.sys
2011/05/12 03:23:13.0423 0392 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/12 03:23:13.0468 0392 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/12 03:23:13.0569 0392 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/12 03:23:13.0649 0392 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/12 03:23:13.0727 0392 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/12 03:23:13.0802 0392 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/12 03:23:13.0866 0392 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/12 03:23:13.0894 0392 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/12 03:23:14.0010 0392 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\DRIVERS\jraid.sys
2011/05/12 03:23:14.0077 0392 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/12 03:23:14.0134 0392 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/12 03:23:14.0198 0392 KmxAgent (778ec657ca08b82087624cc352d81a24) C:\Windows\system32\DRIVERS\kmxagent.sys
2011/05/12 03:23:14.0227 0392 KmxAMRT (8ef67fb093cc85a5dc2e1a42ccb7c93b) C:\Windows\system32\DRIVERS\KmxAMRT.sys
2011/05/12 03:23:14.0335 0392 KmxCfg (b9cb83491abcc1f34c93251647400dee) C:\Windows\system32\DRIVERS\kmxcfg.sys
2011/05/12 03:23:14.0405 0392 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/12 03:23:14.0501 0392 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/12 03:23:14.0548 0392 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/12 03:23:14.0665 0392 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
2011/05/12 03:23:14.0756 0392 LGPBTDD (f705a641c18df31b48b5dbda94b425e4) C:\Windows\system32\Drivers\LGPBTDD.sys
2011/05/12 03:23:14.0801 0392 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
2011/05/12 03:23:14.0899 0392 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/05/12 03:23:14.0947 0392 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/12 03:23:15.0045 0392 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/05/12 03:23:15.0077 0392 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/12 03:23:15.0132 0392 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/12 03:23:15.0159 0392 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/12 03:23:15.0189 0392 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/12 03:23:15.0230 0392 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/12 03:23:15.0284 0392 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/12 03:23:15.0332 0392 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/12 03:23:15.0407 0392 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/12 03:23:15.0467 0392 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/12 03:23:15.0558 0392 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/12 03:23:15.0595 0392 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/12 03:23:15.0670 0392 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/12 03:23:15.0727 0392 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/12 03:23:15.0773 0392 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/12 03:23:15.0863 0392 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/12 03:23:15.0900 0392 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/12 03:23:15.0957 0392 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/12 03:23:15.0979 0392 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/12 03:23:16.0024 0392 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/12 03:23:16.0119 0392 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/12 03:23:16.0167 0392 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/12 03:23:16.0235 0392 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/12 03:23:16.0291 0392 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/12 03:23:16.0370 0392 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/12 03:23:16.0389 0392 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/12 03:23:16.0406 0392 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/12 03:23:16.0469 0392 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/12 03:23:16.0564 0392 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/12 03:23:16.0599 0392 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/12 03:23:16.0624 0392 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/12 03:23:16.0694 0392 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/12 03:23:16.0761 0392 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/12 03:23:16.0845 0392 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/12 03:23:16.0906 0392 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/12 03:23:16.0942 0392 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/12 03:23:16.0998 0392 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/12 03:23:17.0095 0392 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/12 03:23:17.0163 0392 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/12 03:23:17.0240 0392 Netaapl (307bc83250fc8e3b2878d81e7d760299) C:\Windows\system32\DRIVERS\netaapl64.sys
2011/05/12 03:23:17.0281 0392 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/12 03:23:17.0364 0392 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/12 03:23:17.0462 0392 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/12 03:23:17.0546 0392 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/12 03:23:17.0590 0392 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/12 03:23:17.0698 0392 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/05/12 03:23:17.0749 0392 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/12 03:23:17.0817 0392 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/05/12 03:23:17.0851 0392 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/05/12 03:23:17.0962 0392 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/12 03:23:17.0992 0392 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/12 03:23:18.0100 0392 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/12 03:23:18.0176 0392 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/12 03:23:18.0409 0392 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/12 03:23:18.0455 0392 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/12 03:23:18.0496 0392 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/12 03:23:18.0549 0392 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/12 03:23:18.0611 0392 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/12 03:23:18.0911 0392 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/12 03:23:18.0953 0392 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/12 03:23:19.0055 0392 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/12 03:23:19.0115 0392 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/12 03:23:19.0199 0392 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/12 03:23:19.0234 0392 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/12 03:23:19.0302 0392 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/12 03:23:19.0343 0392 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/12 03:23:19.0437 0392 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/12 03:23:19.0515 0392 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/12 03:23:19.0548 0392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/12 03:23:19.0612 0392 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/12 03:23:19.0694 0392 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/12 03:23:19.0726 0392 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/12 03:23:19.0785 0392 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/12 03:23:19.0856 0392 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/12 03:23:19.0880 0392 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/12 03:23:19.0948 0392 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/12 03:23:20.0035 0392 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/12 03:23:20.0112 0392 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/12 03:23:20.0205 0392 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/12 03:23:20.0252 0392 RTHDMIAzAudService (116d03e901246ac7af006121e1e22842) C:\Windows\system32\drivers\RtHDMIVX.sys
2011/05/12 03:23:20.0340 0392 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/05/12 03:23:20.0400 0392 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/12 03:23:20.0592 0392 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/12 03:23:20.0662 0392 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/12 03:23:20.0822 0392 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/12 03:23:20.0852 0392 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/12 03:23:20.0926 0392 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/12 03:23:20.0981 0392 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/12 03:23:21.0081 0392 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/12 03:23:21.0108 0392 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/12 03:23:21.0128 0392 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/12 03:23:21.0192 0392 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/12 03:23:21.0232 0392 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/12 03:23:21.0306 0392 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/12 03:23:21.0345 0392 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/12 03:23:21.0426 0392 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/12 03:23:21.0543 0392 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/05/12 03:23:21.0543 0392 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/05/12 03:23:21.0554 0392 sptd - detected LockedFile.Multi.Generic (1)
2011/05/12 03:23:21.0582 0392 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/12 03:23:21.0635 0392 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/12 03:23:21.0673 0392 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/12 03:23:21.0782 0392 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/12 03:23:21.0847 0392 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/12 03:23:21.0898 0392 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/12 03:23:21.0924 0392 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/12 03:23:22.0095 0392 t3 (6b153e518dbe6ef59191152e1ecf7ed4) C:\Windows\system32\drivers\t3.sys
2011/05/12 03:23:22.0209 0392 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/12 03:23:22.0342 0392 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/12 03:23:22.0406 0392 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/12 03:23:22.0463 0392 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/12 03:23:22.0481 0392 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/12 03:23:22.0543 0392 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/12 03:23:22.0631 0392 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/12 03:23:22.0724 0392 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/12 03:23:22.0798 0392 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/12 03:23:22.0876 0392 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/12 03:23:22.0945 0392 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/12 03:23:23.0008 0392 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/12 03:23:23.0120 0392 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/12 03:23:23.0155 0392 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/12 03:23:23.0225 0392 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/12 03:23:23.0318 0392 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/05/12 03:23:23.0415 0392 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/12 03:23:23.0495 0392 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/12 03:23:23.0592 0392 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/12 03:23:23.0660 0392 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/05/12 03:23:23.0735 0392 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/12 03:23:23.0754 0392 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/05/12 03:23:23.0809 0392 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/12 03:23:23.0891 0392 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/12 03:23:23.0919 0392 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/12 03:23:23.0985 0392 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/05/12 03:23:24.0094 0392 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/12 03:23:24.0135 0392 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/12 03:23:24.0159 0392 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/12 03:23:24.0257 0392 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/12 03:23:24.0287 0392 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/12 03:23:24.0315 0392 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/12 03:23:24.0411 0392 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/12 03:23:24.0442 0392 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/12 03:23:24.0528 0392 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/12 03:23:24.0604 0392 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/12 03:23:24.0668 0392 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/12 03:23:24.0764 0392 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/05/12 03:23:24.0813 0392 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/12 03:23:24.0967 0392 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/12 03:23:24.0982 0392 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/12 03:23:25.0054 0392 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/12 03:23:25.0093 0392 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/12 03:23:25.0186 0392 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/12 03:23:25.0212 0392 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/12 03:23:25.0333 0392 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/05/12 03:23:25.0383 0392 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/12 03:23:25.0469 0392 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/12 03:23:25.0540 0392 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/12 03:23:25.0592 0392 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/12 03:23:25.0647 0392 ================================================================================
2011/05/12 03:23:25.0647 0392 Scan finished
2011/05/12 03:23:25.0647 0392 ================================================================================
2011/05/12 03:23:25.0656 4296 Detected object count: 1
2011/05/12 03:23:31.0507 4296 LockedFile.Multi.Generic(sptd) - User select action: Skip






-------------------------------------------------------

And here's a copy of my TDSS scan.

Thanks again!

#5 MyWill

MyWill
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 May 2011 - 12:57 PM

I am reluctant to run a aswMBR fix without some advice. This is why I've posted your my last hope guys.
I'm also read an article on ExpertsExchange.com recently that the google re-direct can also infect your modem/router? True/False?

And apologies on running a Combofix unsupervised. I'm aware of any consequences that it may cause..

Am also currently running a GMER scan also.

Edited by MyWill, 11 May 2011 - 01:06 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:48 AM

Posted 11 May 2011 - 01:33 PM

TDSSKiller has been effective in finding and curing an MBR infection.

The MBRCheck scan log indicates its ok: PhysicalDrive1 Windows 7 MBR code detected

The aswMBR Scan also says Windows 7 default MBR code.

If an infection was found, the scan would have said something like:
Disk 0 TDL4@MBR code has been found
Disk 0 MBR hidden
Disk 0 MBR [TDL4] **ROOTKIT**

or

Disk 0 malicious Win32:MBRoot code @ sector 398283483 !
Disk 0 PE file @ sector 398283505 !
Disk 0 MBR [Win32:MBRoot] **ROOTKIT**

This issue will require further investigation. Many of the tools we use in this forum are not capable of detecting (repairing/removing) all malware variants so more advanced tools are needed to investigate. Before that can be done you will need you to create and post a DDS log for further investigation.

Please read the "Preparation Guide".
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 7 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.
When you have done that, post your log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the Malware Response Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. You can include the logs you posted here or note in your comments those logs are available.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users