Jump to content

vanijayram

Honorary Members
  • Posts

    46
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you so much Maniac for resolving my problem and the excellent support.
  2. Thank you Maniac ...Now everything is fine. All hidden is removed. And favourites are also present.
  3. All my Favorites in IE have gone.Is there any method to recover it ? Also,can you suggest me some protective measures like a good antivirus to prevent future happenings like this?
  4. One thing, Most of my files are hidden and I am manually making it visible
  5. Looks fine to me. Running as usual.no pop ups etc..
  6. Status: Deleted (events: 5) 3/20/2012 9:19:38 PM Deleted Trojan program Backdoor.Win64.TDSS.a C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900002\4FF7D236.VBN//CryptZ High 3/20/2012 9:19:37 PM Deleted Trojan program Trojan.Win32.TDSS.clzk C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900003\4FF7D24C.VBN//CryptZ//UPX High 3/20/2012 9:19:37 PM Deleted Trojan program Trojan.Win32.TDSS.clzk C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900003\4FF7D24C.VBN//CryptZ High 3/20/2012 9:19:37 PM Deleted Trojan program Trojan.Win32.TDSS.clzk C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900003\4FF7D24C.VBN High 3/20/2012 9:19:38 PM Deleted Trojan program Backdoor.Win64.TDSS.a C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900002\4FF7D236.VBN High
  7. Hi maniac, This is my log file : ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=c35e1f48cebc0e469c42f24aea4248e8 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-03-20 01:01:54 # local_time=2012-03-19 09:01:54 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1032 16777214 0 1 4114126 4114126 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=190261 # found=5 # cleaned=5 # scan_time=5732 C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\eYryLom6muHhor.exe.vir a variant of Win32/Kryptik.ACRH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\HWllHxOwIMY.exe.vir a variant of Win32/Kryptik.ACRH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Documents and Settings\Vidhya\Application Data\Mozilla\Firefox\Profiles\2k5zys0a.default\extensions\{16fe6f95-8fc0-484f-bb67-c3df6cb6a081}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\18.03.2012_14.11.40\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.N trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\18.03.2012_14.11.40\mbr0000\tdlfs0000\tsk0009.dta a variant of Win32/Olmarik.ARM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  8. Hi maniac, I am not able to find those files inmy system.
  9. The log report generation is still running....could there be any harm due to this or is my computer fine to use?
  10. The malware blocking message is no longer coming
  11. Hi maniac, The log : 14:11:39.0640 3548 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 14:11:40.0000 3548 ============================================================ 14:11:40.0000 3548 Current date / time: 2012/03/18 14:11:40.0000 14:11:40.0000 3548 SystemInfo: 14:11:40.0000 3548 14:11:40.0000 3548 OS Version: 5.1.2600 ServicePack: 3.0 14:11:40.0000 3548 Product type: Workstation 14:11:40.0000 3548 ComputerName: VIDHYA-8F36C4A7 14:11:40.0000 3548 UserName: Vidhya 14:11:40.0000 3548 Windows directory: C:\WINDOWS 14:11:40.0000 3548 System windows directory: C:\WINDOWS 14:11:40.0000 3548 Processor architecture: Intel x86 14:11:40.0000 3548 Number of processors: 2 14:11:40.0000 3548 Page size: 0x1000 14:11:40.0000 3548 Boot type: Normal boot 14:11:40.0000 3548 ============================================================ 14:11:40.0453 3548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:11:40.0468 3548 \Device\Harddisk0\DR0: 14:11:40.0468 3548 MBR used 14:11:40.0468 3548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1 14:11:40.0484 3548 Initialize success 14:11:40.0484 3548 ============================================================ 14:11:47.0703 2376 ============================================================ 14:11:47.0703 2376 Scan started 14:11:47.0703 2376 Mode: Manual; SigCheck; TDLFS; 14:11:47.0703 2376 ============================================================ 14:11:48.0046 2376 Abiosdsk - ok 14:11:48.0062 2376 abp480n5 - ok 14:11:48.0140 2376 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 14:11:49.0093 2376 ACPI - ok 14:11:49.0203 2376 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 14:11:49.0390 2376 ACPIEC - ok 14:11:49.0437 2376 adpu160m - ok 14:11:49.0500 2376 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 14:11:49.0640 2376 aec - ok 14:11:49.0687 2376 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 14:11:49.0765 2376 AFD - ok 14:11:49.0781 2376 Aha154x - ok 14:11:49.0796 2376 aic78u2 - ok 14:11:49.0812 2376 aic78xx - ok 14:11:49.0828 2376 AliIde - ok 14:11:49.0828 2376 amsint - ok 14:11:49.0906 2376 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 14:11:50.0078 2376 Arp1394 - ok 14:11:50.0109 2376 asc - ok 14:11:50.0109 2376 asc3350p - ok 14:11:50.0125 2376 asc3550 - ok 14:11:50.0156 2376 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 14:11:50.0328 2376 AsyncMac - ok 14:11:50.0359 2376 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 14:11:50.0531 2376 atapi - ok 14:11:50.0531 2376 Atdisk - ok 14:11:50.0562 2376 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 14:11:50.0703 2376 Atmarpc - ok 14:11:50.0750 2376 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 14:11:50.0890 2376 audstub - ok 14:11:50.0984 2376 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 14:11:51.0125 2376 BCM43XX - ok 14:11:51.0187 2376 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys 14:11:51.0203 2376 BCMWLNPF ( UnsignedFile.Multi.Generic ) - warning 14:11:51.0203 2376 BCMWLNPF - detected UnsignedFile.Multi.Generic (1) 14:11:51.0265 2376 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 14:11:51.0421 2376 Beep - ok 14:11:51.0453 2376 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys 14:11:51.0562 2376 Bridge - ok 14:11:51.0562 2376 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys 14:11:51.0656 2376 BridgeMP - ok 14:11:51.0828 2376 catchme - ok 14:11:51.0875 2376 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 14:11:51.0984 2376 cbidf2k - ok 14:11:52.0015 2376 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 14:11:52.0125 2376 CCDECODE - ok 14:11:52.0140 2376 cd20xrnt - ok 14:11:52.0187 2376 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 14:11:52.0343 2376 Cdaudio - ok 14:11:52.0375 2376 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 14:11:52.0515 2376 Cdfs - ok 14:11:52.0578 2376 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 14:11:52.0671 2376 Cdrom - ok 14:11:52.0687 2376 cerc6 - ok 14:11:52.0687 2376 Changer - ok 14:11:52.0734 2376 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 14:11:52.0843 2376 CmBatt - ok 14:11:52.0843 2376 CmdIde - ok 14:11:52.0890 2376 COH_Mon (4f2dedeed7c091fafc4dada5534f3d37) C:\WINDOWS\system32\Drivers\COH_Mon.sys 14:11:52.0906 2376 COH_Mon - ok 14:11:52.0921 2376 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 14:11:53.0031 2376 Compbatt - ok 14:11:53.0046 2376 Cpqarray - ok 14:11:53.0156 2376 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys 14:11:53.0281 2376 cpudrv - ok 14:11:53.0296 2376 dac2w2k - ok 14:11:53.0296 2376 dac960nt - ok 14:11:53.0359 2376 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 14:11:53.0468 2376 Disk - ok 14:11:53.0531 2376 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 14:11:53.0734 2376 dmboot - ok 14:11:53.0750 2376 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 14:11:53.0843 2376 dmio - ok 14:11:53.0859 2376 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 14:11:53.0953 2376 dmload - ok 14:11:54.0000 2376 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 14:11:54.0109 2376 DMusic - ok 14:11:54.0125 2376 dpti2o - ok 14:11:54.0125 2376 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 14:11:54.0218 2376 drmkaud - ok 14:11:54.0343 2376 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 14:11:54.0359 2376 eeCtrl - ok 14:11:54.0421 2376 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 14:11:54.0421 2376 EraserUtilRebootDrv - ok 14:11:54.0484 2376 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 14:11:54.0593 2376 Fastfat - ok 14:11:54.0656 2376 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 14:11:54.0781 2376 Fdc - ok 14:11:54.0796 2376 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 14:11:54.0906 2376 Fips - ok 14:11:54.0906 2376 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 14:11:55.0015 2376 Flpydisk - ok 14:11:55.0062 2376 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 14:11:55.0171 2376 FltMgr - ok 14:11:55.0218 2376 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:11:55.0328 2376 Fs_Rec - ok 14:11:55.0343 2376 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 14:11:55.0437 2376 Ftdisk - ok 14:11:55.0500 2376 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 14:11:55.0500 2376 GEARAspiWDM - ok 14:11:55.0515 2376 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 14:11:55.0625 2376 Gpc - ok 14:11:55.0687 2376 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 14:11:55.0796 2376 HDAudBus - ok 14:11:55.0828 2376 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 14:11:55.0921 2376 hidusb - ok 14:11:55.0937 2376 hpn - ok 14:11:55.0984 2376 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 14:11:56.0031 2376 HTTP - ok 14:11:56.0031 2376 i2omgmt - ok 14:11:56.0046 2376 i2omp - ok 14:11:56.0093 2376 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 14:11:56.0203 2376 i8042prt - ok 14:11:56.0421 2376 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 14:11:56.0765 2376 ialm - ok 14:11:56.0828 2376 iastor (d483687eace0c065ee772481a96e05f5) C:\WINDOWS\system32\drivers\iastor.sys 14:11:56.0859 2376 iastor - ok 14:11:56.0890 2376 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 14:11:57.0093 2376 Imapi - ok 14:11:57.0109 2376 ini910u - ok 14:11:57.0281 2376 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys 14:11:57.0500 2376 IntcAzAudAddService - ok 14:11:57.0515 2376 IntelIde - ok 14:11:57.0562 2376 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 14:11:57.0687 2376 intelppm - ok 14:11:57.0718 2376 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 14:11:57.0921 2376 Ip6Fw - ok 14:11:57.0968 2376 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:11:58.0078 2376 IpFilterDriver - ok 14:11:58.0093 2376 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 14:11:58.0187 2376 IpInIp - ok 14:11:58.0296 2376 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 14:11:58.0406 2376 IpNat - ok 14:11:58.0453 2376 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 14:11:58.0546 2376 IPSec - ok 14:11:58.0593 2376 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 14:11:58.0656 2376 IRENUM - ok 14:11:58.0703 2376 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 14:11:58.0812 2376 isapnp - ok 14:11:58.0875 2376 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 14:11:59.0000 2376 Kbdclass - ok 14:11:59.0046 2376 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 14:11:59.0171 2376 kmixer - ok 14:11:59.0203 2376 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 14:11:59.0250 2376 KSecDD - ok 14:11:59.0265 2376 lbrtfdc - ok 14:11:59.0296 2376 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 14:11:59.0312 2376 MBAMProtector - ok 14:11:59.0343 2376 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 14:11:59.0468 2376 mnmdd - ok 14:11:59.0500 2376 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 14:11:59.0593 2376 Modem - ok 14:11:59.0625 2376 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 14:11:59.0718 2376 Mouclass - ok 14:11:59.0781 2376 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 14:11:59.0890 2376 mouhid - ok 14:11:59.0890 2376 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 14:11:59.0984 2376 MountMgr - ok 14:12:00.0000 2376 mraid35x - ok 14:12:00.0031 2376 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 14:12:00.0125 2376 MRxDAV - ok 14:12:00.0156 2376 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:12:00.0218 2376 MRxSmb - ok 14:12:00.0234 2376 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 14:12:00.0328 2376 Msfs - ok 14:12:00.0359 2376 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:12:00.0468 2376 MSKSSRV - ok 14:12:00.0484 2376 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:12:00.0578 2376 MSPCLOCK - ok 14:12:00.0578 2376 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 14:12:00.0687 2376 MSPQM - ok 14:12:00.0734 2376 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 14:12:00.0859 2376 mssmbios - ok 14:12:00.0875 2376 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 14:12:00.0984 2376 MSTEE - ok 14:12:01.0000 2376 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 14:12:01.0046 2376 Mup - ok 14:12:01.0078 2376 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 14:12:01.0187 2376 NABTSFEC - ok 14:12:01.0343 2376 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120315.002\NAVENG.SYS 14:12:01.0343 2376 NAVENG - ok 14:12:01.0437 2376 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120315.002\NAVEX15.SYS 14:12:01.0500 2376 NAVEX15 - ok 14:12:01.0562 2376 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 14:12:01.0671 2376 NDIS - ok 14:12:01.0703 2376 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 14:12:01.0812 2376 NdisIP - ok 14:12:01.0859 2376 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:12:01.0906 2376 NdisTapi - ok 14:12:01.0968 2376 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:12:02.0109 2376 Ndisuio - ok 14:12:02.0109 2376 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:12:02.0265 2376 NdisWan - ok 14:12:02.0312 2376 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 14:12:02.0343 2376 NDProxy - ok 14:12:02.0359 2376 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 14:12:02.0453 2376 NetBIOS - ok 14:12:02.0468 2376 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 14:12:02.0593 2376 NetBT - ok 14:12:02.0640 2376 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 14:12:02.0734 2376 NIC1394 - ok 14:12:02.0750 2376 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 14:12:02.0859 2376 Npfs - ok 14:12:02.0890 2376 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 14:12:03.0000 2376 Ntfs - ok 14:12:03.0046 2376 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 14:12:03.0140 2376 Null - ok 14:12:03.0203 2376 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 14:12:03.0296 2376 NwlnkFlt - ok 14:12:03.0296 2376 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 14:12:03.0406 2376 NwlnkFwd - ok 14:12:03.0437 2376 O2MDRDR (948aefc4db1e6cc5a8d9fc5740aee392) C:\WINDOWS\system32\DRIVERS\o2media.sys 14:12:03.0453 2376 O2MDRDR - ok 14:12:03.0468 2376 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys 14:12:03.0468 2376 O2SDRDR - ok 14:12:03.0531 2376 OEM13Afx (58f478fd0115012ceec75fb73628901c) C:\WINDOWS\system32\Drivers\OEM13Afx.sys 14:12:03.0578 2376 OEM13Afx - ok 14:12:03.0609 2376 OEM13Vfx (86326062a90494bdd79ce383511d7d69) C:\WINDOWS\system32\DRIVERS\OEM13Vfx.sys 14:12:03.0640 2376 OEM13Vfx - ok 14:12:03.0656 2376 OEM13Vid (8d9d3b1b24105796c9b9b1473dec2d70) C:\WINDOWS\system32\DRIVERS\OEM13Vid.sys 14:12:03.0703 2376 OEM13Vid - ok 14:12:03.0750 2376 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 14:12:03.0859 2376 ohci1394 - ok 14:12:03.0859 2376 OMCI - ok 14:12:03.0906 2376 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 14:12:04.0015 2376 Parport - ok 14:12:04.0031 2376 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 14:12:04.0125 2376 PartMgr - ok 14:12:04.0156 2376 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 14:12:04.0250 2376 ParVdm - ok 14:12:04.0250 2376 PbsAuDrv - ok 14:12:04.0281 2376 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 14:12:04.0390 2376 PCI - ok 14:12:04.0406 2376 PCIDump - ok 14:12:04.0421 2376 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 14:12:04.0515 2376 PCIIde - ok 14:12:04.0546 2376 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 14:12:04.0640 2376 Pcmcia - ok 14:12:04.0656 2376 PDCOMP - ok 14:12:04.0656 2376 PDFRAME - ok 14:12:04.0671 2376 PDRELI - ok 14:12:04.0687 2376 PDRFRAME - ok 14:12:04.0687 2376 perc2 - ok 14:12:04.0703 2376 perc2hib - ok 14:12:04.0750 2376 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:12:04.0859 2376 PptpMiniport - ok 14:12:04.0875 2376 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 14:12:04.0968 2376 PSched - ok 14:12:05.0000 2376 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 14:12:05.0109 2376 Ptilink - ok 14:12:05.0109 2376 ql1080 - ok 14:12:05.0125 2376 Ql10wnt - ok 14:12:05.0140 2376 ql12160 - ok 14:12:05.0140 2376 ql1240 - ok 14:12:05.0156 2376 ql1280 - ok 14:12:05.0203 2376 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:12:05.0296 2376 RasAcd - ok 14:12:05.0328 2376 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:12:05.0421 2376 Rasl2tp - ok 14:12:05.0421 2376 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:12:05.0546 2376 RasPppoe - ok 14:12:05.0546 2376 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 14:12:05.0640 2376 Raspti - ok 14:12:05.0671 2376 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:12:05.0781 2376 Rdbss - ok 14:12:05.0812 2376 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 14:12:05.0921 2376 RDPCDD - ok 14:12:05.0984 2376 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 14:12:06.0078 2376 rdpdr - ok 14:12:06.0125 2376 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 14:12:06.0171 2376 RDPWD - ok 14:12:06.0234 2376 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 14:12:06.0328 2376 redbook - ok 14:12:06.0375 2376 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 14:12:06.0500 2376 rtl8139 - ok 14:12:06.0546 2376 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 14:12:06.0625 2376 RTLE8023xp - ok 14:12:06.0671 2376 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 14:12:06.0859 2376 sdbus - ok 14:12:06.0890 2376 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 14:12:06.0953 2376 Secdrv - ok 14:12:07.0000 2376 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 14:12:07.0093 2376 Serial - ok 14:12:07.0109 2376 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 14:12:07.0203 2376 Sfloppy - ok 14:12:07.0218 2376 Simbad - ok 14:12:07.0250 2376 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 14:12:07.0343 2376 SLIP - ok 14:12:07.0359 2376 Sparrow - ok 14:12:07.0484 2376 SPBBCDrv (e87cf104f12c92401c4d33c50a3d5dc8) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 14:12:07.0500 2376 SPBBCDrv - ok 14:12:07.0562 2376 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 14:12:07.0656 2376 splitter - ok 14:12:07.0718 2376 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 14:12:07.0781 2376 sr - ok 14:12:07.0828 2376 SRTSP (b36f8d6a02ff2b3a53e250a629782f29) C:\WINDOWS\system32\Drivers\SRTSP.SYS 14:12:07.0828 2376 SRTSP - ok 14:12:07.0906 2376 SRTSPL (e99bd98ac171a29fc1ba9376be87ae73) C:\WINDOWS\system32\Drivers\SRTSPL.SYS 14:12:07.0921 2376 SRTSPL - ok 14:12:07.0953 2376 SRTSPX (1af34729898063e9b7df8d149d767e07) C:\WINDOWS\system32\Drivers\SRTSPX.SYS 14:12:07.0968 2376 SRTSPX - ok 14:12:08.0000 2376 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 14:12:08.0109 2376 Srv - ok 14:12:08.0156 2376 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 14:12:08.0312 2376 streamip - ok 14:12:08.0375 2376 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 14:12:08.0531 2376 swenum - ok 14:12:08.0578 2376 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 14:12:08.0734 2376 swmidi - ok 14:12:08.0734 2376 symc810 - ok 14:12:08.0750 2376 symc8xx - ok 14:12:08.0781 2376 SymEvent (e42a34e6f5ca71a84d4c2de620aad13d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 14:12:08.0796 2376 SymEvent - ok 14:12:08.0859 2376 SYMREDRV (394b2368212114d538316812af60fddd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 14:12:08.0859 2376 SYMREDRV - ok 14:12:08.0921 2376 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\WINDOWS\System32\Drivers\SYMTDI.SYS 14:12:08.0937 2376 SYMTDI - ok 14:12:08.0953 2376 sym_hi - ok 14:12:08.0953 2376 sym_u3 - ok 14:12:09.0000 2376 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 14:12:09.0140 2376 sysaudio - ok 14:12:09.0218 2376 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:12:09.0328 2376 Tcpip - ok 14:12:09.0375 2376 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 14:12:09.0531 2376 TDPIPE - ok 14:12:09.0562 2376 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 14:12:09.0718 2376 TDTCP - ok 14:12:09.0781 2376 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 14:12:09.0937 2376 TermDD - ok 14:12:09.0968 2376 TosIde - ok 14:12:10.0015 2376 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 14:12:10.0171 2376 Udfs - ok 14:12:10.0187 2376 ultra - ok 14:12:10.0234 2376 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 14:12:10.0390 2376 Update - ok 14:12:10.0437 2376 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 14:12:10.0500 2376 USBAAPL - ok 14:12:10.0546 2376 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 14:12:10.0640 2376 usbccgp - ok 14:12:10.0687 2376 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 14:12:10.0796 2376 usbehci - ok 14:12:10.0828 2376 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 14:12:10.0921 2376 usbhub - ok 14:12:10.0953 2376 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 14:12:11.0062 2376 usbprint - ok 14:12:11.0109 2376 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 14:12:11.0203 2376 usbscan - ok 14:12:11.0281 2376 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 14:12:11.0375 2376 USBSTOR - ok 14:12:11.0421 2376 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 14:12:11.0515 2376 usbuhci - ok 14:12:11.0562 2376 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 14:12:11.0656 2376 usbvideo - ok 14:12:11.0718 2376 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 14:12:11.0812 2376 VgaSave - ok 14:12:11.0812 2376 ViaIde - ok 14:12:11.0859 2376 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 14:12:11.0953 2376 VolSnap - ok 14:12:11.0984 2376 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:12:12.0078 2376 Wanarp - ok 14:12:12.0093 2376 WDICA - ok 14:12:12.0156 2376 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 14:12:12.0250 2376 wdmaud - ok 14:12:12.0296 2376 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 14:12:12.0390 2376 WmiAcpi - ok 14:12:12.0421 2376 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 14:12:12.0515 2376 WS2IFSL - ok 14:12:12.0546 2376 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 14:12:12.0625 2376 WSTCODEC - ok 14:12:12.0656 2376 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 14:12:12.0703 2376 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected 14:12:12.0703 2376 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0) 14:12:12.0703 2376 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 14:12:12.0703 2376 \Device\Harddisk0\DR0 - detected TDSS File System (1) 14:12:12.0703 2376 Boot (0x1200) (23658495a4e67bbe3055dd2baddb6a38) \Device\Harddisk0\DR0\Partition0 14:12:12.0703 2376 \Device\Harddisk0\DR0\Partition0 - ok 14:12:12.0703 2376 ============================================================ 14:12:12.0703 2376 Scan finished 14:12:12.0703 2376 ============================================================ 14:12:12.0812 2388 Detected object count: 3 14:12:12.0812 2388 Actual detected object count: 3 14:12:57.0671 2388 BCMWLNPF ( UnsignedFile.Multi.Generic ) - skipped by user 14:12:57.0671 2388 BCMWLNPF ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:12:58.0437 2388 \Device\Harddisk0\DR0\# - copied to quarantine 14:12:58.0437 2388 \Device\Harddisk0\DR0 - copied to quarantine 14:12:58.0468 2388 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine 14:12:58.0484 2388 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine 14:12:58.0484 2388 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine 14:12:58.0578 2388 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 14:12:58.0578 2388 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 14:12:58.0578 2388 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 14:12:58.0593 2388 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 14:12:58.0609 2388 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 14:12:58.0625 2388 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 14:12:58.0640 2388 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 14:12:58.0656 2388 \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine 14:12:58.0671 2388 \Device\Harddisk0\DR0\TDLFS\r.dll - copied to quarantine 14:12:58.0671 2388 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot 14:12:58.0671 2388 \Device\Harddisk0\DR0 - ok 14:12:58.0671 2388 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure 14:12:58.0671 2388 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 14:12:58.0671 2388 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 14:13:27.0390 0700 Deinitialize success
  12. I don't think the malware is gone. Malware bytes always reports that it has blocked access to some malicious site..
  13. Is there any hope or is formatting the system the only option?
  14. Can you pls provide the exact locations of the text files? As I don't find those. What else can I try to solve the issue?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.