Jump to content

duwan

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

Reputation

0 Neutral
  1. duwan
    I couldn't locate a new fresh DDS log in my computer. Do you know where it went? Thanks.
  2. duwan
    Hi Maniac, Below is TDSSKiller log txt. The virus seems killed. 2011/03/23 10:52:57.0281 1732 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/03/23 10:52:57.0562 1732 ================================================================================ 2011/03/23 10:52:57.0562 1732 SystemInfo: 2011/03/23 10:52:57.0562 1732 2011/03/23 10:52:57.0562 1732 OS Version: 5.1.2600 ServicePack: 3.0 2011/03/23 10:52:57.0562 1732 Product type: Workstation 2011/03/23 10:52:57.0562 1732 ComputerName: VENUS 2011/03/23 10:52:57.0562 1732 UserName: Owner 2011/03/23 10:52:57.0562 1732 Windows directory: C:\WINDOWS 2011/03/23 10:52:57.0562 1732 System windows directory: C:\WINDOWS 2011/03/23 10:52:57.0562 1732 Processor architecture: Intel x86 2011/03/23 10:52:57.0562 1732 Number of processors: 1 2011/03/23 10:52:57.0562 1732 Page size: 0x1000 2011/03/23 10:52:57.0562 1732 Boot type: Normal boot 2011/03/23 10:52:57.0562 1732 ================================================================================ 2011/03/23 10:52:58.0703 1732 Initialize success 2011/03/23 10:53:04.0453 2148 ================================================================================ 2011/03/23 10:53:04.0453 2148 Scan started 2011/03/23 10:53:04.0453 2148 Mode: Manual; 2011/03/23 10:53:04.0453 2148 ================================================================================ 2011/03/23 10:53:06.0640 2148 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 2011/03/23 10:53:08.0500 2148 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/03/23 10:53:09.0468 2148 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/03/23 10:53:10.0531 2148 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys 2011/03/23 10:53:12.0046 2148 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/03/23 10:53:12.0750 2148 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2011/03/23 10:53:13.0421 2148 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys 2011/03/23 10:53:16.0515 2148 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/03/23 10:53:18.0515 2148 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/03/23 10:53:19.0234 2148 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/03/23 10:53:20.0546 2148 atksgt (3c4b9850a2631c2263507400d029057b) C:\WINDOWS\system32\DRIVERS\atksgt.sys 2011/03/23 10:53:21.0203 2148 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/03/23 10:53:21.0750 2148 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/03/23 10:53:22.0265 2148 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 2011/03/23 10:53:23.0390 2148 BFdoLwr (97ae1bde3727b90b62082aa6583948c4) C:\WINDOWS\system32\DRIVERS\BFdoLwr.sys 2011/03/23 10:53:23.0968 2148 BFdoUpr (177593073d172e18e9c2b8e3579a5808) C:\WINDOWS\system32\DRIVERS\BFdoUpr.sys 2011/03/23 10:53:24.0546 2148 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys 2011/03/23 10:53:24.0750 2148 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys 2011/03/23 10:53:25.0250 2148 busenum (af2160b87647edf596e22579520c9447) C:\WINDOWS\system32\DRIVERS\busenum.sys 2011/03/23 10:53:25.0796 2148 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/03/23 10:53:26.0343 2148 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/03/23 10:53:27.0390 2148 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/03/23 10:53:28.0343 2148 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/03/23 10:53:29.0187 2148 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/03/23 10:53:34.0609 2148 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/03/23 10:53:36.0125 2148 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2011/03/23 10:53:37.0531 2148 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys 2011/03/23 10:53:38.0500 2148 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2011/03/23 10:53:39.0406 2148 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/03/23 10:53:40.0218 2148 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/03/23 10:53:41.0031 2148 DNE (01954d020887671fec9929172847f35d) C:\WINDOWS\system32\DRIVERS\dne2000.sys 2011/03/23 10:53:42.0468 2148 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/03/23 10:53:43.0265 2148 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/03/23 10:53:44.0125 2148 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/03/23 10:53:44.0890 2148 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2011/03/23 10:53:45.0625 2148 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/03/23 10:53:46.0406 2148 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/03/23 10:53:47.0265 2148 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/03/23 10:53:48.0093 2148 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/03/23 10:53:49.0343 2148 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/03/23 10:53:50.0250 2148 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS 2011/03/23 10:53:51.0140 2148 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/03/23 10:53:53.0203 2148 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/03/23 10:53:55.0359 2148 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/03/23 10:53:56.0218 2148 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/03/23 10:53:58.0375 2148 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/03/23 10:53:59.0093 2148 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/03/23 10:53:59.0843 2148 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/03/23 10:54:00.0687 2148 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/03/23 10:54:01.0718 2148 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/03/23 10:54:03.0093 2148 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/03/23 10:54:03.0843 2148 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/03/23 10:54:04.0578 2148 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/03/23 10:54:05.0453 2148 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/03/23 10:54:06.0468 2148 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/03/23 10:54:07.0234 2148 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/03/23 10:54:08.0015 2148 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/03/23 10:54:09.0406 2148 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys 2011/03/23 10:54:10.0453 2148 LucentSoftModem (d96ff9c7997a4311f6a5db9afcdea936) C:\WINDOWS\system32\DRIVERS\LTSM.sys 2011/03/23 10:54:12.0218 2148 MBAMSwissArmy (d68e165c3123aba3b1282eddb4213bd8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2011/03/23 10:54:12.0937 2148 MDC8021X (bee76ac58bb524523a84000ba8efe55a) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys 2011/03/23 10:54:13.0687 2148 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/03/23 10:54:14.0562 2148 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2011/03/23 10:54:15.0484 2148 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/03/23 10:54:16.0187 2148 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/03/23 10:54:16.0937 2148 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/03/23 10:54:18.0234 2148 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/03/23 10:54:19.0312 2148 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/03/23 10:54:20.0031 2148 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 2011/03/23 10:54:20.0640 2148 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/03/23 10:54:21.0296 2148 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/03/23 10:54:22.0093 2148 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/03/23 10:54:23.0125 2148 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/03/23 10:54:23.0671 2148 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/03/23 10:54:24.0171 2148 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/03/23 10:54:24.0718 2148 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/03/23 10:54:26.0109 2148 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/03/23 10:54:26.0796 2148 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/03/23 10:54:27.0343 2148 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/03/23 10:54:27.0937 2148 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/03/23 10:54:28.0531 2148 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/03/23 10:54:29.0109 2148 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/03/23 10:54:29.0812 2148 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/03/23 10:54:30.0359 2148 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/03/23 10:54:30.0953 2148 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/03/23 10:54:31.0718 2148 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/03/23 10:54:32.0281 2148 NPF (f498c5c3399a60933196fc215ef074f9) C:\WINDOWS\system32\drivers\npf.sys 2011/03/23 10:54:32.0890 2148 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/03/23 10:54:33.0687 2148 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/03/23 10:54:34.0687 2148 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/03/23 10:54:37.0140 2148 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/03/23 10:54:38.0875 2148 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/03/23 10:54:39.0703 2148 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/03/23 10:54:40.0421 2148 ofxrqq (e6d35f3aa51a65eb35c1f2340154a25e) C:\WINDOWS\system32\drivers\wciw.sys 2011/03/23 10:54:41.0296 2148 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/03/23 10:54:42.0140 2148 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/03/23 10:54:42.0921 2148 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/03/23 10:54:43.0625 2148 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/03/23 10:54:44.0390 2148 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/03/23 10:54:45.0750 2148 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/03/23 10:54:46.0593 2148 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/03/23 10:54:51.0453 2148 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/03/23 10:54:52.0328 2148 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/03/23 10:54:53.0093 2148 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/03/23 10:54:53.0859 2148 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/03/23 10:54:54.0640 2148 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys 2011/03/23 10:54:55.0453 2148 QCDonner (fddd1aeb9f81ef1e6e48ae1edc2a97d6) C:\WINDOWS\system32\DRIVERS\OVCD.sys 2011/03/23 10:54:59.0140 2148 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/03/23 10:54:59.0875 2148 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/03/23 10:55:00.0593 2148 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/03/23 10:55:01.0328 2148 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/03/23 10:55:02.0093 2148 rbew (e6d35f3aa51a65eb35c1f2340154a25e) C:\WINDOWS\system32\drivers\wbcwmji.sys 2011/03/23 10:55:02.0921 2148 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/03/23 10:55:03.0765 2148 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/03/23 10:55:04.0828 2148 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/03/23 10:55:05.0593 2148 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/03/23 10:55:06.0265 2148 reqbjdpu (e6d35f3aa51a65eb35c1f2340154a25e) C:\WINDOWS\system32\drivers\enybk.sys 2011/03/23 10:55:07.0140 2148 rtl8139 (d0ac0b0355a3ffb85eb77b083cd0627c) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 2011/03/23 10:55:08.0125 2148 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/03/23 10:55:08.0937 2148 Sentinel (4f290b3618de548fa0caa658dd39f78e) C:\WINDOWS\System32\Drivers\SENTINEL.SYS 2011/03/23 10:55:09.0781 2148 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 2011/03/23 10:55:10.0515 2148 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/03/23 10:55:12.0000 2148 SiS315 (5021c54419c48e852cd93e99ceb96c5a) C:\WINDOWS\system32\DRIVERS\sisgrp.sys 2011/03/23 10:55:12.0890 2148 sisagp (497ce69d7222df2758bec383cfd3638f) C:\WINDOWS\system32\DRIVERS\sisagp.sys 2011/03/23 10:55:13.0703 2148 SiSkp (0ba1bc20204db877236eb5f674879ed5) C:\WINDOWS\system32\drivers\srvkp.sys 2011/03/23 10:55:14.0468 2148 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/03/23 10:55:15.0453 2148 soma (fa197db78c086f8ebdf15c995375f091) C:\WINDOWS\system32\DRIVERS\soma.sys 2011/03/23 10:55:16.0515 2148 SONYWBMS (a8201c45292114606f6620d21275a5e1) C:\WINDOWS\system32\DRIVERS\SonyWBMS.SYS 2011/03/23 10:55:18.0000 2148 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/03/23 10:55:18.0796 2148 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/03/23 10:55:19.0765 2148 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/03/23 10:55:20.0687 2148 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/03/23 10:55:21.0437 2148 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/03/23 10:55:22.0156 2148 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/03/23 10:55:25.0312 2148 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/03/23 10:55:26.0078 2148 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/03/23 10:55:26.0828 2148 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/03/23 10:55:27.0468 2148 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/03/23 10:55:28.0093 2148 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/03/23 10:55:30.0218 2148 toaster (e26fa60eb06ccb84745ef411b4a26227) C:\WINDOWS\system32\DRIVERS\toaster.sys 2011/03/23 10:55:31.0312 2148 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/03/23 10:55:32.0531 2148 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/03/23 10:55:33.0750 2148 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/03/23 10:55:34.0250 2148 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/03/23 10:55:34.0843 2148 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/03/23 10:55:35.0437 2148 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/03/23 10:55:36.0031 2148 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/03/23 10:55:36.0593 2148 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/03/23 10:55:37.0156 2148 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/03/23 10:55:37.0718 2148 USB_RNDIS_XP (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys 2011/03/23 10:55:38.0312 2148 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/03/23 10:55:39.0328 2148 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/03/23 10:55:39.0953 2148 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/03/23 10:55:40.0484 2148 wanatw (ba1d9278448cb26152a18b6a06b61ea3) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 2011/03/23 10:55:41.0562 2148 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/03/23 10:55:42.0171 2148 WDM_YAMAHAAC97 (dce25235272a28ed34780ac4c848fc3f) C:\WINDOWS\system32\drivers\yacxgc.sys 2011/03/23 10:55:43.0000 2148 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 2011/03/23 10:55:43.0546 2148 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/03/23 10:55:43.0781 2148 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/03/23 10:55:43.0843 2148 ================================================================================ 2011/03/23 10:55:43.0843 2148 Scan finished 2011/03/23 10:55:43.0843 2148 ================================================================================ 2011/03/23 10:55:43.0890 1772 Detected object count: 1 2011/03/23 10:57:16.0375 1772 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/03/23 10:57:16.0375 1772 \HardDisk0 - ok 2011/03/23 10:57:16.0375 1772 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure 2011/03/23 10:57:41.0437 2132 Deinitialize success
  3. duwan
    There you go... . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . . ==== Hosts File Hijack ====================== . Hosts: 74.125.45.100 4-open-davinci.com Hosts: 74.125.45.100 securitysoftwarepayments.com Hosts: 74.125.45.100 privatesecuredpayments.com Hosts: 74.125.45.100 secure.privatesecuredpayments.com Hosts: 74.125.45.100 getantivirusplusnow.com Hosts: 74.125.45.100 secure-plus-payments.com Hosts: 74.125.45.100 www.getantivirusplusnow.com Hosts: 74.125.45.100 www.secure-plus-payments.com Hosts: 74.125.45.100 www.getavplusnow.com Hosts: 74.125.45.100 safebrowsing-cache.google.com Hosts: 74.125.45.100 urs.microsoft.com Hosts: 74.125.45.100 www.securesoftwarebill.com Hosts: 74.125.45.100 secure.paysecuresystem.com Hosts: 74.125.45.100 paysoftbillsolution.com Hosts: 74.125.45.100 protected.maxisoftwaremart.com Hosts: 74.55.47.101 www.google.com Hosts: 74.55.47.101 google.com Hosts: 74.55.47.101 google.com.au Hosts: 74.55.47.101 www.google.com.au Hosts: 74.55.47.101 google.be Hosts: 74.55.47.101 www.google.be Hosts: 74.55.47.101 google.com.br Hosts: 74.55.47.101 www.google.com.br Hosts: 74.55.47.101 google.ca Hosts: 74.55.47.101 www.google.ca Hosts: 74.55.47.101 google.ch Hosts: 74.55.47.101 www.google.ch Hosts: 74.55.47.101 google.de Hosts: 74.55.47.101 www.google.de Hosts: 74.55.47.101 google.dk Hosts: 74.55.47.101 www.google.dk Hosts: 74.55.47.101 google.fr Hosts: 74.55.47.101 www.google.fr Hosts: 74.55.47.101 google.ie Hosts: 74.55.47.101 www.google.ie Hosts: 74.55.47.101 google.it Hosts: 74.55.47.101 www.google.it Hosts: 74.55.47.101 google.co.jp Hosts: 74.55.47.101 www.google.co.jp Hosts: 74.55.47.101 google.nl Hosts: 74.55.47.101 www.google.nl Hosts: 74.55.47.101 google.no Hosts: 74.55.47.101 www.google.no Hosts: 74.55.47.101 google.co.nz Hosts: 74.55.47.101 www.google.co.nz Hosts: 74.55.47.101 google.pl Hosts: 74.55.47.101 www.google.pl Hosts: 74.55.47.101 google.se Hosts: 74.55.47.101 www.google.se Hosts: 74.55.47.101 google.co.uk Hosts: 74.55.47.101 www.google.co.uk Hosts: 74.55.47.101 google.co.za Hosts: 74.55.47.101 www.google.co.za Hosts: 74.55.47.101 www.google-analytics.com Hosts: 74.55.47.101 www.bing.com Hosts: 74.55.47.101 search.yahoo.com Hosts: 74.55.47.101 www.search.yahoo.com Hosts: 74.55.47.101 uk.search.yahoo.com Hosts: 74.55.47.101 ca.search.yahoo.com Hosts: 74.55.47.101 de.search.yahoo.com Hosts: 74.55.47.101 fr.search.yahoo.com Hosts: 74.55.47.101 au.search.yahoo.com . ==== Installed Programs ====================== .
  4. duwan
    Attach.txt DDS.txt
  5. duwan
    Thank you Maniac. The two files are attached. Duwan
  6. duwan
    It looks like my laptop is infected by WhiteSmoke virus/spyware as well. On the desktop, there is a shortcut called WhiteSmoke (continue installation), another call RebateInformer. MalwareBytes doesn't seems to able able to cleanly remove it. After we tried that, it keeps coming back. Even worse, the laptop currently crashes at windows startup with a blue screen, saying IRQL_NOT_LESS_OR_EQUAL. I speculate that some driver file was corrupted when killing the virus? I am not sure. Another symptom is I can't turn on McAfee real-time scanning. Attempts to turn it on always end up with it disabled again. Help is appreciated! Thanks!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.