Got a virus, It hide all my programs/files

May 24, 2011 at 10:32:05
Specs: Windows Vista
Well i was using a youtube converter then bam, i got like 8 pop ups, and my computer started lagging, so i turned on malwarebytes, AVG 8.0, search and destroy, and superantispyware. But then my computer shut down, and when it booted up, all my icons were missing, task bar, everything. Background was black, So i went to control panel and click show all hidden folders, and there it all was. So i got all my icons and stuff back. But now when i go on the internet and click a link in google it'll send me to some dumb pop up, or ad website? i can't figure that out. and when i scanned my computer when i got it back on, it found nothing?

Any advice would be GREEAT ! thanks :)


See More: Got a virus, It hide all my programs/files

Report •

#1
May 24, 2011 at 11:24:48
Patterson,

Please download TDSSKiller
http://support.kaspersky.com/downlo...
Save it to the Desktop.

Double-click* on TDSSKiller.exe to run the tool for known TDSS variants.
(*Vista/Windows 7 users right-click and select Run As Administrator)

Click the Start Scan button.

Do not use the computer during the scan

If the scan completes with nothing found, click Close to exit.

If malicious objects are found, they will show in the Scan results
Select action for found objects offers three options...
Select: Cure (default), then click Continue

Reboot to finish the cleaning process.

A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) is created and saved to the root directory (usually Local Disk C:).

>>Please provide the contents of TDSSKiller in your reply.<<

Also download aswMBR:
http://public.avast.com/~gmerek/asw...
Save to the Desktop.

If the file does not download, copy the following to the address bar of your browser. Do not include the brackets!

[http://public.avast.com/~gmerek/aswMBR.exe]

Double click the aswMBR.exe icon to run it
Click the Scan button to start the scan
On completion of the scan, click the save log button
Save it to the Desktop.

>>Also post the aswMBR log in your reply.<<


Report •

#2
May 26, 2011 at 23:31:33
Heyy thanks alot !

2011/05/24 23:55:39.0400 5964 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/24 23:55:40.0119 5964 ================================================================================
2011/05/24 23:55:40.0119 5964 SystemInfo:
2011/05/24 23:55:40.0120 5964
2011/05/24 23:55:40.0120 5964 OS Version: 6.0.6002 ServicePack: 2.0
2011/05/24 23:55:40.0120 5964 Product type: Workstation
2011/05/24 23:55:40.0120 5964 ComputerName: KRISTINE-PC
2011/05/24 23:55:40.0120 5964 UserName: Rylan
2011/05/24 23:55:40.0120 5964 Windows directory: C:\Windows
2011/05/24 23:55:40.0120 5964 System windows directory: C:\Windows
2011/05/24 23:55:40.0120 5964 Processor architecture: Intel x86
2011/05/24 23:55:40.0120 5964 Number of processors: 2
2011/05/24 23:55:40.0120 5964 Page size: 0x1000
2011/05/24 23:55:40.0120 5964 Boot type: Normal boot
2011/05/24 23:55:40.0120 5964 ================================================================================
2011/05/24 23:55:41.0920 5964 Initialize success
2011/05/24 23:56:13.0351 6012 ================================================================================
2011/05/24 23:56:13.0351 6012 Scan started
2011/05/24 23:56:13.0351 6012 Mode: Manual;
2011/05/24 23:56:13.0351 6012 ================================================================================
2011/05/24 23:56:14.0802 6012 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/05/24 23:56:14.0927 6012 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/24 23:56:14.0989 6012 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/24 23:56:15.0036 6012 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/24 23:56:15.0083 6012 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/24 23:56:15.0176 6012 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/05/24 23:56:15.0301 6012 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2011/05/24 23:56:15.0363 6012 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/24 23:56:15.0395 6012 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys
2011/05/24 23:56:15.0426 6012 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2011/05/24 23:56:15.0473 6012 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys
2011/05/24 23:56:15.0504 6012 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/24 23:56:15.0535 6012 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/24 23:56:15.0613 6012 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/24 23:56:15.0675 6012 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/24 23:56:15.0738 6012 asusgsb (b6e6b264e9c4d0ad0e97af8434c8754d) C:\Windows\system32\drivers\asusgsb.sys
2011/05/24 23:56:15.0785 6012 ASUSVRC (94442e3029ff6c9f08140fe6718af4fb) C:\Windows\system32\DRIVERS\AsusVRC.sys
2011/05/24 23:56:15.0847 6012 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/24 23:56:15.0894 6012 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/05/24 23:56:16.0034 6012 atkdisplf (409aafbd2642813f2c1bb446c816e354) C:\Windows\system32\drivers\ATKDispLowFilter.sys
2011/05/24 23:56:16.0143 6012 AVGIDSDriver (97824e8c95d9717777abd46a7b632310) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/05/24 23:56:16.0190 6012 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/05/24 23:56:16.0237 6012 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/05/24 23:56:16.0284 6012 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
2011/05/24 23:56:16.0346 6012 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
2011/05/24 23:56:16.0393 6012 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
2011/05/24 23:56:16.0424 6012 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
2011/05/24 23:56:16.0487 6012 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
2011/05/24 23:56:16.0611 6012 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/05/24 23:56:16.0721 6012 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/24 23:56:16.0814 6012 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/24 23:56:16.0861 6012 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/24 23:56:16.0908 6012 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/24 23:56:16.0939 6012 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/24 23:56:16.0970 6012 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/24 23:56:16.0986 6012 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/24 23:56:17.0017 6012 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/24 23:56:17.0079 6012 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/24 23:56:17.0126 6012 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/24 23:56:17.0189 6012 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/24 23:56:17.0235 6012 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/05/24 23:56:17.0391 6012 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys
2011/05/24 23:56:17.0423 6012 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/05/24 23:56:17.0454 6012 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/24 23:56:17.0485 6012 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/24 23:56:17.0532 6012 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/05/24 23:56:17.0641 6012 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/05/24 23:56:17.0719 6012 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/05/24 23:56:17.0922 6012 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/05/24 23:56:18.0000 6012 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2011/05/24 23:56:18.0062 6012 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/24 23:56:18.0156 6012 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/05/24 23:56:18.0218 6012 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/24 23:56:18.0468 6012 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/05/24 23:56:18.0780 6012 eeCtrl (31c959319ef45b548d2111e338412270) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/05/24 23:56:18.0858 6012 EIO (42584ec72495f4da1704123a20ac1012) C:\Windows\system32\DRIVERS\EIO.sys
2011/05/24 23:56:18.0936 6012 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/24 23:56:19.0029 6012 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/05/24 23:56:19.0076 6012 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/05/24 23:56:19.0123 6012 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/24 23:56:19.0217 6012 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/05/24 23:56:19.0279 6012 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/05/24 23:56:19.0326 6012 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/24 23:56:19.0357 6012 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/05/24 23:56:19.0451 6012 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/05/24 23:56:19.0529 6012 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/24 23:56:19.0575 6012 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/24 23:56:19.0653 6012 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/05/24 23:56:19.0747 6012 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/05/24 23:56:19.0794 6012 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/24 23:56:19.0841 6012 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/24 23:56:19.0872 6012 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/24 23:56:19.0919 6012 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/24 23:56:19.0950 6012 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/24 23:56:20.0246 6012 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/05/24 23:56:20.0324 6012 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
2011/05/24 23:56:20.0371 6012 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/05/24 23:56:20.0418 6012 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/24 23:56:20.0589 6012 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/24 23:56:20.0761 6012 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2011/05/24 23:56:20.0855 6012 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/24 23:56:21.0619 6012 igfx (4b1ac83548269f1829803b4c88be6c83) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/24 23:56:22.0430 6012 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/24 23:56:23.0148 6012 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/24 23:56:23.0444 6012 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/24 23:56:23.0569 6012 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/24 23:56:23.0678 6012 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/24 23:56:23.0772 6012 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/24 23:56:23.0850 6012 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
2011/05/24 23:56:23.0912 6012 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/05/24 23:56:24.0006 6012 irsir (5896b5ff6332ab2be1582523e9656a67) C:\Windows\system32\DRIVERS\irsir.sys
2011/05/24 23:56:24.0037 6012 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2011/05/24 23:56:24.0084 6012 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/24 23:56:24.0115 6012 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/24 23:56:24.0146 6012 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/24 23:56:24.0209 6012 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/24 23:56:24.0271 6012 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/24 23:56:24.0349 6012 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/05/24 23:56:24.0552 6012 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/24 23:56:24.0708 6012 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/24 23:56:24.0864 6012 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/24 23:56:24.0926 6012 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/24 23:56:24.0989 6012 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/24 23:56:25.0035 6012 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/05/24 23:56:25.0113 6012 MBAMSwissArmy (d68e165c3123aba3b1282eddb4213bd8) C:\Windows\system32\drivers\mbamswissarmy.sys
2011/05/24 23:56:25.0207 6012 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/24 23:56:25.0269 6012 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/24 23:56:25.0363 6012 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/05/24 23:56:25.0457 6012 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/24 23:56:25.0550 6012 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/24 23:56:25.0613 6012 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/24 23:56:25.0659 6012 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/05/24 23:56:25.0722 6012 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/24 23:56:25.0815 6012 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/24 23:56:25.0893 6012 mr97310c (42e1562ac94d54ca53bae4550bd60032) C:\Windows\system32\DRIVERS\mr97310c.sys
2011/05/24 23:56:25.0956 6012 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/24 23:56:25.0987 6012 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/05/24 23:56:26.0034 6012 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/24 23:56:26.0190 6012 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/24 23:56:26.0268 6012 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/24 23:56:26.0315 6012 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
2011/05/24 23:56:26.0361 6012 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/24 23:56:26.0439 6012 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/05/24 23:56:26.0502 6012 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/05/24 23:56:26.0595 6012 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/24 23:56:26.0627 6012 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/24 23:56:26.0642 6012 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/05/24 23:56:26.0814 6012 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/05/24 23:56:26.0892 6012 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/24 23:56:26.0923 6012 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/05/24 23:56:26.0970 6012 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/05/24 23:56:27.0048 6012 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/24 23:56:27.0110 6012 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/05/24 23:56:27.0204 6012 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/24 23:56:27.0282 6012 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/24 23:56:27.0391 6012 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/24 23:56:27.0485 6012 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/05/24 23:56:27.0563 6012 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/24 23:56:27.0609 6012 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/24 23:56:27.0687 6012 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/24 23:56:27.0812 6012 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/05/24 23:56:27.0890 6012 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/24 23:56:28.0140 6012 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/05/24 23:56:28.0187 6012 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/24 23:56:28.0265 6012 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/05/24 23:56:28.0374 6012 NVHDA (a82534d453425f5fee4b6a583fdcf3eb) C:\Windows\system32\drivers\nvhda32v.sys
2011/05/24 23:56:30.0667 6012 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/24 23:56:31.0509 6012 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/24 23:56:31.0712 6012 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/24 23:56:31.0775 6012 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2011/05/24 23:56:31.0868 6012 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/05/24 23:56:31.0931 6012 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/24 23:56:31.0993 6012 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/05/24 23:56:32.0071 6012 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/24 23:56:32.0118 6012 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/05/24 23:56:32.0196 6012 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/05/24 23:56:32.0258 6012 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/24 23:56:32.0336 6012 PCTCore (aa9cfa67850893fbb168b9c4e4c86952) C:\Windows\system32\drivers\PCTCore.sys
2011/05/24 23:56:32.0804 6012 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/24 23:56:33.0257 6012 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/24 23:56:33.0319 6012 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/24 23:56:33.0413 6012 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/24 23:56:33.0506 6012 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/24 23:56:33.0818 6012 QCDonner (b1ad87b4c97b6b59fcd075001e76865f) C:\Windows\system32\DRIVERS\LVCD.sys
2011/05/24 23:56:34.0224 6012 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/24 23:56:34.0364 6012 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/24 23:56:34.0505 6012 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/24 23:56:34.0817 6012 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/24 23:56:34.0895 6012 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/24 23:56:34.0957 6012 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/24 23:56:35.0035 6012 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/24 23:56:35.0066 6012 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/24 23:56:35.0175 6012 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/24 23:56:35.0238 6012 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/24 23:56:35.0425 6012 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2011/05/24 23:56:35.0519 6012 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/24 23:56:35.0643 6012 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/05/24 23:56:35.0768 6012 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2011/05/24 23:56:35.0909 6012 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/24 23:56:36.0002 6012 RTL8169 (912c0a8c7e9b2467cf6dae1b64b72779) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/05/24 23:56:36.0189 6012 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/05/24 23:56:36.0267 6012 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/05/24 23:56:36.0314 6012 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/24 23:56:36.0423 6012 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/24 23:56:36.0486 6012 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/24 23:56:36.0548 6012 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/05/24 23:56:36.0626 6012 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/05/24 23:56:36.0735 6012 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/05/24 23:56:36.0767 6012 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/24 23:56:36.0813 6012 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/24 23:56:36.0845 6012 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/05/24 23:56:36.0891 6012 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2011/05/24 23:56:36.0954 6012 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/24 23:56:36.0985 6012 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/24 23:56:37.0047 6012 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/05/24 23:56:37.0157 6012 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/05/24 23:56:37.0250 6012 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/24 23:56:37.0313 6012 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/24 23:56:37.0375 6012 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/24 23:56:37.0453 6012 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/24 23:56:37.0547 6012 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/24 23:56:37.0609 6012 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/24 23:56:37.0640 6012 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/24 23:56:37.0843 6012 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/05/24 23:56:37.0890 6012 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/24 23:56:38.0202 6012 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/24 23:56:38.0280 6012 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/05/24 23:56:38.0358 6012 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/05/24 23:56:38.0405 6012 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/24 23:56:38.0514 6012 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/24 23:56:38.0607 6012 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/24 23:56:38.0685 6012 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/24 23:56:38.0748 6012 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/24 23:56:38.0857 6012 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/24 23:56:39.0044 6012 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/24 23:56:39.0169 6012 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/24 23:56:39.0200 6012 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/24 23:56:39.0231 6012 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/24 23:56:39.0263 6012 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/24 23:56:39.0419 6012 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/24 23:56:39.0512 6012 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/24 23:56:39.0606 6012 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/24 23:56:39.0746 6012 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/05/24 23:56:39.0840 6012 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/24 23:56:39.0887 6012 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/24 23:56:39.0949 6012 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/05/24 23:56:40.0027 6012 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/24 23:56:40.0214 6012 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/24 23:56:40.0323 6012 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/05/24 23:56:40.0448 6012 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/24 23:56:40.0557 6012 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/24 23:56:40.0635 6012 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/24 23:56:40.0698 6012 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/24 23:56:40.0791 6012 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/24 23:56:40.0854 6012 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/05/24 23:56:40.0932 6012 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2011/05/24 23:56:40.0963 6012 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/24 23:56:40.0994 6012 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys
2011/05/24 23:56:41.0041 6012 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/05/24 23:56:41.0197 6012 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/05/24 23:56:41.0275 6012 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys
2011/05/24 23:56:41.0275 6012 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093
2011/05/24 23:56:41.0291 6012 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/05/24 23:56:41.0322 6012 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/24 23:56:41.0571 6012 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/24 23:56:41.0649 6012 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/24 23:56:41.0681 6012 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/24 23:56:41.0743 6012 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/24 23:56:41.0868 6012 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/24 23:56:42.0741 6012 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/05/24 23:56:43.0116 6012 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/24 23:56:43.0303 6012 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/24 23:56:43.0428 6012 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/24 23:56:43.0553 6012 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/24 23:56:43.0631 6012 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/05/24 23:56:43.0709 6012 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/05/24 23:56:43.0740 6012 ================================================================================
2011/05/24 23:56:43.0740 6012 Scan finished
2011/05/24 23:56:43.0740 6012 ================================================================================
2011/05/24 23:56:43.0755 1824 Detected object count: 1
2011/05/24 23:56:43.0755 1824 Actual detected object count: 1
2011/05/24 23:56:56.0703 1824 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys
2011/05/24 23:56:56.0703 1824 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093
2011/05/24 23:57:01.0477 1824 Backup copy found, using it..
2011/05/24 23:57:01.0493 1824 C:\Windows\system32\drivers\volsnap.sys - will be cured after reboot
2011/05/24 23:57:01.0493 1824 Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure
2011/05/24 23:57:05.0564 4828 Deinitialize success


aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-05-26 23:27:53
-----------------------------
23:27:53.123 OS Version: Windows 6.0.6002 Service Pack 2
23:27:53.123 Number of processors: 2 586 0xF02
23:27:53.123 ComputerName: KRISTINE-PC UserName: Rylan
23:27:55.369 Initialize success
23:28:04.667 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
23:28:04.667 Disk 0 Vendor: SAMSUNG_HD161HJ JF100-15 Size: 152587MB BusType: 3
23:28:06.710 Disk 0 MBR read successfully
23:28:06.710 Disk 0 MBR scan
23:28:06.710 Disk 0 unknown MBR code
23:28:08.723 Disk 0 scanning sectors +312496128
23:28:08.738 Disk 0 scanning C:\Windows\system32\drivers
23:28:16.741 Service scanning
23:28:24.229 Disk 0 trace - called modules:
23:28:24.245 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
23:28:24.245 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8909f220]
23:28:24.245 3 CLASSPNP.SYS[8bba68b3] -> nt!IofCallDriver -> [0x889ff918]
23:28:24.260 5 acpi.sys[864926bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x889db030]
23:28:24.260 Scan finished successfully
23:28:44.618 Disk 0 MBR has been saved successfully to "C:\Users\Rylan\Documents\MBR.dat"
23:28:44.634 The log file has been saved successfully to "C:\Users\Rylan\Documents\aswMBR.txt"


theres all the logs lol.


Report •

#3
May 27, 2011 at 06:09:05
One more step...

Kaspersky did its job with TDSSKiller, so let's hunt some more with another Kaspersky tool...

Please download the Kaspersky Virus Removal Tool:
http://support.kaspersky.com/viruse...

Save it to your Desktop
Right click the downloaded setup file, and select: Run as Administrator

At the main screen of the tool, in the AutoScan tab, make sure the first three options are checked
Next, scroll down to check the box next to the C:/ drive

Click on Start Scan

When the scan is finished, click on: Report (at the bottom)

In the Detailed Report screen, make sure the three buttons at the top are set to:
Autoscan, Do not group, and, Important events
Click on Save, and save to the Desktop

>>Please provide the Kaspersky Virus Removal Tool in your reply.<<


When done with the tool, uninstall it by doing the following:
In the bottom right corner of the main window, click the Exit button
Click the Yes button on the prompt to uninstall
Restart the computer to delete the Kaspersky Virus Removal Tool.



Report •

Related Solutions

#4
May 28, 2011 at 00:39:19
Autoscan: completed 10 hours ago (events: 9, objects: 722490, time: 02:52:24)
27/05/2011 11:30:31 AM Task started
27/05/2011 11:59:08 AM Detected: Trojan-Clicker.WMA.Agent.d C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\Braid - There Is A Light (Smiths Cover).wma
27/05/2011 11:59:24 AM Detected: Trojan-Downloader.WMA.GetCodec.u C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\anubis septic flesh.mp3
27/05/2011 12:00:33 PM Detected: Trojan-Downloader.WMA.Wimad.y C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\tears dont fsll.wma
27/05/2011 12:06:26 PM Disinfected: Trojan-Downloader.WMA.GetCodec.u C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\anubis septic flesh.mp3
27/05/2011 12:06:26 PM Disinfected: Trojan-Downloader.WMA.GetCodec.u C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\anubis septic flesh.mp3
27/05/2011 12:07:22 PM Deleted: Trojan-Clicker.WMA.Agent.d C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\Braid - There Is A Light (Smiths Cover).wma
27/05/2011 12:07:38 PM Deleted: Trojan-Downloader.WMA.Wimad.y C:\Documents and Settings\Rylan\Desktop\Lime wire tunes\tears dont fsll.wma
27/05/2011 2:22:55 PM Task completed

Report •

#5
May 31, 2011 at 18:08:34
any ideas?

Report •

#6
May 31, 2011 at 21:22:19
Are you still getting redirections?

Report •

Ask Question