[MrJc]

according to eset its still being detected even tho there is no change in my computer performance at all

[Advertisements]

Does it give a location for it ?

Lets re-run OTL

But this time could you select all users at the top

[Essexboy]

Does it give a location for it ?

Lets re-run OTL

But this time could you select all users at the top

[MrJc]

It says Mbr sector of the 2. physical disk (for the location) that about all it says other than the name of the trojan also for the OTL would you like quick scan or just runs can?

[Essexboy]

It is stating the MBR that we just reset - so hold off on the OTL run for the moment

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
  
  
• Click the Start Scan button.
  
  
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[MrJc]

i did not get any cure options

here is the log

10:20:49.0821 1508 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
10:20:51.0824 1508 ============================================================
10:20:51.0824 1508 Current date / time: 2011/12/11 10:20:51.0824
10:20:51.0824 1508 SystemInfo:
10:20:51.0824 1508
10:20:51.0824 1508 OS Version: 6.1.7601 ServicePack: 1.0
10:20:51.0824 1508 Product type: Workstation
10:20:51.0824 1508 ComputerName: JC-PC
10:20:51.0825 1508 UserName: jc
10:20:51.0825 1508 Windows directory: C:\Windows
10:20:51.0825 1508 System windows directory: C:\Windows
10:20:51.0825 1508 Running under WOW64
10:20:51.0825 1508 Processor architecture: Intel x64
10:20:51.0825 1508 Number of processors: 3
10:20:51.0825 1508 Page size: 0x1000
10:20:51.0825 1508 Boot type: Normal boot
10:20:51.0825 1508 ============================================================
10:20:53.0671 1508 Initialize success
10:21:18.0940 4220 ============================================================
10:21:18.0941 4220 Scan started
10:21:18.0941 4220 Mode: Manual; SigCheck; TDLFS;
10:21:18.0941 4220 ============================================================
10:21:20.0089 4220 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:21:20.0176 4220 1394ohci - ok
10:21:20.0211 4220 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:21:20.0225 4220 ACPI - ok
10:21:20.0258 4220 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:21:20.0346 4220 AcpiPmi - ok
10:21:20.0424 4220 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:21:20.0486 4220 adp94xx - ok
10:21:20.0519 4220 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:21:20.0551 4220 adpahci - ok
10:21:20.0566 4220 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:21:20.0576 4220 adpu320 - ok
10:21:20.0658 4220 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
10:21:20.0797 4220 AFD - ok
10:21:20.0853 4220 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:21:20.0889 4220 agp440 - ok
10:21:20.0950 4220 Aken - ok
10:21:21.0049 4220 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:21:21.0092 4220 aliide - ok
10:21:21.0280 4220 ALSysIO - ok
10:21:21.0400 4220 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:21:21.0448 4220 amdide - ok
10:21:21.0522 4220 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:21:21.0647 4220 AmdK8 - ok
10:21:21.0770 4220 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:21:21.0838 4220 AmdPPM - ok
10:21:21.0887 4220 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
10:21:21.0948 4220 amdsata - ok
10:21:21.0984 4220 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:21:22.0003 4220 amdsbs - ok
10:21:22.0023 4220 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
10:21:22.0030 4220 amdxata - ok
10:21:22.0123 4220 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:21:22.0207 4220 AppID - ok
10:21:22.0316 4220 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:21:22.0374 4220 arc - ok
10:21:22.0388 4220 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:21:22.0399 4220 arcsas - ok
10:21:22.0446 4220 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:21:22.0647 4220 AsyncMac - ok
10:21:22.0727 4220 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:21:22.0737 4220 atapi - ok
10:21:22.0813 4220 atksgt (54494b93bb5ad74c807100144ec30d64) C:\Windows\system32\DRIVERS\atksgt.sys
10:21:22.0861 4220 atksgt - ok
10:21:22.0944 4220 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:21:23.0031 4220 b06bdrv - ok
10:21:23.0081 4220 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:21:23.0156 4220 b57nd60a - ok
10:21:23.0209 4220 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:21:23.0270 4220 Beep - ok
10:21:23.0354 4220 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:21:23.0427 4220 blbdrive - ok
10:21:23.0472 4220 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:21:23.0537 4220 bowser - ok
10:21:23.0591 4220 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:21:23.0688 4220 BrFiltLo - ok
10:21:23.0702 4220 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:21:23.0731 4220 BrFiltUp - ok
10:21:23.0763 4220 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:21:23.0834 4220 Brserid - ok
10:21:23.0849 4220 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:21:23.0885 4220 BrSerWdm - ok
10:21:23.0916 4220 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:21:23.0963 4220 BrUsbMdm - ok
10:21:23.0976 4220 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:21:23.0993 4220 BrUsbSer - ok
10:21:24.0036 4220 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:21:24.0081 4220 BTHMODEM - ok
10:21:24.0125 4220 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:21:24.0171 4220 cdfs - ok
10:21:24.0232 4220 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:21:24.0289 4220 cdrom - ok
10:21:24.0386 4220 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:21:24.0439 4220 circlass - ok
10:21:24.0499 4220 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:21:24.0563 4220 CLFS - ok
10:21:24.0637 4220 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:21:24.0696 4220 CmBatt - ok
10:21:24.0736 4220 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:21:24.0762 4220 cmdide - ok
10:21:24.0809 4220 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
10:21:24.0863 4220 CNG - ok
10:21:24.0904 4220 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:21:24.0928 4220 Compbatt - ok
10:21:24.0976 4220 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:21:25.0014 4220 CompositeBus - ok
10:21:25.0056 4220 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:21:25.0066 4220 crcdisk - ok
10:21:25.0135 4220 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:21:25.0218 4220 CSC - ok
10:21:25.0360 4220 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:21:25.0445 4220 DfsC - ok
10:21:25.0504 4220 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:21:25.0633 4220 discache - ok
10:21:25.0745 4220 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:21:25.0770 4220 Disk - ok
10:21:25.0861 4220 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:21:25.0901 4220 drmkaud - ok
10:21:25.0994 4220 dump_wmimmc - ok
10:21:26.0099 4220 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:21:26.0135 4220 DXGKrnl - ok
10:21:26.0176 4220 EagleX64 - ok
10:21:26.0236 4220 eamon (082dab566f704d258d35ba89f21239ca) C:\Windows\system32\DRIVERS\eamon.sys
10:21:26.0282 4220 eamon - ok
10:21:26.0420 4220 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:21:26.0610 4220 ebdrv - ok
10:21:26.0640 4220 ehdrv (4ff6f92f170550e226b4595766c4d6a6) C:\Windows\system32\DRIVERS\ehdrv.sys
10:21:26.0649 4220 ehdrv - ok
10:21:26.0732 4220 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:21:26.0785 4220 elxstor - ok
10:21:26.0823 4220 epfwwfpr (71c8cbde6b18f90f19e9c7cb884f87c8) C:\Windows\system32\DRIVERS\epfwwfpr.sys
10:21:26.0841 4220 epfwwfpr - ok
10:21:26.0872 4220 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:21:26.0921 4220 ErrDev - ok
10:21:27.0010 4220 EuMusDesignVirtualAudioCableWdm (7b0785cf5c9776d0590ab7d50bdc8b01) C:\Windows\system32\DRIVERS\vrtaucbl.sys
10:21:27.0027 4220 EuMusDesignVirtualAudioCableWdm - ok
10:21:27.0086 4220 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:21:27.0166 4220 exfat - ok
10:21:27.0200 4220 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:21:27.0258 4220 fastfat - ok
10:21:27.0330 4220 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:21:27.0397 4220 fdc - ok
10:21:27.0430 4220 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:21:27.0448 4220 FileInfo - ok
10:21:27.0474 4220 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:21:27.0532 4220 Filetrace - ok
10:21:27.0545 4220 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:21:27.0554 4220 flpydisk - ok
10:21:27.0614 4220 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:21:27.0681 4220 FltMgr - ok
10:21:27.0719 4220 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:21:27.0736 4220 FsDepends - ok
10:21:27.0748 4220 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:21:27.0765 4220 Fs_Rec - ok
10:21:27.0824 4220 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:21:27.0891 4220 fvevol - ok
10:21:27.0952 4220 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:21:28.0020 4220 gagp30kx - ok
10:21:28.0042 4220 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:21:28.0098 4220 hcw85cir - ok
10:21:28.0168 4220 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:21:28.0218 4220 HdAudAddService - ok
10:21:28.0254 4220 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:21:28.0293 4220 HDAudBus - ok
10:21:28.0321 4220 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:21:28.0377 4220 HidBatt - ok
10:21:28.0392 4220 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:21:28.0436 4220 HidBth - ok
10:21:28.0450 4220 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:21:28.0497 4220 HidIr - ok
10:21:28.0590 4220 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:21:28.0658 4220 HidUsb - ok
10:21:28.0708 4220 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:21:28.0718 4220 HpSAMD - ok
10:21:28.0786 4220 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:21:28.0882 4220 HTTP - ok
10:21:28.0918 4220 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:21:28.0935 4220 hwpolicy - ok
10:21:28.0996 4220 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:21:29.0028 4220 i8042prt - ok
10:21:29.0085 4220 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
10:21:29.0122 4220 iaStorV - ok
10:21:29.0163 4220 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:21:29.0174 4220 iirsp - ok
10:21:29.0306 4220 IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
10:21:29.0382 4220 IntcAzAudAddService - ok
10:21:29.0414 4220 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:21:29.0427 4220 intelide - ok
10:21:29.0476 4220 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:21:29.0541 4220 intelppm - ok
10:21:29.0577 4220 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:21:29.0624 4220 IpFilterDriver - ok
10:21:29.0656 4220 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:21:29.0682 4220 IPMIDRV - ok
10:21:29.0724 4220 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:21:29.0826 4220 IPNAT - ok
10:21:29.0915 4220 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:21:29.0994 4220 IRENUM - ok
10:21:30.0029 4220 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:21:30.0038 4220 isapnp - ok
10:21:30.0079 4220 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:21:30.0111 4220 iScsiPrt - ok
10:21:30.0150 4220 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:21:30.0160 4220 kbdclass - ok
10:21:30.0208 4220 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:21:30.0241 4220 kbdhid - ok
10:21:30.0291 4220 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
10:21:30.0320 4220 KSecDD - ok
10:21:30.0344 4220 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
10:21:30.0356 4220 KSecPkg - ok
10:21:30.0410 4220 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:21:30.0496 4220 ksthunk - ok
10:21:30.0555 4220 lirsgt (8e4ca9afd55ef6b509c80a8715abf8c6) C:\Windows\system32\DRIVERS\lirsgt.sys
10:21:30.0572 4220 lirsgt - ok
10:21:30.0620 4220 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:21:30.0706 4220 lltdio - ok
10:21:30.0780 4220 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:21:30.0818 4220 LSI_FC - ok
10:21:30.0833 4220 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:21:30.0851 4220 LSI_SAS - ok
10:21:30.0864 4220 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:21:30.0882 4220 LSI_SAS2 - ok
10:21:30.0907 4220 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:21:30.0925 4220 LSI_SCSI - ok
10:21:30.0950 4220 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:21:30.0993 4220 luafv - ok
10:21:31.0108 4220 LVRS64 (8bb169810c66b32364886a8751325181) C:\Windows\system32\DRIVERS\lvrs64.sys
10:21:31.0149 4220 LVRS64 - ok
10:21:31.0289 4220 LVUVC64 (d49858fb1432a0601fce2a9e452d6bc9) C:\Windows\system32\DRIVERS\lvuvc64.sys
10:21:31.0354 4220 LVUVC64 - ok
10:21:31.0415 4220 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
10:21:31.0433 4220 MBAMProtector - ok
10:21:31.0488 4220 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:21:31.0547 4220 megasas - ok
10:21:31.0565 4220 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:21:31.0588 4220 MegaSR - ok
10:21:31.0613 4220 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:21:31.0659 4220 Modem - ok
10:21:31.0714 4220 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:21:31.0748 4220 monitor - ok
10:21:31.0857 4220 MotioninJoyXFilter (fc44ad48746ffa5fd640ef1260ab5ec2) C:\Windows\system32\DRIVERS\MijXfilt.sys
10:21:31.0927 4220 MotioninJoyXFilter - ok
10:21:31.0983 4220 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:21:32.0008 4220 mouclass - ok
10:21:32.0071 4220 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:21:32.0117 4220 mouhid - ok
10:21:32.0165 4220 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:21:32.0219 4220 mountmgr - ok
10:21:32.0260 4220 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:21:32.0272 4220 mpio - ok
10:21:32.0307 4220 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:21:32.0367 4220 mpsdrv - ok
10:21:32.0411 4220 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:21:32.0492 4220 MRxDAV - ok
10:21:32.0531 4220 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:21:32.0589 4220 mrxsmb - ok
10:21:32.0622 4220 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:21:32.0665 4220 mrxsmb10 - ok
10:21:32.0698 4220 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:21:32.0756 4220 mrxsmb20 - ok
10:21:32.0805 4220 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:21:32.0824 4220 msahci - ok
10:21:32.0857 4220 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:21:32.0911 4220 msdsm - ok
10:21:32.0949 4220 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:21:32.0985 4220 Msfs - ok
10:21:33.0016 4220 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:21:33.0095 4220 mshidkmdf - ok
10:21:33.0137 4220 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:21:33.0158 4220 msisadrv - ok
10:21:33.0208 4220 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:21:33.0299 4220 MSKSSRV - ok
10:21:33.0313 4220 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:21:33.0356 4220 MSPCLOCK - ok
10:21:33.0370 4220 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:21:33.0427 4220 MSPQM - ok
10:21:33.0475 4220 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:21:33.0517 4220 MsRPC - ok
10:21:33.0561 4220 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:21:33.0571 4220 mssmbios - ok
10:21:33.0622 4220 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:21:33.0699 4220 MSTEE - ok
10:21:33.0712 4220 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:21:33.0734 4220 MTConfig - ok
10:21:33.0787 4220 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
10:21:33.0838 4220 MTsensor - ok
10:21:33.0901 4220 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:21:33.0957 4220 Mup - ok
10:21:33.0999 4220 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:21:34.0059 4220 NativeWifiP - ok
10:21:34.0168 4220 ncvet.dll - ok
10:21:34.0270 4220 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:21:34.0343 4220 NDIS - ok
10:21:34.0388 4220 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:21:34.0450 4220 NdisCap - ok
10:21:34.0479 4220 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:21:34.0560 4220 NdisTapi - ok
10:21:34.0598 4220 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:21:34.0642 4220 Ndisuio - ok
10:21:34.0690 4220 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:21:34.0754 4220 NdisWan - ok
10:21:34.0786 4220 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:21:34.0884 4220 NDProxy - ok
10:21:34.0929 4220 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:21:34.0982 4220 NetBIOS - ok
10:21:35.0019 4220 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:21:35.0067 4220 NetBT - ok
10:21:35.0188 4220 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:21:35.0211 4220 nfrd960 - ok
10:21:35.0301 4220 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:21:35.0385 4220 Npfs - ok
10:21:35.0434 4220 NPPTNT2 - ok
10:21:35.0467 4220 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:21:35.0532 4220 nsiproxy - ok
10:21:35.0614 4220 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
10:21:35.0702 4220 Ntfs - ok
10:21:35.0741 4220 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:21:35.0804 4220 Null - ok
10:21:35.0862 4220 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
10:21:35.0883 4220 nusb3hub - ok
10:21:35.0932 4220 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:21:35.0957 4220 nusb3xhc - ok
10:21:36.0008 4220 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
10:21:36.0059 4220 NVHDA - ok
10:21:36.0421 4220 nvlddmkm (aa043614b7f65eaf7fa83068286d5981) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:21:36.0572 4220 nvlddmkm - ok
10:21:36.0634 4220 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
10:21:36.0664 4220 nvraid - ok
10:21:36.0695 4220 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
10:21:36.0739 4220 nvstor - ok
10:21:36.0795 4220 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:21:36.0813 4220 nv_agp - ok
10:21:36.0836 4220 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:21:36.0856 4220 ohci1394 - ok
10:21:36.0895 4220 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:21:36.0930 4220 Parport - ok
10:21:36.0968 4220 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:21:36.0985 4220 partmgr - ok
10:21:37.0033 4220 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:21:37.0042 4220 pci - ok
10:21:37.0064 4220 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:21:37.0070 4220 pciide - ok
10:21:37.0115 4220 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:21:37.0172 4220 pcmcia - ok
10:21:37.0199 4220 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:21:37.0223 4220 pcw - ok
10:21:37.0259 4220 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:21:37.0315 4220 PEAUTH - ok
10:21:37.0471 4220 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:21:37.0580 4220 PptpMiniport - ok
10:21:37.0636 4220 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:21:37.0726 4220 Processor - ok
10:21:37.0787 4220 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:21:37.0866 4220 Psched - ok
10:21:37.0942 4220 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:21:38.0038 4220 ql2300 - ok
10:21:38.0062 4220 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:21:38.0074 4220 ql40xx - ok
10:21:38.0097 4220 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:21:38.0143 4220 QWAVEdrv - ok
10:21:38.0156 4220 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:21:38.0213 4220 RasAcd - ok
10:21:38.0315 4220 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:21:38.0377 4220 RasAgileVpn - ok
10:21:38.0429 4220 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:21:38.0507 4220 Rasl2tp - ok
10:21:38.0573 4220 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:21:38.0648 4220 RasPppoe - ok
10:21:38.0663 4220 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:21:38.0714 4220 RasSstp - ok
10:21:38.0759 4220 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:21:38.0852 4220 rdbss - ok
10:21:38.0887 4220 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:21:38.0930 4220 rdpbus - ok
10:21:38.0954 4220 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:21:38.0996 4220 RDPCDD - ok
10:21:39.0038 4220 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:21:39.0093 4220 RDPDR - ok
10:21:39.0147 4220 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:21:39.0218 4220 RDPENCDD - ok
10:21:39.0249 4220 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:21:39.0309 4220 RDPREFMP - ok
10:21:39.0357 4220 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
10:21:39.0430 4220 RdpVideoMiniport - ok
10:21:39.0461 4220 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:21:39.0529 4220 RDPWD - ok
10:21:39.0591 4220 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:21:39.0620 4220 rdyboost - ok
10:21:39.0687 4220 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:21:39.0758 4220 rspndr - ok
10:21:39.0818 4220 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:21:39.0849 4220 RTL8167 - ok
10:21:39.0889 4220 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:21:39.0932 4220 s3cap - ok
10:21:39.0968 4220 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:21:39.0994 4220 sbp2port - ok
10:21:40.0025 4220 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:21:40.0069 4220 scfilter - ok
10:21:40.0122 4220 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:21:40.0172 4220 secdrv - ok
10:21:40.0200 4220 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:21:40.0218 4220 Serenum - ok
10:21:40.0232 4220 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:21:40.0288 4220 Serial - ok
10:21:40.0318 4220 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:21:40.0335 4220 sermouse - ok
10:21:40.0373 4220 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:21:40.0421 4220 sffdisk - ok
10:21:40.0440 4220 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:21:40.0487 4220 sffp_mmc - ok
10:21:40.0501 4220 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:21:40.0523 4220 sffp_sd - ok
10:21:40.0561 4220 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:21:40.0602 4220 sfloppy - ok
10:21:40.0636 4220 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:21:40.0674 4220 SiSRaid2 - ok
10:21:40.0687 4220 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:21:40.0706 4220 SiSRaid4 - ok
10:21:40.0727 4220 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:21:40.0763 4220 Smb - ok
10:21:40.0798 4220 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:21:40.0815 4220 spldr - ok
10:21:40.0950 4220 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
10:21:40.0951 4220 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
10:21:40.0962 4220 sptd ( LockedFile.Multi.Generic ) - warning
10:21:40.0963 4220 sptd - detected LockedFile.Multi.Generic (1)
10:21:41.0023 4220 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
10:21:41.0063 4220 srv - ok
10:21:41.0085 4220 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
10:21:41.0110 4220 srv2 - ok
10:21:41.0133 4220 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
10:21:41.0159 4220 srvnet - ok
10:21:41.0225 4220 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:21:41.0252 4220 stexstor - ok
10:21:41.0321 4220 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:21:41.0346 4220 storflt - ok
10:21:41.0377 4220 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:21:41.0402 4220 storvsc - ok
10:21:41.0429 4220 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:21:41.0438 4220 swenum - ok
10:21:41.0483 4220 Synth3dVsc - ok
10:21:41.0626 4220 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
10:21:41.0732 4220 Tcpip - ok
10:21:41.0804 4220 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
10:21:41.0840 4220 TCPIP6 - ok
10:21:41.0874 4220 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:21:41.0898 4220 tcpipreg - ok
10:21:41.0938 4220 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:21:42.0007 4220 TDPIPE - ok
10:21:42.0021 4220 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:21:42.0055 4220 TDTCP - ok
10:21:42.0112 4220 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:21:42.0194 4220 tdx - ok
10:21:42.0223 4220 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:21:42.0230 4220 TermDD - ok
10:21:42.0278 4220 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:21:42.0356 4220 tssecsrv - ok
10:21:42.0395 4220 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:21:42.0459 4220 TsUsbFlt - ok
10:21:42.0473 4220 tsusbhub - ok
10:21:42.0523 4220 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:21:42.0589 4220 tunnel - ok
10:21:42.0635 4220 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:21:42.0642 4220 uagp35 - ok
10:21:42.0680 4220 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:21:42.0724 4220 udfs - ok
10:21:42.0758 4220 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:21:42.0766 4220 uliagpkx - ok
10:21:42.0822 4220 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:21:42.0868 4220 umbus - ok
10:21:42.0918 4220 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:21:42.0975 4220 UmPass - ok
10:21:43.0043 4220 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
10:21:43.0104 4220 usbaudio - ok
10:21:43.0130 4220 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:43.0155 4220 usbccgp - ok
10:21:43.0202 4220 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:21:43.0252 4220 usbcir - ok
10:21:43.0295 4220 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
10:21:43.0344 4220 usbehci - ok
10:21:43.0411 4220 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
10:21:43.0459 4220 usbhub - ok
10:21:43.0523 4220 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
10:21:43.0566 4220 usbohci - ok
10:21:43.0581 4220 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:21:43.0627 4220 usbprint - ok
10:21:43.0670 4220 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:43.0715 4220 USBSTOR - ok
10:21:43.0755 4220 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
10:21:43.0784 4220 usbuhci - ok
10:21:43.0822 4220 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:21:43.0871 4220 usbvideo - ok
10:21:43.0921 4220 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:21:43.0972 4220 vdrvroot - ok
10:21:44.0075 4220 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:44.0113 4220 vga - ok
10:21:44.0133 4220 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:21:44.0195 4220 VgaSave - ok
10:21:44.0223 4220 VGPU - ok
10:21:44.0260 4220 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:21:44.0273 4220 vhdmp - ok
10:21:44.0307 4220 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:21:44.0332 4220 viaide - ok
10:21:44.0358 4220 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:21:44.0372 4220 vmbus - ok
10:21:44.0397 4220 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:21:44.0425 4220 VMBusHID - ok
10:21:44.0456 4220 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:21:44.0466 4220 volmgr - ok
10:21:44.0516 4220 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:21:44.0558 4220 volmgrx - ok
10:21:44.0611 4220 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:21:44.0648 4220 volsnap - ok
10:21:44.0707 4220 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
10:21:44.0728 4220 Vsdatant - ok
10:21:44.0782 4220 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:21:44.0810 4220 vsmraid - ok
10:21:44.0824 4220 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:21:44.0857 4220 vwifibus - ok
10:21:44.0911 4220 wacmoumonitor (fe75777289278a4941fe6139e82b3bd9) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
10:21:44.0977 4220 wacmoumonitor - ok
10:21:45.0008 4220 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
10:21:45.0015 4220 wacommousefilter - ok
10:21:45.0060 4220 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:21:45.0092 4220 WacomPen - ok
10:21:45.0160 4220 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
10:21:45.0179 4220 wacomvhid - ok
10:21:45.0232 4220 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:45.0313 4220 WANARP - ok
10:21:45.0333 4220 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:45.0356 4220 Wanarpv6 - ok
10:21:45.0416 4220 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:21:45.0442 4220 Wd - ok
10:21:45.0483 4220 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:21:45.0509 4220 Wdf01000 - ok
10:21:45.0545 4220 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:21:45.0610 4220 WfpLwf - ok
10:21:45.0625 4220 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:21:45.0650 4220 WIMMount - ok
10:21:45.0697 4220 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:21:45.0738 4220 WmiAcpi - ok
10:21:45.0804 4220 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:21:45.0846 4220 ws2ifsl - ok
10:21:45.0882 4220 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:21:45.0940 4220 WudfPf - ok
10:21:45.0988 4220 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:46.0078 4220 WUDFRd - ok
10:21:46.0217 4220 X6va005 - ok
10:21:46.0293 4220 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
10:21:46.0329 4220 xusb21 - ok
10:21:46.0346 4220 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:21:46.0429 4220 \Device\Harddisk0\DR0 - ok
10:21:46.0449 4220 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
10:21:46.0573 4220 \Device\Harddisk1\DR1 - ok
10:21:46.0590 4220 MBR (0x1B8) (0cc5f3a208a7a4c2ec4e3166af187de4) \Device\Harddisk2\DR2
10:21:46.0649 4220 \Device\Harddisk2\DR2 ( Rootkit.Win32.BackBoot.gen ) - warning
10:21:46.0650 4220 \Device\Harddisk2\DR2 - detected Rootkit.Win32.BackBoot.gen (1)
10:21:46.0696 4220 \Device\Harddisk2\DR2 ( TDSS File System ) - warning
10:21:46.0697 4220 \Device\Harddisk2\DR2 - detected TDSS File System (1)
10:21:46.0706 4220 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
10:21:47.0327 4220 \Device\Harddisk3\DR3 - ok
10:21:47.0335 4220 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
10:21:47.0984 4220 \Device\Harddisk4\DR4 - ok
10:21:47.0991 4220 Boot (0x1200) (a96060f91eb29c7dbd2a534dbf1b8c44) \Device\Harddisk0\DR0\Partition0
10:21:47.0993 4220 \Device\Harddisk0\DR0\Partition0 - ok
10:21:48.0001 4220 Boot (0x1200) (68bbc478a5a2fbd98607ce31f0236df1) \Device\Harddisk1\DR1\Partition0
10:21:48.0003 4220 \Device\Harddisk1\DR1\Partition0 - ok
10:21:48.0012 4220 Boot (0x1200) (458bd5e80b062e40ddd2387ca6da3089) \Device\Harddisk1\DR1\Partition1
10:21:48.0013 4220 \Device\Harddisk1\DR1\Partition1 - ok
10:21:48.0033 4220 Boot (0x1200) (5bda2e858090b2fae11d4413ab988dc4) \Device\Harddisk2\DR2\Partition0
10:21:48.0035 4220 \Device\Harddisk2\DR2\Partition0 - ok
10:21:48.0042 4220 Boot (0x1200) (5f7c331d3d55194afbdb1907fdf16ec9) \Device\Harddisk3\DR3\Partition0
10:21:48.0046 4220 \Device\Harddisk3\DR3\Partition0 - ok
10:21:48.0054 4220 Boot (0x1200) (1d69c3080f9beeece14c5630ffb8e48a) \Device\Harddisk4\DR4\Partition0
10:21:48.0055 4220 \Device\Harddisk4\DR4\Partition0 - ok
10:21:48.0057 4220 ============================================================
10:21:48.0057 4220 Scan finished
10:21:48.0057 4220 ============================================================
10:21:48.0080 3320 Detected object count: 3
10:21:48.0081 3320 Actual detected object count: 3
10:22:47.0869 3320 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:22:47.0869 3320 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:22:47.0871 3320 \Device\Harddisk2\DR2 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
10:22:47.0871 3320 \Device\Harddisk2\DR2 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
10:22:47.0872 3320 \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
10:22:47.0872 3320 \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip

[Essexboy]

Could you re-run TDSSKiller and for the disk 2 TDLL select from the drop down restore. If that fails I will need to use a different tool

[MrJc]

im kind of confused by what you asked which one would you like me to try and restore since there are 3 of them?

the locked file

the rookit.win32.backboot.gen

or the

tdss file system

i just want to make sure so that i dont make any bad mistakes

[Essexboy]

Hmm OK I have just been rechecking on the Kaspersky data site, and that command is invalid when run from another drive

Could you boot to the OS that is on drive 2 and run TDSSKiller from that drive

[MrJc]

it also appears that the only one i can try to restore is the rootkit.win32.backboot.gen as so basicaly u want me to run via windows xp since thats the other operating system since the one im on now is windows 7. if so i can try that

Edited by MrJc, 11 December 2011 - 10:38 AM.

[Essexboy]

Yes please go to XP it is a problem of cross drive cleaning

[MrJc]

when i try to run in windows xp my mouse and keyboard dont work so i have no way of getting to the location. i also wanted to say that the only windows xp operating system and the files on with it i dont need at all i installed windows 7 on the same harddrive and thats what kept the old files of the windows xp it pu them in a folder on my c drive named windows.old. i just thought i would say that

[Essexboy]

If you have no need of the files and folders on that drive then the best option would be to format it

[MrJc]

so may i ask that i should deleted the folder named windows.old which is on my current c drive and format my d drive which had windows xp installed on it from before? also do you knwo an easy way to format a harddrive for i do not have my windows dvds anymore

[Essexboy]

There is no need to retain the windows old on your c drive if you have extracted all your data from it

To format the drive from windows 7 :

Open windows explorer
Right click the drive to reformat
Select Format
Select either quick or full (your choice)
Then let windows do its thing

[MrJc]

for some reason i cant format it i just get an error going windows was unable to complete the format