Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 [2]  All   Go Down

Author Topic: Unusual Malware Infection  (Read 11893 times)

0 Members and 1 Guest are viewing this topic.

Frazzled

    Topic Starter


    Beginner

    • Experience: Beginner
    • OS: Unknown
    Re: Unusual Malware Infection
    « Reply #15 on: November 19, 2010, 08:49:14 PM »
    Hello,
    The computer ran fine for over a year and a half while running e-booster. Actually Vista comes with a similar flash drive temporary caching program. Anyways,  It has been disabled since I had the problem.
     I have to assume there was something caused by a virus, as someone was on facebook and there was some system error message that wasnt' remembered. After that at the next reboot the symptom occued. What I noticed was that AVG was not showing in the taskbar. Some of the processes for it were also not running. Windows firewall was disabled and could not be started, and my network was goofed up so I cannot access the internet to run online scans.

    The router works, as I have my laptop connecting via wireless ok. I also tried a different wireless card to check for a defective usb port or wireless card.
     My wireless card had no software, it was automatically found by windows.

    PLease elaborate specifically on which network devices to remove. at any rate, how can network related issues affect the windows ICS?

    Thank you
    Logged

    Computer Hope Admin

    • Administrator


      • Prodigy

      Thanked: 248
      • Yes
      • Yes
      • Yes
      • Computer Hope
    • Certifications: List
    • Computer: Specs
    • Experience: Guru
    • OS: Windows 10
    Re: Unusual Malware Infection
    « Reply #16 on: November 20, 2010, 01:15:28 AM »
    If the computer has run fine with ebooster then it shouldn't need to be disabled. It was just a thought as a possible situation.

    Since this issue just happened a few days ago, another thought I didn't mention and didn't see you try would be to run a system recovery and restore Windows back to an earlier copy, e.g. a week ago before this issue occurred. This will not delete any of your files but would fix any system settings that have changed that may have caused this issue.

    Additional details:
    http://www.computerhope.com/issues/ch000589.htm

    You're right that the router and network card would not affect Windows ICS, I was primarily thinking about networking related issues. Try the above suggestion about trying to recover back to an earlier copy, if that doesn't work then try running Malwarebytes from Safe Mode.

    If both of those suggestions don't work maybe there is a much deeper infection that we just are not seeing.

    Logged
    Everybody is a genius. But, if you judge a fish by its ability to climb a tree, it will spend its whole life believing that it is stupid.
    -Albert Einstein

    SuperDave

    • Malware Removal Specialist


      • Genius
      • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: Unusual Malware Infection
    « Reply #17 on: November 20, 2010, 11:23:18 AM »
    Also, please try running this scan:

    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • Click the Report button and copy/paste the contents of it into your next reply
    Note:It will also create a log in the C:\ directory..
    Logged
    Windows 8 and Windows 10 dual boot with two SSD's

    Frazzled

      Topic Starter


      Beginner

      • Experience: Beginner
      • OS: Unknown
      Re: Unusual Malware Infection
      « Reply #18 on: November 21, 2010, 02:46:57 PM »
      Hello and Thanks,
      I have rebooted the router a couple of times already and as for the network adapters, I will uninstall them and reinstall them. My wireless adapter is PNP so there was no installation disk. As an aside, what does any of my network adapters have to do with windows firewall being enabled?

      After rebooting, both adapters were set up and no change in my system. I am wondering if there is a driver corruption or something.
      Logged

      SuperDave

      • Malware Removal Specialist


        • Genius
        • Thanked: 1020
      • Certifications: List
      • Experience: Expert
      • OS: Windows 10
      Re: Unusual Malware Infection
      « Reply #19 on: November 22, 2010, 06:12:15 PM »
      Please run the TDSSKiller scan, please and post the log.
      Logged
      Windows 8 and Windows 10 dual boot with two SSD's

      Frazzled

        Topic Starter


        Beginner

        • Experience: Beginner
        • OS: Unknown
        Re: Unusual Malware Infection
        « Reply #20 on: November 29, 2010, 09:14:04 AM »
        Sorry about the delay, holidays and what not sort of distracted me. I hope you will still answer this as I still have no computer.
        The TDSS logfile is below:

        2010/11/29 10:06:53.0937   TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
        2010/11/29 10:06:53.0937   ================================================================================
        2010/11/29 10:06:53.0937   SystemInfo:
        2010/11/29 10:06:53.0937   
        2010/11/29 10:06:53.0937   OS Version: 5.1.2600 ServicePack: 3.0
        2010/11/29 10:06:53.0937   Product type: Workstation
        2010/11/29 10:06:53.0937   ComputerName: RUDYS
        2010/11/29 10:06:53.0937   UserName: Rudy
        2010/11/29 10:06:53.0937   Windows directory: C:\WINDOWS
        2010/11/29 10:06:53.0937   System windows directory: C:\WINDOWS
        2010/11/29 10:06:53.0937   Processor architecture: Intel x86
        2010/11/29 10:06:53.0937   Number of processors: 1
        2010/11/29 10:06:53.0937   Page size: 0x1000
        2010/11/29 10:06:53.0937   Boot type: Normal boot
        2010/11/29 10:06:53.0937   ================================================================================
        2010/11/29 10:06:54.0156   Initialize success
        2010/11/29 10:07:00.0484   ================================================================================
        2010/11/29 10:07:00.0484   Scan started
        2010/11/29 10:07:00.0484   Mode: Manual;
        2010/11/29 10:07:00.0484   ================================================================================
        2010/11/29 10:07:00.0953   abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
        2010/11/29 10:07:01.0093   ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
        2010/11/29 10:07:01.0250   ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
        2010/11/29 10:07:01.0390   adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
        2010/11/29 10:07:01.0531   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
        2010/11/29 10:07:01.0703   AFD             (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
        2010/11/29 10:07:01.0875   agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
        2010/11/29 10:07:02.0046   agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
        2010/11/29 10:07:02.0187   Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
        2010/11/29 10:07:02.0328   aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
        2010/11/29 10:07:02.0484   aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
        2010/11/29 10:07:02.0578   AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
        2010/11/29 10:07:02.0703   alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
        2010/11/29 10:07:02.0843   amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
        2010/11/29 10:07:03.0000   amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
        2010/11/29 10:07:03.0156   asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
        2010/11/29 10:07:03.0296   asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
        2010/11/29 10:07:03.0437   asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
        2010/11/29 10:07:03.0578   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
        2010/11/29 10:07:03.0718   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
        2010/11/29 10:07:03.0875   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
        2010/11/29 10:07:04.0000   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
        2010/11/29 10:07:04.0171   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
        2010/11/29 10:07:04.0609   cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
        2010/11/29 10:07:04.0750   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
        2010/11/29 10:07:04.0875   cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
        2010/11/29 10:07:05.0015   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
        2010/11/29 10:07:05.0187   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
        2010/11/29 10:07:05.0265   Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
        2010/11/29 10:07:05.0484   CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
        2010/11/29 10:07:05.0656   Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
        2010/11/29 10:07:05.0750   dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
        2010/11/29 10:07:05.0890   dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
        2010/11/29 10:07:06.0000   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
        2010/11/29 10:07:06.0187   dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
        2010/11/29 10:07:06.0359   dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
        2010/11/29 10:07:06.0500   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
        2010/11/29 10:07:06.0671   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
        2010/11/29 10:07:06.0843   dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
        2010/11/29 10:07:06.0968   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
        2010/11/29 10:07:07.0140   drvmcdb         (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
        2010/11/29 10:07:07.0312   drvnddm         (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
        2010/11/29 10:07:07.0437   E100B           (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
        2010/11/29 10:07:07.0671   eBoost          (c7dbd82d7f593621eabd4796944a232c) C:\WINDOWS\system32\drivers\eBoost.sys
        2010/11/29 10:07:07.0875   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
        2010/11/29 10:07:08.0062   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
        2010/11/29 10:07:08.0218   Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
        2010/11/29 10:07:08.0328   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
        2010/11/29 10:07:08.0437   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
        2010/11/29 10:07:08.0531   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
        2010/11/29 10:07:08.0703   Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
        2010/11/29 10:07:08.0859   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
        2010/11/29 10:07:08.0953   hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
        2010/11/29 10:07:09.0140   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
        2010/11/29 10:07:09.0296   i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
        2010/11/29 10:07:09.0437   i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
        2010/11/29 10:07:09.0546   i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
        2010/11/29 10:07:09.0718   ialm            (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
        2010/11/29 10:07:09.0843   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
        2010/11/29 10:07:09.0921   ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
        2010/11/29 10:07:10.0031   IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
        2010/11/29 10:07:10.0140   intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
        2010/11/29 10:07:10.0296   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
        2010/11/29 10:07:10.0468   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
        2010/11/29 10:07:10.0546   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
        2010/11/29 10:07:10.0703   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
        2010/11/29 10:07:10.0843   IPVNMon         (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys
        2010/11/29 10:07:11.0000   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
        2010/11/29 10:07:11.0140   isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
        2010/11/29 10:07:11.0312   Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
        2010/11/29 10:07:11.0390   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
        2010/11/29 10:07:11.0515   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
        2010/11/29 10:07:11.0750   ltmodem5        (829ef680a308c12e2a80e5e0da0d958d) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
        2010/11/29 10:07:11.0921   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
        2010/11/29 10:07:12.0015   Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
        2010/11/29 10:07:12.0187   MODEMCSA        (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
        2010/11/29 10:07:12.0328   Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
        2010/11/29 10:07:12.0484   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
        2010/11/29 10:07:12.0578   MpFilter        (dfa1cd670ea50a21c87c92c727c50950) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
        2010/11/29 10:07:12.0718   mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
        2010/11/29 10:07:12.0812   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
        2010/11/29 10:07:12.0953   MRxSmb          (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
        2010/11/29 10:07:13.0171   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
        2010/11/29 10:07:13.0296   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
        2010/11/29 10:07:13.0421   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
        2010/11/29 10:07:13.0562   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
        2010/11/29 10:07:13.0718   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
        2010/11/29 10:07:13.0890   Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
        2010/11/29 10:07:14.0015   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
        2010/11/29 10:07:14.0156   NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
        2010/11/29 10:07:14.0281   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
        2010/11/29 10:07:14.0390   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
        2010/11/29 10:07:14.0515   NDProxy         (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
        2010/11/29 10:07:14.0656   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
        2010/11/29 10:07:14.0765   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
        2010/11/29 10:07:14.0984   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
        2010/11/29 10:07:15.0171   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
        2010/11/29 10:07:15.0375   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
        2010/11/29 10:07:15.0593   nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
        2010/11/29 10:07:15.0781   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
        2010/11/29 10:07:15.0859   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
        2010/11/29 10:07:16.0000   Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
        2010/11/29 10:07:16.0156   PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
        2010/11/29 10:07:16.0250   ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
        2010/11/29 10:07:16.0390   PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
        2010/11/29 10:07:16.0625   PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
        2010/11/29 10:07:16.0734   Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
        2010/11/29 10:07:17.0015   perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
        2010/11/29 10:07:17.0140   perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
        2010/11/29 10:07:17.0296   PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
        2010/11/29 10:07:17.0406   PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
        2010/11/29 10:07:17.0500   Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
        2010/11/29 10:07:17.0671   PxHelp20        (30cbae0a34359f1cd19d1576245149ed) C:\WINDOWS\system32\Drivers\PxHelp20.sys
        2010/11/29 10:07:17.0843   ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
        2010/11/29 10:07:17.0984   Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
        2010/11/29 10:07:18.0062   ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
        2010/11/29 10:07:18.0203   ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
        2010/11/29 10:07:18.0281   ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
        2010/11/29 10:07:18.0375   RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
        2010/11/29 10:07:18.0546   Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
        2010/11/29 10:07:18.0703   RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
        2010/11/29 10:07:18.0828   Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
        2010/11/29 10:07:19.0000   Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
        2010/11/29 10:07:19.0156   RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
        2010/11/29 10:07:19.0281   rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
        2010/11/29 10:07:19.0421   RDPWD           (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
        2010/11/29 10:07:19.0562   redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
        2010/11/29 10:07:19.0765   RT73            (da4980fad2b7d86d6ed8e35e3874f65e) C:\WINDOWS\system32\DRIVERS\rt73.sys
        2010/11/29 10:07:19.0906   SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
        2010/11/29 10:07:20.0046   SASENUM         (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
        2010/11/29 10:07:20.0093   SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
        2010/11/29 10:07:20.0296   Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
        2010/11/29 10:07:20.0468   senfilt         (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
        2010/11/29 10:07:20.0593   serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
        2010/11/29 10:07:20.0703   Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
        2010/11/29 10:07:20.0828   Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
        2010/11/29 10:07:21.0000   sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
        2010/11/29 10:07:21.0171   smwdm           (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
        2010/11/29 10:07:21.0312   Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
        2010/11/29 10:07:21.0406   splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
        2010/11/29 10:07:21.0562   sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
        2010/11/29 10:07:21.0703   Srv             (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
        2010/11/29 10:07:21.0859   sscdbhk5        (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
        2010/11/29 10:07:22.0015   ssrtln          (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
        2010/11/29 10:07:22.0156   swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
        2010/11/29 10:07:22.0312   swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
        2010/11/29 10:07:22.0500   symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
        2010/11/29 10:07:22.0656   symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
        2010/11/29 10:07:22.0734   sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
        2010/11/29 10:07:22.0812   sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
        2010/11/29 10:07:22.0953   sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
        2010/11/29 10:07:23.0156   Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
        2010/11/29 10:07:23.0250   TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
        2010/11/29 10:07:23.0390   TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
        2010/11/29 10:07:23.0531   TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
        2010/11/29 10:07:23.0687   tfsnboio        (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
        2010/11/29 10:07:23.0812   tfsncofs        (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
        2010/11/29 10:07:23.0953   tfsndrct        (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
        2010/11/29 10:07:24.0093   tfsndres        (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
        2010/11/29 10:07:24.0218   tfsnifs         (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
        2010/11/29 10:07:24.0296   tfsnopio        (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
        2010/11/29 10:07:24.0390   tfsnpool        (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
        2010/11/29 10:07:24.0515   tfsnudf         (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
        2010/11/29 10:07:24.0656   tfsnudfa        (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
        2010/11/29 10:07:24.0828   TosIde          (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
        2010/11/29 10:07:25.0000   TSKNF900.SYS    (11dec713a1fc4cad3ea5e0fd4454d44a) C:\WINDOWS\system32\Drivers\TSKNF900.SYS
        2010/11/29 10:07:25.0156   tunmp           (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
        2010/11/29 10:07:25.0296   Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
        2010/11/29 10:07:25.0453   ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
        2010/11/29 10:07:25.0640   Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
        2010/11/29 10:07:25.0812   usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
        2010/11/29 10:07:25.0968   usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
        2010/11/29 10:07:26.0140   usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
        2010/11/29 10:07:26.0296   usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
        2010/11/29 10:07:26.0437   usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
        2010/11/29 10:07:26.0593   USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
        2010/11/29 10:07:26.0781   usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
        2010/11/29 10:07:26.0937   VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
        2010/11/29 10:07:27.0015   viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
        2010/11/29 10:07:27.0171   ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
        2010/11/29 10:07:27.0312   VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
        2010/11/29 10:07:27.0484   Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
        2010/11/29 10:07:27.0656   wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
        2010/11/29 10:07:27.0890   WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
        2010/11/29 10:07:28.0109   ================================================================================
        2010/11/29 10:07:28.0109   Scan finished
        2010/11/29 10:07:28.0109   ================================================================================
        2010/11/29 10:11:03.0031   Deinitialize success
        Logged

        SuperDave

        • Malware Removal Specialist


          • Genius
          • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: Unusual Malware Infection
        « Reply #21 on: November 29, 2010, 03:36:27 PM »
        I'm not seeing any infections yet. Did you try any of the suggestions posted by CH Admin. in Reply# 16?

        Please download SystemLook from one of the links below and save it to your desktop.

        Link # 1
        Link # 2

        Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

        Double-click SystemLook.exe to run it.

        Copy the contents of the following codebox into the main textfield.
        Code: [Select]
        :filefind
        tcpip.sys
        Click the Look button to start the scan.

        Note: The scan may take some time so please just let it do its work and be patient (or do something else unrelated to the computer).

        When finished, a notepad window will open with the results of the scan. Please post the log. The log can also be found on your desktop entitled SystemLook.txt
         
        Logged
        Windows 8 and Windows 10 dual boot with two SSD's
        Pages: 1 [2]  All   Go Up
        « previous next »