Sorry for the delay in getting to you, I'm K27 and i will be reviewing your log for you.
Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.
Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.
Failure to reply in three (3) days will result in this topic being closed and I will remove it from my notifications, If you require more time then that is fine but please let me know.
Download and scan withCCleaner 1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option ORdownload the toolbar-free or Slim versions instead of the Standard Build. 2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours" 3. Then select the items you wish to clean up. In the Windows Tab:
Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.
In the Applications Tab:
Clean all except cookies in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.
4. Click the "Run Cleaner" button. 5. A pop up box will appear advising this process will permanently delete files from your system. 6. Click "OK" and it will scan and clean your system. 7. Click "exit" when done.
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them fromhereand just double-click on mbam-rules.exe to install.
On the Scanner tab:
Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
I then need to see some additional information about what is happening in your machine. Please perform the following scan:
Download DDS by sUBs from one of the following links. Save it to your desktop.
A small box will open, with an explanation about the tool.
When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt
Save both reports to your desktop.
The instructions here ask you to attach the Attach.txt.
Instead of attaching, please copy/past both logs into your next reply.
Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE
Please copy/paste back the MBAM log and BOTH DDS logs for review.
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
\Device\Ide\IdeDeviceP0T0L0-0 -> \??\IDE#DiskHitachi_HTS543232L9A300_________________FB4OC40C#5&1a84c4fe&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi -> 0x84f361d8
user != kernel MBR !!!
sectors 625142446 (+255): user != kernel
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.
.
============= FINISH: 13:30:53.51 ===============
Attach Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 12/11/2009 10:33:10 AM
System Uptime: 4/28/2011 1:22:17 PM (0 hours ago)
.
Motherboard: FUJITSU SIEMENS | | D46
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | U2E1 | 2000/200mhz
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
JMicron JMB38X Flash Media Controller
K-Lite Codec Pack 3.4.5 Full
Launch Manager V1.4.9
Learning Essentials for Microsoft Office
Malwarebytes' Anti-Malware
Media Go
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Math
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio Professional 2003
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Student 2007 for Learning Essentials
Microsoft Student with Encarta Premium 2009
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Mozilla Firefox (2.0.0.11)
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 ClipartPack
Nero 10 Menu TemplatePack 1
Nero 10 Menu TemplatePack 2
Nero 10 Menu TemplatePack 3
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack 1
Nero 10 Movie ThemePack 2
Nero 10 Movie ThemePack 3
Nero 10 Movie ThemePack 4
Nero 10 Movie ThemePack Basic
Nero 10 PiP EffectPack 1
Nero 10 Sample ImagePack
Nero 10 Sample Videos
Nero 10 Video TransitionPack 1
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscCopy Gadget 10
Nero DiscCopyGadget 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero MediaHub 10
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10 Platinum HD
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia PC Suite
ObjectDock
Ovi Desktop Sync Engine
OviMPlatform
Oxford Talking Dictionary
PC Connectivity Solution
Pen Pad Driver with Macro Key Manager
Picasa 3
PlayFLV
PlayStation(R)Network Downloader
PlayStation(R)Store
Power Presenter RE II
QuickTime
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype 2.5
Sony Ericsson PC Companion 1.60.13
Sony Ericsson PC Suite 6.007.00
SystemDiagnostics
The Sims™ 3
The Sims™ Life Stories
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2492475)
VirtualDJ
VLC media player 1.0.1
WD SmartWare
Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8)
Windows Driver Package - Nokia Modem (10/07/2010 4.6)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
winpcap-nmap 4.02
WinRAR archiver
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
Your 3D Home Designer 2 - Deluxe Edition 1.1.0.4
.
==== Event Viewer Messages From Past Week ========
.
4/28/2011 1:24:19 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
4/26/2011 1:55:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service wercplsupport with arguments "" in order to run the server: {0E9A7BB5-F699-4D66-8A47-B919F5B6A1DB}
4/24/2011 3:25:44 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
4/22/2011 7:10:01 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/22/2011 6:40:57 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
4/21/2011 2:01:23 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
4/21/2011 1:06:46 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avipbb Hotkey spldr ssmdrv Wanarpv6
4/21/2011 1:06:46 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
4/21/2011 1:06:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/21/2011 1:05:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/21/2011 1:05:48 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 21
4/21/2011 1:05:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/21/2011 1:05:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/21/2011 1:05:18 PM, Error: EventLog [6008] - The previous system shutdown at 1:03:25 PM on 4/21/2011 was unexpected.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Please post back the TDSSKiller log and a fresh set of DDS logs.
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
Note: You will need to use Internet explorer for this scan
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Click the "Show Results" button
Then click the "Export to Text File" button and save the log to the desktop
Copy and paste that log as a reply to this topic and also let me know how things are now.
Please post the ESET report back for review and a status report on how the system is running.
After the scan of ESET Online Scanner, it doesn't have a button of "Show Results". It only has "List of found threats". And when I clicked it, it shows a virus that was found, but there was a button "Export to text file" below. After I clicked it, I saved it in my Desktop and this is the result:
D:\AutoCAD-Mech'l\acm2010_x64.iso a variant of Win32/Keygen.BL application
Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time)
Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
When I attached the file, It says that I should attach a valid file because they don't accept files like zip.
Windows Update is working now. But there's a new error code (669). The update name is Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708).
Here is the log for aswMBR:
aswMBR version 0.9.5.232 Copyright(c) 2011 AVAST Software
Run date: 2011-05-02 12:11:34
-----------------------------
12:11:34.084 OS Version: Windows 6.0.6002 Service Pack 2
kevin27_b3d29f
2 Intern
•
1.5K Posts
0
April 27th, 2011 13:00
Hi VonTrick98,
Welcome to Dell Community Malware Removal Forums,
Sorry for the delay in getting to you, I'm K27 and i will be reviewing your log for you.
Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.
Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.
Failure to reply in three (3) days will result in this topic being closed and I will remove it from my notifications, If you require more time then that is fine but please let me know.
Download and scan with CCleaner
1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:
In the Applications Tab:
4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.
Then Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
MBAM will automatically start and you will be asked to update the program before performing a scan.
On the Scanner tab:
Back at the main Scanner screen:
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
I then need to see some additional information about what is happening in your machine.
Please perform the following scan:
1. DDS.txt
2. Attach.txt
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE
Please copy/paste back the MBAM log and BOTH DDS logs for review.
Thanks.
user11111
14 Posts
0
April 27th, 2011 22:00
Oh, nevermind, I saw it.
user11111
14 Posts
0
April 27th, 2011 22:00
K27,
Can you please give me a download link for CCleaner cause I really don't know where to download it.
Thanks!
user11111
14 Posts
0
April 27th, 2011 23:00
K27,
I followed your instructions
And here are the logs as you requested:
MBAM Log:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6461
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
4/28/2011 1:19:42 PM
mbam-log-2011-04-28 (13-19-42).txt
Scan type: Quick scan
Objects scanned: 145519
Time elapsed: 4 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Update Srv (Trojan.Agent) -> Value: Update Srv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1My (Password.Stealer) -> Value: 1My -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\FUJITSU\AppData\Roaming\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\FUJITSU\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
kevin27_b3d29f
2 Intern
•
1.5K Posts
0
April 28th, 2011 05:00
Hi,
Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)
Please read carefully and follow these steps.
Please post back the TDSSKiller log and a fresh set of DDS logs.
Thanks.
user11111
14 Posts
0
April 28th, 2011 06:00
K27,
Your link for TDSS Killer doesn't work..
kevin27_b3d29f
2 Intern
•
1.5K Posts
0
April 28th, 2011 13:00
Sorry about that, please try THIS link..
user11111
14 Posts
0
April 29th, 2011 23:00
Here are the logs:
TDSSKiller Log:
2011/04/30 12:23:42.0315 6076 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/30 12:23:43.0936 6076 ================================================================================
2011/04/30 12:23:43.0936 6076 SystemInfo:
2011/04/30 12:23:43.0936 6076
2011/04/30 12:23:43.0936 6076 OS Version: 6.0.6002 ServicePack: 2.0
2011/04/30 12:23:43.0936 6076 Product type: Workstation
2011/04/30 12:23:43.0936 6076 ComputerName: FUJITSU-PC
2011/04/30 12:23:43.0936 6076 UserName: FUJITSU
2011/04/30 12:23:43.0936 6076 Windows directory: C:\Windows
2011/04/30 12:23:43.0936 6076 System windows directory: C:\Windows
2011/04/30 12:23:43.0936 6076 Processor architecture: Intel x86
2011/04/30 12:23:43.0936 6076 Number of processors: 2
2011/04/30 12:23:43.0936 6076 Page size: 0x1000
2011/04/30 12:23:43.0936 6076 Boot type: Normal boot
2011/04/30 12:23:43.0936 6076 ================================================================================
2011/04/30 12:23:52.0530 6076 Initialize success
2011/04/30 12:23:58.0801 5464 ================================================================================
2011/04/30 12:23:58.0801 5464 Scan started
2011/04/30 12:23:58.0801 5464 Mode: Manual;
2011/04/30 12:23:58.0801 5464 ================================================================================
2011/04/30 12:23:59.0441 5464 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/04/30 12:23:59.0534 5464 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/30 12:23:59.0675 5464 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/30 12:23:59.0799 5464 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/30 12:23:59.0846 5464 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/30 12:24:00.0018 5464 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/04/30 12:24:00.0096 5464 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/30 12:24:00.0205 5464 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/30 12:24:00.0252 5464 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/04/30 12:24:00.0283 5464 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/30 12:24:00.0408 5464 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/04/30 12:24:00.0470 5464 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/30 12:24:00.0501 5464 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/30 12:24:00.0689 5464 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/30 12:24:00.0735 5464 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/30 12:24:00.0891 5464 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/30 12:24:00.0938 5464 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/04/30 12:24:01.0094 5464 athr (567e669b3b252e0c07850ef3c3e12254) C:\Windows\system32\DRIVERS\athr.sys
2011/04/30 12:24:01.0281 5464 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/30 12:24:01.0328 5464 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/30 12:24:01.0469 5464 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/30 12:24:01.0547 5464 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/30 12:24:01.0687 5464 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/30 12:24:01.0718 5464 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/30 12:24:01.0781 5464 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/30 12:24:01.0890 5464 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/30 12:24:01.0937 5464 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/30 12:24:01.0952 5464 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/30 12:24:01.0999 5464 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/04/30 12:24:02.0124 5464 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/30 12:24:02.0171 5464 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/04/30 12:24:02.0233 5464 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/04/30 12:24:02.0342 5464 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/04/30 12:24:02.0405 5464 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/30 12:24:02.0545 5464 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/30 12:24:02.0592 5464 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/30 12:24:02.0654 5464 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/04/30 12:24:02.0810 5464 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/30 12:24:02.0857 5464 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/04/30 12:24:03.0013 5464 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/30 12:24:03.0138 5464 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/30 12:24:03.0153 5464 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/30 12:24:03.0231 5464 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/04/30 12:24:03.0387 5464 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/04/30 12:24:03.0465 5464 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/30 12:24:03.0512 5464 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/30 12:24:03.0684 5464 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/30 12:24:03.0746 5464 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/04/30 12:24:03.0902 5464 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/30 12:24:03.0996 5464 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/04/30 12:24:04.0121 5464 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/04/30 12:24:04.0199 5464 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/30 12:24:04.0339 5464 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/30 12:24:04.0386 5464 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/30 12:24:04.0433 5464 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/30 12:24:04.0573 5464 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/04/30 12:24:04.0729 5464 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/04/30 12:24:04.0838 5464 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/30 12:24:04.0963 5464 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/30 12:24:05.0135 5464 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/30 12:24:05.0213 5464 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/30 12:24:05.0306 5464 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/30 12:24:05.0384 5464 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/30 12:24:05.0478 5464 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/30 12:24:05.0603 5464 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\Windows\system32\drivers\Hotkey.sys
2011/04/30 12:24:05.0712 5464 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/30 12:24:05.0805 5464 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/04/30 12:24:05.0899 5464 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/30 12:24:06.0008 5464 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/30 12:24:06.0133 5464 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/30 12:24:06.0445 5464 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/04/30 12:24:06.0773 5464 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/30 12:24:06.0960 5464 IntcAzAudAddService (4c01298060cf930d26a75a86b874b6ae) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/30 12:24:07.0100 5464 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/04/30 12:24:07.0147 5464 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/30 12:24:07.0303 5464 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/30 12:24:07.0381 5464 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/30 12:24:07.0506 5464 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/30 12:24:07.0553 5464 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/30 12:24:07.0599 5464 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/30 12:24:07.0724 5464 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/30 12:24:07.0787 5464 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/30 12:24:07.0927 5464 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/30 12:24:07.0989 5464 JMCR (dedb6cc1b166928a8f3f68def1766db0) C:\Windows\system32\DRIVERS\jmcr.sys
2011/04/30 12:24:08.0052 5464 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/30 12:24:08.0177 5464 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/04/30 12:24:08.0223 5464 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/30 12:24:08.0379 5464 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/30 12:24:08.0426 5464 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/30 12:24:08.0473 5464 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/30 12:24:08.0582 5464 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/30 12:24:08.0629 5464 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/30 12:24:08.0691 5464 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/30 12:24:08.0832 5464 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/30 12:24:08.0910 5464 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/30 12:24:08.0941 5464 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/30 12:24:09.0035 5464 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/30 12:24:09.0097 5464 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/30 12:24:09.0175 5464 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/30 12:24:09.0393 5464 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/30 12:24:09.0596 5464 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/30 12:24:09.0705 5464 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/04/30 12:24:09.0830 5464 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/30 12:24:09.0924 5464 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/30 12:24:09.0955 5464 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/30 12:24:10.0033 5464 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2011/04/30 12:24:10.0111 5464 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/30 12:24:10.0220 5464 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/30 12:24:10.0314 5464 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/30 12:24:10.0407 5464 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/30 12:24:10.0485 5464 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/30 12:24:10.0532 5464 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/30 12:24:10.0626 5464 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/04/30 12:24:10.0704 5464 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/30 12:24:10.0782 5464 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/30 12:24:10.0891 5464 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/04/30 12:24:11.0000 5464 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/30 12:24:11.0109 5464 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/04/30 12:24:11.0203 5464 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/30 12:24:11.0281 5464 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/30 12:24:11.0343 5464 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/30 12:24:11.0421 5464 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/30 12:24:11.0515 5464 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/30 12:24:11.0609 5464 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/30 12:24:11.0718 5464 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/30 12:24:11.0858 5464 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/30 12:24:11.0999 5464 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/30 12:24:12.0108 5464 npf (6623e51595c0076755c29c00846c4eb2) C:\Windows\system32\drivers\npf.sys
2011/04/30 12:24:12.0217 5464 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/04/30 12:24:12.0389 5464 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/30 12:24:12.0654 5464 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/04/30 12:24:12.0794 5464 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/30 12:24:12.0888 5464 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/30 12:24:12.0997 5464 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/30 12:24:13.0044 5464 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/30 12:24:13.0091 5464 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/30 12:24:13.0184 5464 OemBiosDevice (cd85dd531c2fc085108aebc047072476) C:\Windows\system32\drivers\royal.sys
2011/04/30 12:24:13.0309 5464 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/30 12:24:13.0403 5464 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/04/30 12:24:13.0512 5464 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/04/30 12:24:13.0559 5464 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/04/30 12:24:13.0715 5464 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/30 12:24:13.0761 5464 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/04/30 12:24:13.0808 5464 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/04/30 12:24:13.0964 5464 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/30 12:24:14.0042 5464 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/30 12:24:14.0214 5464 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/30 12:24:14.0261 5464 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/30 12:24:14.0323 5464 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/30 12:24:14.0432 5464 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/30 12:24:14.0510 5464 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/30 12:24:14.0651 5464 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/30 12:24:14.0682 5464 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/30 12:24:14.0713 5464 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/30 12:24:14.0775 5464 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/30 12:24:14.0885 5464 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/30 12:24:14.0931 5464 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/30 12:24:14.0978 5464 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/30 12:24:15.0103 5464 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/30 12:24:15.0150 5464 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/30 12:24:15.0165 5464 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/30 12:24:15.0243 5464 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/04/30 12:24:15.0368 5464 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/04/30 12:24:15.0415 5464 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/30 12:24:15.0462 5464 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/04/30 12:24:15.0602 5464 s1029bus (69013a123a00b3042c260b0056df0152) C:\Windows\system32\DRIVERS\s1029bus.sys
2011/04/30 12:24:15.0649 5464 s1029mdfl (1565fc31f872963fe8af471123d8424c) C:\Windows\system32\DRIVERS\s1029mdfl.sys
2011/04/30 12:24:15.0774 5464 s1029mdm (d67a8042ecf6c983ac0e308b36603677) C:\Windows\system32\DRIVERS\s1029mdm.sys
2011/04/30 12:24:15.0821 5464 s1029mgmt (9ac56f06c1e13a963c82ebd067fdf274) C:\Windows\system32\DRIVERS\s1029mgmt.sys
2011/04/30 12:24:15.0961 5464 s1029nd5 (00c66c6baafb2747f15f94f15888c94a) C:\Windows\system32\DRIVERS\s1029nd5.sys
2011/04/30 12:24:16.0039 5464 s1029obex (6fc093aba554e45755dc2f3896b6c8d7) C:\Windows\system32\DRIVERS\s1029obex.sys
2011/04/30 12:24:16.0133 5464 s1029unic (9979b0e68815394665b2109b03d15fa1) C:\Windows\system32\DRIVERS\s1029unic.sys
2011/04/30 12:24:16.0211 5464 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/30 12:24:16.0273 5464 sdbus (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
2011/04/30 12:24:16.0351 5464 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/30 12:24:16.0460 5464 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
2011/04/30 12:24:16.0569 5464 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/04/30 12:24:16.0601 5464 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/04/30 12:24:16.0663 5464 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/30 12:24:16.0803 5464 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/30 12:24:16.0866 5464 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/30 12:24:16.0881 5464 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/30 12:24:17.0006 5464 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/30 12:24:17.0084 5464 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/30 12:24:17.0115 5464 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/30 12:24:17.0225 5464 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/30 12:24:17.0318 5464 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/04/30 12:24:17.0427 5464 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
2011/04/30 12:24:17.0583 5464 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/30 12:24:17.0661 5464 sptd (090adc3d9b5730ac3b20bdd5a54e2d28) C:\Windows\system32\Drivers\sptd.sys
2011/04/30 12:24:17.0661 5464 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 090adc3d9b5730ac3b20bdd5a54e2d28
2011/04/30 12:24:17.0693 5464 sptd - detected Locked file (1)
2011/04/30 12:24:17.0802 5464 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/04/30 12:24:17.0833 5464 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/30 12:24:17.0895 5464 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/30 12:24:18.0036 5464 sscdbus (92b69020fc480219683d429dca068d71) C:\Windows\system32\DRIVERS\sscdbus.sys
2011/04/30 12:24:18.0114 5464 sscdmdfl (77a2869d40cc84af711c321f9b0c7a78) C:\Windows\system32\DRIVERS\sscdmdfl.sys
2011/04/30 12:24:18.0176 5464 sscdmdm (b4255635195a8413fcde7af5b7c4e382) C:\Windows\system32\DRIVERS\sscdmdm.sys
2011/04/30 12:24:18.0285 5464 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/30 12:24:18.0348 5464 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/30 12:24:18.0410 5464 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/30 12:24:18.0504 5464 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/30 12:24:18.0582 5464 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/30 12:24:18.0675 5464 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/04/30 12:24:18.0831 5464 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/30 12:24:18.0941 5464 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/30 12:24:19.0065 5464 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/30 12:24:19.0175 5464 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/30 12:24:19.0237 5464 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/30 12:24:19.0284 5464 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/30 12:24:19.0455 5464 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/30 12:24:19.0518 5464 TuneConvertAudio (48afde8e262b4738cd3a25f932bd50d8) C:\Windows\system32\drivers\TuneConvertAudio.sys
2011/04/30 12:24:19.0643 5464 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/30 12:24:19.0705 5464 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/30 12:24:19.0752 5464 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/30 12:24:19.0877 5464 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/30 12:24:19.0955 5464 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/30 12:24:19.0986 5464 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/30 12:24:20.0111 5464 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/30 12:24:20.0142 5464 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/30 12:24:20.0189 5464 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/30 12:24:20.0329 5464 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/30 12:24:20.0391 5464 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/30 12:24:20.0438 5464 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/30 12:24:20.0563 5464 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/30 12:24:20.0594 5464 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/30 12:24:20.0641 5464 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/30 12:24:20.0750 5464 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/04/30 12:24:20.0797 5464 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
2011/04/30 12:24:20.0859 5464 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/30 12:24:20.0984 5464 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/30 12:24:21.0031 5464 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/30 12:24:21.0093 5464 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/04/30 12:24:21.0218 5464 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/30 12:24:21.0249 5464 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/30 12:24:21.0296 5464 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/30 12:24:21.0327 5464 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/30 12:24:21.0452 5464 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/04/30 12:24:21.0468 5464 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/30 12:24:21.0530 5464 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/04/30 12:24:21.0639 5464 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/04/30 12:24:21.0702 5464 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/30 12:24:21.0764 5464 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/30 12:24:21.0873 5464 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/30 12:24:21.0905 5464 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/30 12:24:21.0967 5464 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/30 12:24:22.0123 5464 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
2011/04/30 12:24:22.0217 5464 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/30 12:24:22.0404 5464 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/30 12:24:22.0513 5464 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/30 12:24:22.0622 5464 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/30 12:24:22.0716 5464 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/30 12:24:22.0747 5464 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/30 12:24:23.0043 5464 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/04/30 12:24:23.0043 5464 ================================================================================
2011/04/30 12:24:23.0043 5464 Scan finished
2011/04/30 12:24:23.0043 5464 ================================================================================
2011/04/30 12:24:23.0059 4092 Detected object count: 2
2011/04/30 12:25:34.0902 4092 Locked file(sptd) - User select action: Skip
2011/04/30 12:25:35.0011 4092 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/04/30 12:25:35.0011 4092 \HardDisk0 - ok
2011/04/30 12:25:35.0011 4092 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/04/30 12:26:57.0694 3584 Deinitialize success
kevin27_b3d29f
2 Intern
•
1.5K Posts
0
April 30th, 2011 03:00
Hi,
Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)
Go here to run an online scannner from ESET.
Please post the ESET report back for review and a status report on how the system is running.
Thanks.
user11111
14 Posts
0
May 1st, 2011 02:00
K27,
After the scan of ESET Online Scanner, it doesn't have a button of "Show Results". It only has "List of found threats". And when I clicked it, it shows a virus that was found, but there was a button "Export to text file" below. After I clicked it, I saved it in my Desktop and this is the result:
D:\AutoCAD-Mech'l\acm2010_x64.iso a variant of Win32/Keygen.BL application
kevin27_b3d29f
2 Intern
•
1.5K Posts
0
May 1st, 2011 04:00
Hi,
You can delete D:\AutoCAD-Mech'l\acm2010_x64.iso, just right click the file and click delete.
Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
Thanks.
user11111
14 Posts
0
May 1st, 2011 22:00
I mean the error code was 66A not 669.
user11111
14 Posts
0
May 1st, 2011 22:00
K27,
When I attached the file, It says that I should attach a valid file because they don't accept files like zip.
Windows Update is working now. But there's a new error code (669). The update name is Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708).
Here is the log for aswMBR:
aswMBR version 0.9.5.232 Copyright(c) 2011 AVAST Software
Run date: 2011-05-02 12:11:34
-----------------------------
12:11:34.084 OS Version: Windows 6.0.6002 Service Pack 2
12:11:34.084 Number of processors: 2 586 0x170A
12:11:34.086 ComputerName: FUJITSU-PC UserName: FUJITSU
12:11:45.808 Initialize success
12:12:12.728 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:12:12.732 Disk 0 Vendor: Hitachi_HTS543232L9A300 FB4OC40C Size: 305245MB BusType: 3
12:12:14.754 Disk 0 MBR read successfully
12:12:14.758 Disk 0 MBR scan
12:12:14.762 Disk 0 unknown MBR code
12:12:16.767 Disk 0 scanning sectors +625139712
12:12:16.913 Disk 0 scanning C:\Windows\system32\drivers
12:12:54.800 Service scanning
12:13:01.003 Disk 0 trace - called modules:
12:13:01.029 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x84f351d8]<<
12:13:01.030 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f99578]
12:13:01.030 3 CLASSPNP.SYS[8aba08b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85d29b98]
12:13:01.030 \Driver\atapi[0x85d0e968] -> IRP_MJ_CREATE -> 0x84f351d8
12:13:01.030 Scan finished successfully
12:14:14.369 Disk 0 MBR has been saved successfully to "C:\Users\FUJITSU\Desktop\MBR.dat"
12:14:14.377 The log file has been saved successfully to "C:\Users\FUJITSU\Desktop\aswMBR.txt"
kevin27_b3d29f
2 Intern
•
1.5K Posts
0
May 2nd, 2011 07:00
Hi,
Is the Net.Framework 4 update the only one you are having an issue with. Apart from that, how is the system running.
Thanks.
user11111
14 Posts
0
May 2nd, 2011 23:00
Yes, only the Net.Framework 4 update is not working.
Well like what I've said, I have a problem with some updates. The system is working correctly. There's no errors reported.