Check up!

Uzi_mybb_import14712

Member
Joined
Apr 2, 2011
Posts
157
Reacts
0
Reputation
0
Credits
0
Today I woke up and see my desktop completely black, and everything was gone. I ran it in safe mode, and no luck, I ran malware-bytes deleted infections, and found that it was working faster but still my old files aren't back.

Heres the log of asw:

aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-09 12:52:07
-----------------------------
12:52:07.500 OS Version: Windows 5.1.2600 Service Pack 3
12:52:07.500 Number of processors: 1 586 0x207
12:52:07.500 ComputerName: MASOOD UserName:
12:52:07.984 Initialize success
12:52:30.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:52:30.500 Disk 0 Vendor: ST340014A 8.16 Size: 38146MB BusType: 3
12:52:32.515 Disk 0 MBR read successfully
12:52:32.515 Disk 0 MBR scan
12:52:32.515 Disk 0 TDL4@MBR code has been found
12:52:32.515 Disk 0 Windows XP default MBR code found via API
12:52:32.515 Disk 0 MBR hidden
12:52:32.515 Disk 0 MBR [TDL4] **ROOTKIT**
12:52:32.515 Disk 0 trace - called modules:
12:52:32.531 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x89872ed1]<<
12:52:32.531 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x898a8ab8]
12:52:32.531 3 CLASSPNP.SYS[f7647fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x898d3d98]
12:52:32.531 \Driver\atapi[0x89880510] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x89872ed1
12:52:32.546 Scan finished successfully
12:52:42.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
12:52:42.953 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"



Also The first time I ran OTL it worked fine the way sneak instructed, but now it just won't stop scanning, its taking forever, and before it took like 2 minutes!




========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/11/14 10:52:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/11/14 10:52:17 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/11/14 10:52:17 | 000,876,544 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.sys >
[2001/08/23 09:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2001/08/23 09:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2001/08/23 09:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2001/08/23 09:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/03 17:46:56 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2001/08/23 09:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2001/08/23 09:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2001/08/23 09:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2001/08/23 09:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2001/08/23 09:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/03 17:45:10 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/03 17:45:16 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/03 17:45:12 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/03 17:45:16 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/03 17:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 13:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2011/06/02 09:02:05 | 001,858,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 19:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 19:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 19:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 19:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 19:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 19:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 19:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 19:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 19:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 19:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 19:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 19:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 19:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 19:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 19:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2009/10/25 14:24:12 | 000,021,609 | ---- | M] () -- C:\admin.pl
[2009/11/14 18:01:33 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/08/09 10:19:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/07/19 16:39:49 | 000,921,654 | ---- | M] () -- C:\Camera1-20110719-163949.bmp
[2009/11/14 18:01:33 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/24 00:51:30 | 000,000,188 | ---- | M] () -- C:\INSTALL.LOG
[2009/11/14 18:01:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 20:54:50 | 000,000,457 | -H-- | M] () -- C:\IPH.PH
[2010/05/22 02:56:03 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2009/11/14 18:01:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2001/08/23 07:00:00 | 000,045,124 | RHS- | M] () -- C:\NTDETECT.COM
[2001/08/23 07:00:00 | 000,222,368 | RHS- | M] () -- C:\ntldr
[2011/08/09 12:41:20 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2009/08/27 12:23:18 | 000,000,095 | ---- | M] () -- C:\Read Me.txt

< %PROGRAMFILES%\*. >
[2011/07/30 19:16:02 | 000,000,000 | ---D | M] -- C:\Program Files\AbiWord
[2009/11/30 19:21:56 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/11/14 16:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2009/12/08 19:10:47 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/06/03 22:08:04 | 000,000,000 | ---D | M] -- C:\Program Files\ASIO4ALL v2
[2010/08/22 21:47:47 | 000,000,000 | ---D | M] -- C:\Program Files\Athan
[2011/05/23 20:50:15 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity
[2011/04/03 18:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\AVIcodec
[2010/07/24 19:41:15 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/08/01 15:37:16 | 000,000,000 | ---D | M] -- C:\Program Files\cain
[2011/07/30 19:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/11/14 17:57:56 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/11/14 16:35:27 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2010/09/06 12:40:47 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2011/08/04 02:26:12 | 000,000,000 | ---D | M] -- C:\Program Files\Full Tilt Poker
[2010/08/22 21:52:05 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/07/30 19:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\Image-Line
[2009/11/14 16:35:27 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/11/14 16:31:59 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/06/16 03:23:36 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/09/14 19:31:39 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/04/24 22:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\IRCXpro
[2010/09/14 19:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/02/26 10:52:14 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/07/22 00:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2010/12/24 18:07:54 | 000,000,000 | ---D | M] -- C:\Program Files\KAZAA
[2011/01/13 16:52:05 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2011/08/09 10:51:41 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/14 20:56:27 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2010/05/07 23:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Metasploit
[2009/11/23 18:34:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/11/14 18:01:57 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/04/20 21:00:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SDKs
[2011/06/16 03:23:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/04/20 21:06:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/04/20 21:06:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2010/05/15 21:49:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010/12/23 23:11:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/08/07 01:24:15 | 000,000,000 | ---D | M] -- C:\Program Files\mIRC
[2010/08/12 03:00:59 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/08/04 01:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/04/20 20:58:22 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/12/15 23:56:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2009/11/14 17:57:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/11/14 17:57:31 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2011/07/19 16:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Webcam Recorder
[2011/07/30 19:20:47 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2009/11/14 20:49:56 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/03/18 23:02:42 | 000,000,000 | ---D | M] -- C:\Program Files\No-IP
[2009/12/23 20:49:21 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2011/07/30 19:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Object
[2009/11/14 17:59:51 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/07/22 00:12:12 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2010/12/15 04:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/06/03 22:06:38 | 000,000,000 | ---D | M] -- C:\Program Files\Outsim
[2011/08/04 02:13:15 | 000,000,000 | ---D | M] -- C:\Program Files\PartyGaming
[2011/08/04 02:43:55 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars
[2010/08/22 21:52:57 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars.NET
[2010/09/14 19:25:36 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/04/20 20:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/07/30 19:40:05 | 000,000,000 | ---D | M] -- C:\Program Files\Simple Webcam Capture
[2011/07/23 15:02:54 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2009/12/28 01:43:24 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/08/22 22:07:27 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2011/02/07 21:14:48 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer
[2011/08/09 12:45:30 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/11/14 18:07:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/12/24 18:08:42 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/05/30 00:26:17 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2010/04/25 22:39:25 | 000,000,000 | ---D | M] -- C:\Program Files\Ventrilo
[2010/06/02 22:08:50 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2010/09/25 15:46:35 | 000,000,000 | ---D | M] -- C:\Program Files\VstPlugins
[2010/08/22 21:34:09 | 000,000,000 | ---D | M] -- C:\Program Files\W3i
[2011/07/30 19:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\Webcam Video Capture
[2009/11/23 18:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/11/23 18:34:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2011/07/19 16:32:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2010/05/19 21:31:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/11/14 20:49:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/11/14 17:59:55 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2011/04/07 16:13:22 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap
[2010/07/10 12:32:13 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2011/07/19 16:25:16 | 000,000,000 | ---D | M] -- C:\Program Files\Xenocode
[2009/11/14 18:01:57 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/12/18 23:23:55 | 000,000,000 | ---D | M] -- C:\Program Files\Zone Labs

< %appdata%\*.* >
[2009/11/14 10:53:43 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[2011/06/15 09:44:08 | 000,017,760 | -H-- | M] () -- C:\Documents and Settings\Administrator\Application Data\EE82.F4C
[2 C:\Documents and Settings\Administrator\Application Data\*.tmp files -> C:\Documents and Settings\Administrator\Application Data\*.tmp -> ]


< MD5 for: AGP440.SYS >
[2004/08/03 20:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/03 20:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 01:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 17:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/03 20:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/03 17:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/03 19:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/03 19:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/03 19:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/03 20:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2009/11/14 20:44:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-23 08:00:30

< End of report >
 

Tha Sneak

Member
Joined
Mar 19, 2011
Posts
229
Reacts
0
Reputation
0
Credits
0
Hi,

How to fix TDL4

Re-run aswMBR.exe
  • Click [Scan]
  • On completion of the scan
  • Click the [Fix] for TDL4 (MBRoot):
aswMBR3.png


Once you are done with that, please do the following:

Please download TDSSKiller from here and save it to your Desktop.
  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory.
 
You must log in or register to reply here.

Featured

General Discussion
Inactive FK Username Requests

Share this page

Top