"Hard drive clusters are partly damaged" Virus?

Inactive
By jpoole23
Nov 9, 2011
Topic Status:
Not open for further replies.
  1. I have a what i am guessing is a virus/malware problem on my 'Windows XP; Professional'.

    Im not currently using this desktop becuase i am not able to access the interet along with any other programs, so i could not complete any of the steps you guys asked before posting either.

    Along with the "Hard Drive Clusters are partly damaged" (which seemed to be more often when this problem just started)

    I get about 20 pop-ups at a time saying:

    "Windows - Delayed Write File"
    - Failed to save all the components for the file \\System(random #'s)
    The file is corrupted or unreadable. This error may be caused by a PC hardware problem.


    Please help! this is a business computer and any help would be greatly appreciated.
  2. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================================================

    Did you try to boot to safe mode to see if things are better there?
  3. jpoole23

    jpoole23 Newcomer, in training Topic Starter Posts: 27

    Yes, all is same there. Besides no pop-ups or alerts from 'System Restore'.

    Though in safe mode, Start > All Programs shows some of the installed programs. But the next folder says empty.
  4. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    If you restart computer in Safe Mode with Networking can you connect to the internet and run some programs?
  5. jpoole23

    jpoole23 Newcomer, in training Topic Starter Posts: 27

    Yes I am on the infected Dell Desktop now, took about a 1/2 hour to load the 'Search' icon in 'Start' but i eventually got to My Doc's through there.
  6. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
    Complete as many steps as you can.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  7. jpoole23

    jpoole23 Newcomer, in training Topic Starter Posts: 27

    Okay.

    I was able to download Avast through Safe Mode, now im at the point where it recommends Restarting the computer or 'some components may fail or cause system failure'.

    I know its normal to restart a computer after such a download im just worried if I restart 'Avast' will be hidden in the 'Empty' folders like all other programs.

    Should I or should i not restart my computer before trying to run an 'Avast' scan?
  8. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    Go ahead and then....

    Let's see, if we can recover your missing features.
    Download and run UnHide
    Let me know, if it worked.
  9. jpoole23

    jpoole23 Newcomer, in training Topic Starter Posts: 27

    Some Logs may not be correct :/ ... computer restarted before i could get to save any logs in time. This is some I found in C: Drive.


    MalewareBytes Log:
    14:10:47 Administrator MESSAGE Protection started successfully
    14:11:08 Administrator MESSAGE IP Protection started successfully
    14:11:09 Administrator MESSAGE IP Protection stopped

    Avast Log:

    aswAr-
    avast! Antirootkit, version 1.0
    Scan started: Monday, November 14, 2011 1:35:25 PM

    Process [0]
    Process [4]
    Process C:\WINDOWS\system32\smss.exe [704]
    Process C:\WINDOWS\system32\csrss.exe [776]
    Process C:\WINDOWS\system32\winlogon.exe [800]
    Process C:\WINDOWS\system32\services.exe [844]
    Process C:\WINDOWS\system32\lsass.exe [868]
    Process C:\WINDOWS\system32\svchost.exe [1040]
    Process C:\WINDOWS\system32\svchost.exe [1108]
    Process C:\WINDOWS\system32\svchost.exe [1208]
    Process C:\WINDOWS\system32\svchost.exe [1292]
    Process C:\Program Files\AVAST Software\Avast\AvastSvc.exe [1576]
    Process C:\WINDOWS\system32\spoolsv.exe [2044]
    Process C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [296]
    Process C:\Program Files\ACT\ACT for Windows\Act.Scheduler.exe [380]
    Process C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [444]
    Process C:\WINDOWS\system32\svchost.exe [548]
    Process C:\Program Files\Java\jre6\bin\jqs.exe [628]
    Process C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [724]
    Process C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe [1232]
    Process C:\WINDOWS\system32\svchost.exe [1352]
    Process C:\WINDOWS\system32\wdfmgr.exe [1512]
    Service .NET CLR Data [???]
    Service .NET CLR Networking [???]
    Service .NET CLR Networking 4.0.0.0 [???]
    Service .NET Data Provider for Oracle [???]
    Service .NET Data Provider for SqlServer [???]
    Service .NETFramework [???]
    Service Aavmker4 [C:\WINDOWS\System32\Drivers\Aavmker4.sys]
    Service Abiosdsk [C:\WINDOWS\System32\Drivers\Abiosdsk.sys]
    Service abp480n5 [C:\WINDOWS\System32\Drivers\abp480n5.sys]
    Service ACPI [C:\WINDOWS\system32\DRIVERS\ACPI.sys]
    Service ACPIEC [C:\WINDOWS\System32\Drivers\ACPIEC.sys]
    Service ACT! Scheduler [c:\program files\act\act for windows\act.scheduler.exe]
    Service Adobe LM Service [C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe]
    Service adpu160m [C:\WINDOWS\System32\Drivers\adpu160m.sys]
    Service AdvancedSystemCareService [C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe]
    Service aec [C:\WINDOWS\system32\drivers\aec.sys]
    Service AFD [C:\WINDOWS\System32\drivers\afd.sys]
    Service Aha154x [C:\WINDOWS\System32\Drivers\Aha154x.sys]
    Service aic78u2 [C:\WINDOWS\System32\Drivers\aic78u2.sys]
    Service aic78xx [C:\WINDOWS\System32\Drivers\aic78xx.sys]
    Service Alerter [C:\WINDOWS\system32\alrsvc.dll]
    Service ALG [C:\WINDOWS\System32\alg.exe]
    Service AliIde [C:\WINDOWS\System32\Drivers\AliIde.sys]
    Service amsint [C:\WINDOWS\System32\Drivers\amsint.sys]
    Service AppMgmt [C:\WINDOWS\System32\appmgmts.dll]
    Service asc [C:\WINDOWS\System32\Drivers\asc.sys]
    Service asc3350p [C:\WINDOWS\System32\Drivers\asc3350p.sys]
    Service asc3550 [C:\WINDOWS\System32\Drivers\asc3550.sys]
    Service ASP.NET [???]
    Service ASP.NET_1.1.4322 [???]
    Service ASP.NET_2.0.50727 [???]
    Service Aspi32 [C:\WINDOWS\System32\Drivers\Aspi32.sys]
    Service aspnet_state [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe]
    Service aswFsBlk [C:\WINDOWS\System32\Drivers\aswFsBlk.sys]
    Service aswMon2 [C:\WINDOWS\System32\Drivers\aswMon2.sys]
    Service aswRdr [C:\WINDOWS\System32\Drivers\aswRdr.sys]
    Service aswSnx [C:\WINDOWS\System32\Drivers\aswSnx.sys]
    Service aswSP [C:\WINDOWS\System32\Drivers\aswSP.sys]
    Service aswTdi [C:\WINDOWS\System32\Drivers\aswTdi.sys]
    Service AsyncMac [C:\WINDOWS\system32\DRIVERS\asyncmac.sys]
    Service atapi [C:\WINDOWS\system32\DRIVERS\atapi.sys]
    Service Atdisk [C:\WINDOWS\System32\Drivers\Atdisk.sys]
    Service Atmarpc [C:\WINDOWS\system32\DRIVERS\atmarpc.sys]
    Service AudioSrv [C:\WINDOWS\System32\audiosrv.dll]
    Service audstub [C:\WINDOWS\system32\DRIVERS\audstub.sys]
    Service avast! Antivirus [C:\Program Files\AVAST Software\Avast\AvastSvc.exe]
    Service awecho [C:\WINDOWS\system32\drivers\awechomd.sys]
    Service awhost32 [C:\Program Files\Symantec\pcAnywhere\awhost32.exe]
    Service awlegacy [C:\WINDOWS\System32\Drivers\awlegacy.sys]
    Service AW_HOST [C:\WINDOWS\system32\drivers\aw_host5.sys]
    Service BattC [???]
    Service Beep [C:\WINDOWS\System32\Drivers\Beep.sys]
    Service BITS [C:\WINDOWS\system32\qmgr.dll]
    Service Browser [C:\WINDOWS\System32\browser.dll]
    Service BthEnum [C:\WINDOWS\system32\DRIVERS\BthEnum.sys]
    Service BthPan [C:\WINDOWS\system32\DRIVERS\bthpan.sys]
    Service BTHPORT [C:\WINDOWS\System32\Drivers\BTHport.sys]
    Service BthServ [C:\WINDOWS\System32\bthserv.dll]
    Service BTHUSB [C:\WINDOWS\System32\Drivers\BTHUSB.sys]
    Service cbidf2k [C:\WINDOWS\System32\Drivers\cbidf2k.sys]
    Service cd20xrnt [C:\WINDOWS\System32\Drivers\cd20xrnt.sys]
    Service Cdaudio [C:\WINDOWS\System32\Drivers\Cdaudio.sys]
    Service Cdfs [C:\WINDOWS\System32\Drivers\Cdfs.sys]
    Service Cdrom [C:\WINDOWS\system32\DRIVERS\cdrom.sys]
    Service Changer [C:\WINDOWS\System32\Drivers\Changer.sys]
    Service CiSvc [C:\WINDOWS\system32\cisvc.exe]
    Service ClipSrv [C:\WINDOWS\system32\clipsrv.exe]
    Service clr_optimization_v2.0.50727_32 [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe]
    Service clr_optimization_v4.0.30319_32 [C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe]
    Service CmdIde [C:\WINDOWS\System32\Drivers\CmdIde.sys]
    Service COMSysApp [C:\WINDOWS\system32\dllhost.exe]
    Service ContentFilter [???]
    Service ContentIndex [???]
    Service Cpqarray [C:\WINDOWS\System32\Drivers\Cpqarray.sys]
    Service CryptSvc [C:\WINDOWS\System32\cryptsvc.dll]
    Service dac2w2k [C:\WINDOWS\System32\Drivers\dac2w2k.sys]
    Service dac960nt [C:\WINDOWS\System32\Drivers\dac960nt.sys]
    Service DcCam [???]
    Service DcomLaunch [C:\WINDOWS\system32\svchost]
    Service DgiVecp [C:\WINDOWS\system32\Drivers\DgiVecp.sys]
    Service Dhcp [C:\WINDOWS\System32\dhcpcsvc.dll]
    Service Disk [C:\WINDOWS\system32\DRIVERS\disk.sys]
    Service DLABOIOM [C:\WINDOWS\System32\DLA\DLABOIOM.SYS]
    Service DLACDBHM [C:\WINDOWS\System32\Drivers\DLACDBHM.SYS]
    Service DLADResN [C:\WINDOWS\System32\DLA\DLADResN.SYS]
    Service DLAIFS_M [C:\WINDOWS\System32\DLA\DLAIFS_M.SYS]
    Service DLAOPIOM [C:\WINDOWS\System32\DLA\DLAOPIOM.SYS]
    Service DLAPoolM [C:\WINDOWS\System32\DLA\DLAPoolM.SYS]
    Service DLARTL_N [C:\WINDOWS\System32\Drivers\DLARTL_N.SYS]
    Service DLAUDFAM [C:\WINDOWS\System32\DLA\DLAUDFAM.SYS]
    Service DLAUDF_M [C:\WINDOWS\System32\DLA\DLAUDF_M.SYS]
    Service dmadmin [C:\WINDOWS\System32\dmadmin.exe]
    Service dmboot [C:\WINDOWS\System32\drivers\dmboot.sys]
    Service dmio [C:\WINDOWS\System32\drivers\dmio.sys]
    Service dmload [C:\WINDOWS\System32\drivers\dmload.sys]
    Service dmserver [C:\WINDOWS\System32\dmserver.dll]
    Service DMusic [C:\WINDOWS\system32\drivers\DMusic.sys]
    Service Dnscache [C:\WINDOWS\System32\dnsrslvr.dll]
    Service Dot3svc [C:\WINDOWS\System32\dot3svc.dll]
    Service dpti2o [C:\WINDOWS\System32\Drivers\dpti2o.sys]
    Service drmkaud [C:\WINDOWS\system32\drivers\drmkaud.sys]
    Service DRVMCDB [C:\WINDOWS\System32\Drivers\DRVMCDB.SYS]
    Service DRVNDDM [C:\WINDOWS\System32\Drivers\DRVNDDM.SYS]
    Service E100B [C:\WINDOWS\system32\DRIVERS\e100b325.sys]
    Service EapHost [C:\WINDOWS\System32\eapsvc.dll]
    Service ERSvc [C:\WINDOWS\System32\ersvc.dll]
    Service Eventlog [C:\WINDOWS\system32\services.exe]
    Service EventSystem [C:\WINDOWS\system32\es.dll]
    Service Fastfat [C:\WINDOWS\System32\Drivers\Fastfat.sys]
    Service FastUserSwitchingCompatibility [C:\WINDOWS\System32\shsvcs.dll]
    Service Fdc [C:\WINDOWS\System32\Drivers\Fdc.sys]
    Service Fips [C:\WINDOWS\System32\Drivers\Fips.sys]
    Service Flpydisk [C:\WINDOWS\System32\Drivers\Flpydisk.sys]
    Service FltMgr [C:\WINDOWS\system32\drivers\fltmgr.sys]
    Service FontCache3.0.0.0 [c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe]
    Service Fs_Rec [C:\WINDOWS\System32\Drivers\Fs_Rec.sys]
    Service Ftdisk [C:\WINDOWS\system32\DRIVERS\ftdisk.sys]
    Service Gernuwa [C:\WINDOWS\System32\Drivers\Gernuwa.sys]
    Service Gpc [C:\WINDOWS\system32\DRIVERS\msgpc.sys]
    Service gupdate [C:\Program Files\Google\Update\GoogleUpdate.exe]
    Service gupdatem [C:\Program Files\Google\Update\GoogleUpdate.exe]
    Service gusvc [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe]
    Service helpsvc [C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll]
    Service HidServ [C:\WINDOWS\System32\hidserv.dll]
    Service HidUsb [C:\WINDOWS\system32\DRIVERS\hidusb.sys]
    Service hkmsvc [C:\WINDOWS\System32\kmsvc.dll]
    Service hpn [C:\WINDOWS\System32\Drivers\hpn.sys]
    Service HTTP [C:\WINDOWS\System32\Drivers\HTTP.sys]
    Service HTTPFilter [C:\WINDOWS\System32\w3ssl.dll]
    Service i2omgmt [C:\WINDOWS\System32\Drivers\i2omgmt.sys]
    Service i2omp [C:\WINDOWS\System32\Drivers\i2omp.sys]
    Service i8042prt [C:\WINDOWS\system32\DRIVERS\i8042prt.sys]
    Service ialm [C:\WINDOWS\system32\DRIVERS\ialmnt5.sys]
    Service idsvc [c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe]
    Service Imapi [C:\WINDOWS\system32\DRIVERS\imapi.sys]
    Service ImapiService [C:\WINDOWS\system32\imapi.exe]
    Service IMFservice [C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe]
    Service inetaccs [???]
    Service ini910u [C:\WINDOWS\System32\Drivers\ini910u.sys]
    Service Inport [???]
    Service IntelIde [C:\WINDOWS\system32\DRIVERS\intelide.sys]
    Service intelppm [C:\WINDOWS\system32\DRIVERS\intelppm.sys]
    Service Ip6Fw [C:\WINDOWS\system32\drivers\ip6fw.sys]
    Service IpFilterDriver [C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys]
    Service IpInIp [C:\WINDOWS\system32\DRIVERS\ipinip.sys]
    Service IpNat [C:\WINDOWS\system32\DRIVERS\ipnat.sys]
    Service IPSec [C:\WINDOWS\system32\DRIVERS\ipsec.sys]
    Service IRENUM [C:\WINDOWS\system32\DRIVERS\irenum.sys]
    Service ISAPISearch [???]
    Service isapnp [C:\WINDOWS\system32\DRIVERS\isapnp.sys]
    Service JavaQuickStarterService [C:\Program Files\Java\jre6\bin\jqs.exe]
    Service Kbdclass [C:\WINDOWS\system32\DRIVERS\kbdclass.sys]
    Service kbdhid [C:\WINDOWS\system32\DRIVERS\kbdhid.sys]
    Service kmixer [C:\WINDOWS\system32\drivers\kmixer.sys]
    Service KSecDD [C:\WINDOWS\System32\Drivers\KSecDD.sys]
    Service lanmanserver [C:\WINDOWS\System32\srvsvc.dll]
    Service lanmanworkstation [C:\WINDOWS\System32\wkssvc.dll]
    Service lbrtfdc [C:\WINDOWS\System32\Drivers\lbrtfdc.sys]
    Service ldap [???]
    Service LicenseService [???]
    Service LiveUpdate [C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE]
    Service LmHosts [C:\WINDOWS\System32\lmhsvc.dll]
    Service MDM [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]
    Service Messenger [C:\WINDOWS\System32\msgsvc.dll]
    Service mnmdd [C:\WINDOWS\System32\Drivers\mnmdd.sys]
    Service mnmsrvc [C:\WINDOWS\system32\mnmsrvc.exe]
    Service Modem [C:\WINDOWS\System32\Drivers\Modem.sys]
    Service Mouclass [C:\WINDOWS\system32\DRIVERS\mouclass.sys]
    Service mouhid [C:\WINDOWS\system32\DRIVERS\mouhid.sys]
    Service MountMgr [C:\WINDOWS\System32\Drivers\MountMgr.sys]
    Service mraid35x [C:\WINDOWS\System32\Drivers\mraid35x.sys]
    Service MRxDAV [C:\WINDOWS\system32\DRIVERS\mrxdav.sys]
    Service MRxSmb [C:\WINDOWS\system32\DRIVERS\mrxsmb.sys]
    Service MSDTC [C:\WINDOWS\system32\msdtc.exe]
    Service MSDTC Bridge 3.0.0.0 [???]
    Service MSDTC Bridge 4.0.0.0 [???]
    Service Msfs [C:\WINDOWS\System32\Drivers\Msfs.sys]
    Service MSIServer [C:\WINDOWS\system32\msiexec.exe]
    Service MSKSSRV [C:\WINDOWS\system32\drivers\MSKSSRV.sys]
    Service MSPCLOCK [C:\WINDOWS\system32\drivers\MSPCLOCK.sys]
    Service MSPQM [C:\WINDOWS\system32\drivers\MSPQM.sys]
    Service mssmbios [C:\WINDOWS\system32\DRIVERS\mssmbios.sys]
    Service MSSQL$ACT7 [C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe]
    Service MSSQLServerADHelper [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe]
    Service Mup [C:\WINDOWS\System32\Drivers\Mup.sys]
    Service napagent [C:\WINDOWS\System32\qagentrt.dll]
    Service NDIS [C:\WINDOWS\System32\Drivers\NDIS.sys]
    Service NdisTapi [C:\WINDOWS\system32\DRIVERS\ndistapi.sys]
    Service Ndisuio [C:\WINDOWS\system32\DRIVERS\ndisuio.sys]
    Service NdisWan [C:\WINDOWS\system32\DRIVERS\ndiswan.sys]
    Service NDProxy [C:\WINDOWS\System32\Drivers\NDProxy.sys]
    Service NetBIOS [C:\WINDOWS\system32\DRIVERS\netbios.sys]
    Service NetBT [C:\WINDOWS\system32\DRIVERS\netbt.sys]
    Service NetDDE [C:\WINDOWS\system32\netdde.exe]
    Service NetDDEdsdm [C:\WINDOWS\system32\netdde.exe]
    Service Netlogon [C:\WINDOWS\system32\lsass.exe]
    Service Netman [C:\WINDOWS\System32\netman.dll]
    Service NetTcpPortSharing [c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe]
    Service Nla [C:\WINDOWS\System32\mswsock.dll]
    Service Npfs [C:\WINDOWS\System32\Drivers\Npfs.sys]
    Service Ntfs [C:\WINDOWS\System32\Drivers\Ntfs.sys]
    Service NtLmSsp [C:\WINDOWS\system32\lsass.exe]
    Service NtmsSvc [C:\WINDOWS\system32\ntmssvc.dll]
    Service Null [C:\WINDOWS\System32\Drivers\Null.sys]
    Service NwlnkFlt [C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys]
    Service NwlnkFwd [C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys]
    Service ose [C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE]
    Service Outlook [???]
    Service Parport [C:\WINDOWS\system32\DRIVERS\parport.sys]
    Service PartMgr [C:\WINDOWS\System32\Drivers\PartMgr.sys]
    Service ParVdm [C:\WINDOWS\System32\Drivers\ParVdm.sys]
    Service PCI [C:\WINDOWS\system32\DRIVERS\pci.sys]
    Service PCIDump [C:\WINDOWS\System32\Drivers\PCIDump.sys]
    Service PCIIde [C:\WINDOWS\system32\DRIVERS\pciide.sys]
    Service Pcmcia [C:\WINDOWS\System32\Drivers\Pcmcia.sys]
    Service PDCOMP [C:\WINDOWS\System32\Drivers\PDCOMP.sys]
    Service PDFRAME [C:\WINDOWS\System32\Drivers\PDFRAME.sys]
    Service PDRELI [C:\WINDOWS\System32\Drivers\PDRELI.sys]
    Service PDRFRAME [C:\WINDOWS\System32\Drivers\PDRFRAME.sys]
    Service perc2 [C:\WINDOWS\System32\Drivers\perc2.sys]
    Service perc2hib [C:\WINDOWS\System32\Drivers\perc2hib.sys]
    Service PerfDisk [???]
    Service PerfNet [???]
    Service PerfOS [???]
    Service PerfProc [???]
    Service PlugPlay [C:\WINDOWS\system32\services.exe]
    Service PolicyAgent [C:\WINDOWS\system32\lsass.exe]
    Service PptpMiniport [C:\WINDOWS\system32\DRIVERS\raspptp.sys]
    Service ProtectedStorage [C:\WINDOWS\system32\lsass.exe]
    Service PSched [C:\WINDOWS\system32\DRIVERS\psched.sys]
    Service Ptilink [C:\WINDOWS\system32\DRIVERS\ptilink.sys]
    Service PxHelp20 [C:\WINDOWS\System32\Drivers\PxHelp20.sys]
    Service ql1080 [C:\WINDOWS\System32\Drivers\ql1080.sys]
    Service Ql10wnt [C:\WINDOWS\System32\Drivers\Ql10wnt.sys]
    Service ql12160 [C:\WINDOWS\System32\Drivers\ql12160.sys]
    Service ql1240 [C:\WINDOWS\System32\Drivers\ql1240.sys]
    Service ql1280 [C:\WINDOWS\System32\Drivers\ql1280.sys]
    Service RasAcd [C:\WINDOWS\system32\DRIVERS\rasacd.sys]
    Service RasAuto [C:\WINDOWS\System32\rasauto.dll]
    Service Rasl2tp [C:\WINDOWS\system32\DRIVERS\rasl2tp.sys]
    Service RasMan [C:\WINDOWS\System32\rasmans.dll]
    Service RasPppoe [C:\WINDOWS\system32\DRIVERS\raspppoe.sys]
    Service Raspti [C:\WINDOWS\system32\DRIVERS\raspti.sys]
    Service Rdbss [C:\WINDOWS\system32\DRIVERS\rdbss.sys]
    Service RDPCDD [C:\WINDOWS\System32\DRIVERS\RDPCDD.sys]
    Service RDPDD [???]
    Service rdpdr [C:\WINDOWS\system32\DRIVERS\rdpdr.sys]
    Service RDPNP [???]
    Service RDPWD [C:\WINDOWS\System32\Drivers\RDPWD.sys]
    Service RDSessMgr [C:\WINDOWS\system32\sessmgr.exe]
    Service redbook [C:\WINDOWS\system32\DRIVERS\redbook.sys]
    Service RemoteAccess [C:\WINDOWS\System32\mprdim.dll]
    Service RemoteRegistry [C:\WINDOWS\system32\regsvc.dll]
    Service RFCOMM [C:\WINDOWS\system32\DRIVERS\rfcomm.sys]
    Service RpcLocator [C:\WINDOWS\system32\locator.exe]
    Service RpcSs [C:\WINDOWS\system32\svchost]
    Service RSVP [C:\WINDOWS\system32\rsvp.exe]
    Service SamSs [C:\WINDOWS\system32\lsass.exe]
    Service SCardSvr [C:\WINDOWS\System32\SCardSvr.exe]
    Service Schedule [C:\WINDOWS\system32\schedsvc.dll]
    Service ScsiPort [???]
    Service Secdrv [C:\WINDOWS\system32\DRIVERS\secdrv.sys]
    Service seclogon [C:\WINDOWS\System32\seclogon.dll]
    Service senfilt [C:\WINDOWS\system32\drivers\senfilt.sys]
    Service SENS [C:\WINDOWS\system32\sens.dll]
    Service serenum [C:\WINDOWS\system32\DRIVERS\serenum.sys]
    Service Serial [C:\WINDOWS\system32\DRIVERS\serial.sys]
    Service ServiceModelEndpoint 3.0.0.0 [???]
    Service ServiceModelEndpoint 4.0.0.0 [???]
    Service ServiceModelOperation 3.0.0.0 [???]
    Service ServiceModelOperation 4.0.0.0 [???]
    Service ServiceModelService 3.0.0.0 [???]
    Service ServiceModelService 4.0.0.0 [???]
    Service Sfloppy [C:\WINDOWS\System32\Drivers\Sfloppy.sys]
    Service SharedAccess [C:\WINDOWS\System32\ipnathlp.dll]
    Service ShellHWDetection [C:\WINDOWS\System32\shsvcs.dll]
    Service Simbad [C:\WINDOWS\System32\Drivers\Simbad.sys]
    Service SMSvcHost 3.0.0.0 [???]
    Service SMSvcHost 4.0.0.0 [???]
    Service smwdm [C:\WINDOWS\system32\drivers\smwdm.sys]
    Service Sparrow [C:\WINDOWS\System32\Drivers\Sparrow.sys]
    Service splitter [C:\WINDOWS\system32\drivers\splitter.sys]
    Service Spooler [C:\WINDOWS\system32\spoolsv.exe]
    Service SQLAgent$ACT7 [C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlagent.EXE]
    Service sr [C:\WINDOWS\system32\DRIVERS\sr.sys]
    Service srservice [C:\WINDOWS\system32\srsvc.dll]
    Service Srv [C:\WINDOWS\system32\DRIVERS\srv.sys]
    Service SSDPSRV [C:\WINDOWS\System32\ssdpsrv.dll]
    Service SSPORT [C:\WINDOWS\system32\Drivers\SSPORT.sys]
    Service stisvc [C:\WINDOWS\system32\wiaservc.dll]
    Service swenum [C:\WINDOWS\system32\DRIVERS\swenum.sys]
    Service swmidi [C:\WINDOWS\system32\drivers\swmidi.sys]
    Service SwPrv [C:\WINDOWS\system32\dllhost.exe]
    Service swwd [???]
    Service symc810 [C:\WINDOWS\System32\Drivers\symc810.sys]
    Service symc8xx [C:\WINDOWS\System32\Drivers\symc8xx.sys]
    Service SymEvent [C:\Program Files\Symantec\SYMEVENT.SYS]
    Service sym_hi [C:\WINDOWS\System32\Drivers\sym_hi.sys]
    Service sym_u3 [C:\WINDOWS\System32\Drivers\sym_u3.sys]
    Service sysaudio [C:\WINDOWS\system32\drivers\sysaudio.sys]
    Service SysmonLog [C:\WINDOWS\system32\smlogsvc.exe]
    Service TapiSrv [C:\WINDOWS\System32\tapisrv.dll]
    Service Tcpip [C:\WINDOWS\system32\DRIVERS\tcpip.sys]
    Service TDPIPE [C:\WINDOWS\System32\Drivers\TDPIPE.sys]
    Service TDTCP [C:\WINDOWS\System32\Drivers\TDTCP.sys]
    Service TermDD [C:\WINDOWS\system32\DRIVERS\termdd.sys]
    Service TermService [C:\WINDOWS\System32\svchost]
    Service Themes [C:\WINDOWS\System32\shsvcs.dll]
    Service TlntSvr [C:\WINDOWS\system32\tlntsvr.exe]
    Service TosIde [C:\WINDOWS\System32\Drivers\TosIde.sys]
    Service TrkWks [C:\WINDOWS\system32\trkwks.dll]
    Service TSDDD [???]
    Service Udfs [C:\WINDOWS\System32\Drivers\Udfs.sys]
    Service ultra [C:\WINDOWS\System32\Drivers\ultra.sys]
    Service UMWdf [C:\WINDOWS\system32\wdfmgr.exe]
    Service Update [C:\WINDOWS\system32\DRIVERS\update.sys]
    Service upnphost [C:\WINDOWS\System32\upnphost.dll]
    Service UPS [C:\WINDOWS\System32\ups.exe]
    Service usbccgp [C:\WINDOWS\system32\DRIVERS\usbccgp.sys]
    Service usbehci [C:\WINDOWS\system32\DRIVERS\usbehci.sys]
    Service usbhub [C:\WINDOWS\system32\DRIVERS\usbhub.sys]
    Service usbprint [C:\WINDOWS\system32\DRIVERS\usbprint.sys]
    Service usbscan [C:\WINDOWS\system32\DRIVERS\usbscan.sys]
    Service USBSTOR [C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS]
    Service usbuhci [C:\WINDOWS\system32\DRIVERS\usbuhci.sys]
    Service VgaSave [C:\WINDOWS\System32\drivers\vga.sys]
    Service ViaIde [C:\WINDOWS\System32\Drivers\ViaIde.sys]
    Service VolSnap [C:\WINDOWS\System32\Drivers\VolSnap.sys]
    Service VSS [C:\WINDOWS\System32\vssvc.exe]
    Service W32Time [C:\WINDOWS\system32\w32time.dll]
    Service W3SVC [???]
    Service Wanarp [C:\WINDOWS\system32\DRIVERS\wanarp.sys]
    Service WDICA [C:\WINDOWS\System32\Drivers\WDICA.sys]
    Service wdmaud [C:\WINDOWS\system32\drivers\wdmaud.sys]
    Service WebClient [C:\WINDOWS\System32\webclnt.dll]
    Service Windows Workflow Foundation 3.0.0.0 [???]
    Service winmgmt [C:\WINDOWS\system32\wbem\WMIsvc.dll]
    Service Winsock [C:\WINDOWS\System32\Drivers\Winsock.sys]
    Service WinSock2 [???]
    Service WinTrust [???]
    Service WmdmPmSN [C:\WINDOWS\system32\MsPMSNSv.dll]
    Service Wmi [C:\WINDOWS\System32\advapi32.dll]
    Service WmiApRpl [???]
    Service WmiApSrv [C:\WINDOWS\system32\wbem\wmiapsrv.exe]
    Service WPFFontCache_v0400 [C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe]
    Service WS2IFSL [???]
    Service wscsvc [C:\WINDOWS\system32\wscsvc.dll]
    Service WZCSVC [C:\WINDOWS\System32\wzcsvc.dll]
    Service xmlprov [C:\WINDOWS\System32\xmlprov.dll]
    Service {449D22E0-6718-4BD4-A05B-279F23CDC189} [???]
    Service {A0A5D22E-78A1-4D21-BC83-244EE7CB051A} [???]

    Scan finished: Monday, November 14, 2011 1:35:47 PM
    Hidden files found: 0
    Hidden registry items found: 0
    Hidden processes found: 0
    Hidden services found: 0
    Hidden boot sectors found: 0


    ----------
  10. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    Those logs are incorrect.
    Please re-run those tools.

    I still need other logs as well.

    Did you run UnHide?
    Did it help?
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.