Malwarebytes' Anti-Malware 1.44
Database version: 3826
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

5/3/2010 18:00:20
mbam-log-2010-03-05 (18-00-20).txt

Scan type: Quick Scan
Objects scanned: 110018
Time elapsed: 9 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Just curious here:

Download this << file >> & extract TDSSKiller.exe onto your Desktop

Then create this batch file to be placed next to TDSSKiller

=====

Open NOTEPAD.exe and copy/paste the text in the quotebox below into it:

Code:

@ECHO OFF
START /WAIT TDSSKILLER.exe -l Logit.txt -v
START Logit.txt
del %0

Save this as fix.bat Choose to "Save type as - All Files"
It should look like this:
Double click on fix.bat & allow it to run

Post back to tell me what it says

here u are~

09:36:35:438 4180 TDSS rootkit removing tool 2.2.7.1 Feb 27 2010 13:29:25
09:36:35:438 4180 ================================================================================
09:36:35:438 4180 SystemInfo:

09:36:35:438 4180 OS Version: 6.0.6002 ServicePack: 2.0
09:36:35:438 4180 Product type: Workstation
09:36:35:438 4180 ComputerName: USER-PC
09:36:35:438 4180 UserName: User
09:36:35:438 4180 Windows directory: C:\Windows
09:36:35:438 4180 Processor architecture: Intel x86
09:36:35:438 4180 Number of processors: 2
09:36:35:438 4180 Page size: 0x1000
09:36:35:438 4180 Boot type: Normal boot
09:36:35:438 4180 ================================================================================
09:36:35:454 4180 UnloadDriverW: NtUnloadDriver error 2
09:36:35:454 4180 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
09:36:35:516 4180 Initialize success
09:36:35:516 4180
09:36:35:516 4180 Scanning Services ...
09:36:35:532 4180 wfopen_ex: Trying to open file C:\Windows\system32\config\system
09:36:35:563 4180 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
09:36:35:563 4180 wfopen_ex: Trying to KLMD file open
09:36:35:563 4180 wfopen_ex: File opened ok (Flags 2)
09:36:35:563 4180 wfopen_ex: Trying to open file C:\Windows\system32\config\software
09:36:35:579 4180 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
09:36:35:579 4180 wfopen_ex: Trying to KLMD file open
09:36:35:579 4180 wfopen_ex: File opened ok (Flags 2)
09:36:36:515 4180 GetAdvancedServicesInfo: Raw services enum returned 433 services
09:36:36:515 4180 fclose_ex: Trying to close file C:\Windows\system32\config\system
09:36:36:515 4180 fclose_ex: Trying to close file C:\Windows\system32\config\software
09:36:36:515 4180
09:36:36:530 4180 Scanning Kernel memory ...
09:36:36:530 4180 Devices to scan: 1
09:36:36:530 4180
09:36:36:530 4180 Driver Name: atapi
09:36:36:530 4180 IRP_MJ_CREATE : 86FC1140
09:36:36:530 4180 IRP_MJ_CREATE_NAMED_PIPE : 81E33A22
09:36:36:530 4180 IRP_MJ_CLOSE : 86FC1140
09:36:36:530 4180 IRP_MJ_READ : 81E33A22
09:36:36:530 4180 IRP_MJ_WRITE : 81E33A22
09:36:36:530 4180 IRP_MJ_QUERY_INFORMATION : 81E33A22
09:36:36:530 4180 IRP_MJ_SET_INFORMATION : 81E33A22
09:36:36:530 4180 IRP_MJ_QUERY_EA : 81E33A22
09:36:36:530 4180 IRP_MJ_SET_EA : 81E33A22
09:36:36:530 4180 IRP_MJ_FLUSH_BUFFERS : 81E33A22
09:36:36:530 4180 IRP_MJ_QUERY_VOLUME_INFORMATION : 81E33A22
09:36:36:530 4180 IRP_MJ_SET_VOLUME_INFORMATION : 81E33A22
09:36:36:530 4180 IRP_MJ_DIRECTORY_CONTROL : 81E33A22
09:36:36:530 4180 IRP_MJ_FILE_SYSTEM_CONTROL : 81E33A22
09:36:36:530 4180 IRP_MJ_DEVICE_CONTROL : 86FAFA5A
09:36:36:530 4180 IRP_MJ_INTERNAL_DEVICE_CONTROL : 86FAFA2C
09:36:36:530 4180 IRP_MJ_SHUTDOWN : 81E33A22
09:36:36:530 4180 IRP_MJ_LOCK_CONTROL : 81E33A22
09:36:36:530 4180 IRP_MJ_CLEANUP : 81E33A22
09:36:36:530 4180 IRP_MJ_CREATE_MAILSLOT : 81E33A22
09:36:36:530 4180 IRP_MJ_QUERY_SECURITY : 81E33A22
09:36:36:530 4180 IRP_MJ_SET_SECURITY : 81E33A22
09:36:36:530 4180 IRP_MJ_POWER : 86FAFA88
09:36:36:530 4180 IRP_MJ_SYSTEM_CONTROL : 86FBCB70
09:36:36:530 4180 IRP_MJ_DEVICE_CHANGE : 81E33A22
09:36:36:530 4180 IRP_MJ_QUERY_QUOTA : 81E33A22
09:36:36:530 4180 IRP_MJ_SET_QUOTA : 81E33A22
09:36:36:530 4180 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
09:36:36:530 4180 sion
09:36:36:546 4180 C:\Windows\system32\drivers\atapi.sys - Verdict: Clean
09:36:36:546 4180
09:36:36:546 4180 Completed
09:36:36:546 4180
09:36:36:546 4180 Results:
09:36:36:546 4180 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
09:36:36:546 4180 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
09:36:36:546 4180 File objects infected / cured / cured on reboot: 0 / 0 / 0
09:36:36:546 4180
09:36:36:546 4180 KLMD(ARK) unloaded successfully

Please do a scan with Kaspersky Online Scanner

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
  
• After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  
• This will start the program and scan your system.
  
• The scan will take a while, so be patient and let it run.
  
• Once the scan is complete, click on View scan report
  
• Now, click on the Save Report as button.
  
• Save the file to your desktop.
  
• Copy and paste that information in your next post.
  

Still with us?