Okay, the good news is you don't have the dropped trojan malware:
Code:
4: kd> !reg findkcb \REGISTRY\MACHINE\SYSTEM\CONTROLSET001\SERVICES
Found KCB = ffffc00129334820 :: \REGISTRY\MACHINE\SYSTEM\CONTROLSET001\SERVICES
Code:
4: kd> !ms_readkcb ffffc00129334820
Key node Services ÿÿÿnk contains 0 key values and 550 subkeys.
[*] Subkeys (550):
...trimmed...
[260] 0xFFFFC0012F6AF08C | ndisrd
Code:
4: kd> !ms_readknode 0xFFFFC00129227000 0xFFFFC0012F6AF08C
Key node ndisrd contains 12 key values and 1 subkeys.
[*] Values (12):
[ 0] 0xFFFFC0012F6AF0E4 | Type | 0x00000001 (REG_DWORD)
[ 1] 0xFFFFC0012F6AF13C | Start | 0x00000001 (REG_DWORD)
[ 2] 0xFFFFC0012F6AF15C | ErrorControl | 0x00000001 (REG_DWORD)
[ 3] 0xFFFFC0012F6AF184 | Tag | 0x0000001E (REG_DWORD)
[ 4] 0xFFFFC0012F6AF1A4 | ImagePath | \SystemRoot\system32\DRIVERS\ndisrd.sys (REG_EXPAND_SZ) \\ Here's our filepath to the driver
[ 5] 0xFFFFC0012F6AF224 | DisplayName | @oem13.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter (REG_SZ)
[ 6] 0xFFFFC0012F6AF2C4 | Group | NDIS (REG_SZ)
[ 7] 0xFFFFC0012F6AF2F4 | Description | @oem13.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter (REG_SZ) \\ This is the driver description
[ 8] 0xFFFFC0012F6AF394 | NdisMajorVersion | 0x00000006 (REG_DWORD)
[ 9] 0xFFFFC0012F6AF3BC | NdisMinorVersion | 0x00000001 (REG_DWORD)
[10] 0xFFFFC0012F6AF3E4 | DriverMajorVersion | 0x00000001 (REG_DWORD)
[11] 0xFFFFC0012F6AF414 | DriverMinorVersion | 0x00000000 (REG_DWORD)
As it turns out, it's just this WinpkFilter LightWeight Filter driver I thought it was in the first place in post #4. The
problem is renaming/breaking this driver also breaks your internet at the same time. Let's try something different this time. If you get to Network Connections (where you can right click your various network adapters and select properties): Control Panel > Network and Internet > Network and Sharing Center > left-hand side "Change adapter settings" > Right-click your LAN/Wireless and
uninstall 'WinpkFilter LightWeight Filter'.
Again before doing so consider making a restore point, just in case.