Jump to content

tempaccount87

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Everything posted by tempaccount87

  1. tempaccount87
    Oh hey look another log Malwarebytes Anti-Rootkit BETA 1.07.0.1009www.malwarebytes.org Database version: v2014.02.21.02 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16518Matt :: MATT-PC [administrator] 2/21/2014 12:41:41 AMmbar-log-2014-02-21 (00-41-41).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled: Objects scanned: 245303Time elapsed: 2 hour(s), 16 minute(s), 1 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) Physical Sectors Detected: 0(No malicious items detected) (end)
  2. tempaccount87
    Scan took over two hours, tons of errors. Computer is a Lenovo Y580 (its has hidden partitions). Log: ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16518 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 2.294000 GHzMemory total: 8487546880, free: 5823275008 Downloaded database version: v2014.02.21.02Downloaded database version: v2014.02.20.01=======================================Initializing...------------ Kernel report ------------ 02/21/2014 00:41:38------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\system32\DRIVERS\iusb3hcs.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\compbatt.sys\SystemRoot\system32\drivers\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\drivers\nsd.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\system32\DRIVERS\nvpciflt.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\DRIVERS\LhdX64.sys\SystemRoot\System32\DRIVERS\HybridDiskX64.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\System32\Drivers\aswVmm.sys\SystemRoot\System32\Drivers\aswRvrt.sys\SystemRoot\system32\DRIVERS\cdrom.sys\??\C:\Windows\system32\drivers\aswSnx.sys\SystemRoot\system32\DRIVERS\HybridCFileX64.sys\??\C:\Windows\system32\drivers\aswSP.sys\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\??\C:\Windows\system32\drivers\aswRdr2.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vwififlt.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\DRIVERS\termdd.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\drivers\Nsdfltr.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\DRIVERS\igdkmd64.sys\SystemRoot\system32\DRIVERS\iusb3xhc.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\HECIx64.sys\SystemRoot\system32\drivers\usbehci.sys\SystemRoot\system32\drivers\USBPORT.SYS\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\L1C62x64.sys\SystemRoot\system32\DRIVERS\NETwNs64.sys\SystemRoot\system32\DRIVERS\vwifibus.sys\SystemRoot\system32\DRIVERS\jmcr.sys\SystemRoot\system32\DRIVERS\SCSIPORT.SYS\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\SynTP.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\AcpiVpc.sys\SystemRoot\system32\DRIVERS\CmBatt.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\DRIVERS\AMPPAL.sys\SystemRoot\system32\DRIVERS\CompositeBus.sys\SystemRoot\system32\DRIVERS\clwvd.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\hswpan.sys\SystemRoot\system32\DRIVERS\iwdbus.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\DRIVERS\iusb3hub.sys\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\DRIVERS\IntcDAud.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\system32\drivers\hidusb.sys\SystemRoot\system32\drivers\HIDCLASS.SYS\SystemRoot\system32\drivers\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\kbdhid.sys\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\rtsuvc.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\drivers\luafv.sys\??\C:\Windows\system32\drivers\aswMonFlt.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\system32\DRIVERS\vwifimp.sys\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\drivers\WudfPf.sys\??\C:\Windows\system32\drivers\aswStm.sys\??\C:\Windows\system32\Drivers\rikvm_3A60B698.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\ole32.dll\Windows\System32\oleaut32.dll\Windows\System32\psapi.dll\Windows\System32\nsi.dll\Windows\System32\rpcrt4.dll\Windows\System32\sechost.dll\Windows\System32\lpk.dll\Windows\System32\user32.dll\Windows\System32\shell32.dll\Windows\System32\usp10.dll\Windows\System32\iertutil.dll\Windows\System32\clbcatq.dll\Windows\System32\shlwapi.dll\Windows\System32\imm32.dll\Windows\System32\wininet.dll\Windows\System32\comdlg32.dll\Windows\System32\imagehlp.dll\Windows\System32\normaliz.dll\Windows\System32\difxapi.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa8007e53060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-2\Lower Device Object: 0xfffffa800777b050Lower Device Driver Name: \Driver\iaStor\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa8007d77790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-1\Lower Device Object: 0xfffffa800777d050Lower Device Driver Name: \Driver\iaStor\<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa8007d77790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8007c79b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8007d7d260, DeviceName: Unknown, DriverName: \Driver\HybridDisk\DevicePointer: 0xfffffa8007d7d7e0, DeviceName: Unknown, DriverName: \Driver\LHDmgr\DevicePointer: 0xfffffa8007d77790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800777d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\HybridDisk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\afd.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\aliide.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\amdide.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\aswRdr2.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\aswRvrt.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\aswSnx.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\cmdide.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\cng.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\drmkaud.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\bowser.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\HECIx64.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\hidclass.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\intelide.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\ksecdd.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\ksecpkg.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\monitor.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\mrxdav.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\ndis.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\dxgkrnl.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\dxgmms1.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\FWPKCLNT.SYSFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\portcls.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\rdpwd.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\tcpip.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\tcpipreg.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\netio.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\pciide.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\RNDISMP.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\usbhub.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\viaide.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\tssecsrv.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\usb8023.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\Wdf01000.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\WUDFPf.sysFile kernel read failed: C:\WINDOWS\SYSTEM32\drivers\WUDFRd.sysDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: EA3DD701 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 409600 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 411648 Numsec = 1923478960 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 1923890608 Numsec = 51200000 Partition 3 type is Other (0x12) Partition is NOT ACTIVE. Partition starts at LBA: 1975090608 Numsec = 40963504 Disk Size: 1032219705344 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-2016034112-2016054112)...Kernel read failed: 2016034112Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa8007e53060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8007c7cb90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8007e54ac0, DeviceName: Unknown, DriverName: \Driver\HybridDisk\DevicePointer: 0xfffffa8007e54040, DeviceName: Unknown, DriverName: \Driver\LHDmgr\DevicePointer: 0xfffffa8007e53060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800777b050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\HybridDisk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: EA3DD736 Partition information: Partition 0 type is Other (0x12) Partition is NOT ACTIVE. Partition starts at LBA: 1979 Numsec = 1861359685 Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 1861361664 Numsec = 51200000 Partition 2 type is Other (0x12) Partition is NOT ACTIVE. Partition starts at LBA: 1912561664 Numsec = 40963504 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Can't determine a physical size of a drive 1...Scan finished======================================= Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...Removal finished Let me know if you need anything else to help improve the product.
  3. tempaccount87
    I also removed it last night but than after rebooting it came back.
  4. tempaccount87
    This started last night, and has been worrying me. What the heck is a boost_interprocess? From what I have seen online its some sort of coding thing, although their are topics on avast forms that say its a rootkit or something. If this is a false positive what program did I install that caused this to show up? Internet Explorer 11.0.9600.16518 REMOVED for privacy [administrator] Protection: Enabled 2/19/2014 12:02:40 PM mbam-log-2014-02-19 (12-02-40).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 483248 Time elapsed: 35 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 2 C:\ProgramData\boost_interprocess (PUP.Optional.BoostInterProcess.A) -> Quarantined and deleted successfully. C:\ProgramData\boost_interprocess\20140219024626.610798 (PUP.Optional.BoostInterProcess.A) -> Quarantined and deleted successfully. Files Detected: 1 C:\ProgramData\boost_interprocess\20140219024626.610798\plex_frame_mutex (PUP.Optional.BoostInterProcess.A) -> Quarantined and deleted successfully. (end) PUP.Optional.BoostInterProcess.A.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.