hayduck
-
Posts
19 -
Joined
-
Last visited
-
Sorry...I guess I jumped the gun, I thought we were done. Results of screen317's Security Check version 0.99.50 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.1 Java 7 Update 5 Java version out of Date! Adobe Flash Player 11.3.300.271 Flash Player out of Date! Adobe Reader X (10.1.4) Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 47% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
-
Looks like I'm good to go. Thank you for your help, you guys are always very quick and helpful. I'll be sure to donate on payday.
-
MBAM Roport Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.09.04.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 i7 :: I7-PC [administrator] 9/4/2012 5:47:33 PM mbam-log-2012-09-04 (17-47-33).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 215847 Time elapsed: 26 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
Here is the Rougekiller Log RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : i7 [Admin rights] Mode : Scan -- Date : 09/04/2012 17:14:09 ¤¤¤ Bad processes : 2 ¤¤¤ [sUSP PATH][DLL] rundll32.exe -- C:\Windows\SysWOW64\rundll32.exe : -> KILLED [TermProc] [sUSP PATH][DLL] rundll32.exe -- C:\Windows\SysWOW64\rundll32.exe : -> KILLED [TermProc] ¤¤¤ Registry Entries : 7 ¤¤¤ [sTARTUP][bLACKLIST DLL] ctfmon.lnk @i7 : C:\Windows\System32\rundll32.exe|C:\Users\i7\AppData\Local\Temp\wgsdgsdgdsgsd.exe,FQ10 -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: KINGSTON SH100S3120G ATA Device +++++ --- User --- [MBR] 36c1fa626e818add156f4bd11048e37d [bSP] a992c4fe6cf24c784d267957a6d7fe0a : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
-
I've got a Trojan.Ransom.Gen on my PC. I have run Malwarebytes 3-4 and clicked remove, it keeps showing up. I get the warning saying my comp is blocked and I need to pay $200 to unblock my comp. Thank you in advance for your help, it is greatly appreciated. Logs are attached. DDS.txt Attach.txt
-
Hi, I'm still getting the detection right on the hour.
-
Hi, I ren the Batch files again as Admin, same result. I still get the detection on the hour
-
Hi, Yes I still got the detection right on schedule at 16:00. Oh, I just realized that this is what the protection log file looks like when I get the detection and select Quarantine. Protection Log at time of detection: 16:00:06 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent QUARANTINE 16:00:07 Administrator ERROR Quarantine failed: UtilityReadFile failed with error code 2
-
Hi, I'm not Sure how much of the Logs folder you want, there are 147 of them, every single day since march, when I bought Malwarebytes. Here is what 95% of them look like, taken from today's log. 14:34:41 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:41 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:49 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:49 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:49 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:49 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:50 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:51 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:51 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:51 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 14:34:51 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 15:00:00 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 16:00:00 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY 17:00:00 Administrator DETECTION C:\program files (x86)\internet explorer\wmpscfgs.exe Trojan.Agent DENY
-
Hi, The Screenshot is attached.
-
Hello, 2010/08/21 19:10:00.0388 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23 2010/08/21 19:10:00.0388 ================================================================================ 2010/08/21 19:10:00.0388 SystemInfo: 2010/08/21 19:10:00.0388 2010/08/21 19:10:00.0388 OS Version: 6.0.6002 ServicePack: 2.0 2010/08/21 19:10:00.0388 Product type: Workstation 2010/08/21 19:10:00.0388 ComputerName: SOULEN-PC 2010/08/21 19:10:00.0388 UserName: Administrator 2010/08/21 19:10:00.0388 Windows directory: C:\Windows 2010/08/21 19:10:00.0388 System windows directory: C:\Windows 2010/08/21 19:10:00.0388 Running under WOW64 2010/08/21 19:10:00.0388 Processor architecture: Intel x64 2010/08/21 19:10:00.0388 Number of processors: 2 2010/08/21 19:10:00.0388 Page size: 0x1000 2010/08/21 19:10:00.0388 Boot type: Normal boot 2010/08/21 19:10:00.0388 ================================================================================ 2010/08/21 19:10:00.0388 Utility is running under WOW64, functionality is limited. 2010/08/21 19:10:00.0918 Initialize success 2010/08/21 19:10:04.0849 ================================================================================ 2010/08/21 19:10:04.0849 Scan started 2010/08/21 19:10:04.0849 Mode: Manual; 2010/08/21 19:10:04.0849 ================================================================================ 2010/08/21 19:10:07.0517 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 2010/08/21 19:10:08.0157 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 2010/08/21 19:10:09.0171 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 2010/08/21 19:10:10.0091 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 2010/08/21 19:10:10.0793 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 2010/08/21 19:10:13.0039 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys 2010/08/21 19:10:13.0695 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 2010/08/21 19:10:14.0599 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 2010/08/21 19:10:15.0395 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 2010/08/21 19:10:16.0019 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 2010/08/21 19:10:16.0659 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 2010/08/21 19:10:17.0797 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 2010/08/21 19:10:18.0141 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 2010/08/21 19:10:19.0825 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/08/21 19:10:20.0871 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 2010/08/21 19:10:22.0680 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 2010/08/21 19:10:23.0070 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys 2010/08/21 19:10:23.0585 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 2010/08/21 19:10:23.0913 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 2010/08/21 19:10:24.0693 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 2010/08/21 19:10:25.0176 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 2010/08/21 19:10:25.0457 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 2010/08/21 19:10:25.0987 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 2010/08/21 19:10:26.0487 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 2010/08/21 19:10:27.0516 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 2010/08/21 19:10:28.0296 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 2010/08/21 19:10:29.0326 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 2010/08/21 19:10:29.0575 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 2010/08/21 19:10:31.0666 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 2010/08/21 19:10:32.0368 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 2010/08/21 19:10:33.0007 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 2010/08/21 19:10:34.0099 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys 2010/08/21 19:10:35.0691 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 2010/08/21 19:10:35.0800 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys 2010/08/21 19:10:35.0925 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2010/08/21 19:10:35.0987 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys 2010/08/21 19:10:36.0127 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 2010/08/21 19:10:36.0315 DXGKrnl (1d96e28ebcd96ad1b44a3fd02ca6433d) C:\Windows\System32\drivers\dxgkrnl.sys 2010/08/21 19:10:36.0377 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 2010/08/21 19:10:36.0455 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 2010/08/21 19:10:36.0595 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 2010/08/21 19:10:36.0658 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 2010/08/21 19:10:36.0907 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 2010/08/21 19:10:37.0017 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 2010/08/21 19:10:37.0079 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 2010/08/21 19:10:37.0251 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 2010/08/21 19:10:37.0282 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 2010/08/21 19:10:37.0313 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/08/21 19:10:37.0391 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 2010/08/21 19:10:37.0500 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 2010/08/21 19:10:37.0547 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 2010/08/21 19:10:37.0609 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 2010/08/21 19:10:37.0672 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/08/21 19:10:37.0797 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 2010/08/21 19:10:37.0843 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 2010/08/21 19:10:37.0890 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 2010/08/21 19:10:37.0953 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 2010/08/21 19:10:38.0077 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 2010/08/21 19:10:38.0187 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 2010/08/21 19:10:38.0265 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/08/21 19:10:38.0311 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 2010/08/21 19:10:38.0421 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 2010/08/21 19:10:38.0499 IntcAzAudAddService (bb9ddf61538f2822486f4d0fc0e65c1d) C:\Windows\system32\drivers\RTKVHD64.sys 2010/08/21 19:10:38.0577 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 2010/08/21 19:10:38.0670 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 2010/08/21 19:10:38.0748 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/08/21 19:10:38.0842 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 2010/08/21 19:10:38.0889 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 2010/08/21 19:10:38.0951 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 2010/08/21 19:10:38.0998 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 2010/08/21 19:10:39.0060 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/08/21 19:10:39.0123 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 2010/08/21 19:10:39.0185 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 2010/08/21 19:10:39.0247 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/08/21 19:10:39.0310 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/08/21 19:10:39.0372 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys 2010/08/21 19:10:39.0450 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 2010/08/21 19:10:39.0559 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 2010/08/21 19:10:39.0871 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 2010/08/21 19:10:39.0949 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 2010/08/21 19:10:39.0996 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 2010/08/21 19:10:40.0074 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 2010/08/21 19:10:40.0137 MBAMProtector (e330051cce41eb4522e5dcebc15adcea) C:\Windows\system32\drivers\mbam.sys 2010/08/21 19:10:40.0199 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 2010/08/21 19:10:40.0324 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 2010/08/21 19:10:40.0542 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 2010/08/21 19:10:40.0683 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 2010/08/21 19:10:40.0776 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 2010/08/21 19:10:40.0963 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 2010/08/21 19:10:41.0010 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 2010/08/21 19:10:41.0104 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 2010/08/21 19:10:41.0135 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 2010/08/21 19:10:41.0229 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 2010/08/21 19:10:41.0509 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 2010/08/21 19:10:41.0619 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/08/21 19:10:41.0697 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/08/21 19:10:41.0728 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/08/21 19:10:41.0775 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 2010/08/21 19:10:41.0821 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 2010/08/21 19:10:41.0899 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 2010/08/21 19:10:41.0962 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 2010/08/21 19:10:42.0055 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 2010/08/21 19:10:42.0087 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/08/21 19:10:42.0118 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 2010/08/21 19:10:42.0149 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 2010/08/21 19:10:42.0211 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/08/21 19:10:42.0227 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 2010/08/21 19:10:42.0274 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 2010/08/21 19:10:42.0367 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 2010/08/21 19:10:42.0414 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 2010/08/21 19:10:42.0477 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/08/21 19:10:42.0508 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/08/21 19:10:42.0601 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/08/21 19:10:42.0633 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 2010/08/21 19:10:42.0679 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 2010/08/21 19:10:42.0773 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 2010/08/21 19:10:42.0929 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 2010/08/21 19:10:42.0991 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 2010/08/21 19:10:43.0163 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 2010/08/21 19:10:43.0225 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 2010/08/21 19:10:43.0288 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 2010/08/21 19:10:43.0381 NVENETFD (9733f305fa84aaf84e7fb09c0b345adb) C:\Windows\system32\DRIVERS\nvm60x64.sys 2010/08/21 19:10:43.0647 nvlddmkm (a7d554c55c7855b9e766be5cbd114499) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/08/21 19:10:43.0849 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 2010/08/21 19:10:43.0881 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 2010/08/21 19:10:43.0943 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 2010/08/21 19:10:44.0021 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/08/21 19:10:44.0208 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 2010/08/21 19:10:44.0255 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 2010/08/21 19:10:44.0317 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 2010/08/21 19:10:44.0364 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys 2010/08/21 19:10:44.0458 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 2010/08/21 19:10:44.0520 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 2010/08/21 19:10:44.0692 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 2010/08/21 19:10:44.0770 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 2010/08/21 19:10:44.0879 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 2010/08/21 19:10:44.0941 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 2010/08/21 19:10:44.0988 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 2010/08/21 19:10:45.0035 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 2010/08/21 19:10:45.0144 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 2010/08/21 19:10:45.0207 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/08/21 19:10:45.0269 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/08/21 19:10:45.0316 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 2010/08/21 19:10:45.0378 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 2010/08/21 19:10:45.0441 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/08/21 19:10:45.0503 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 2010/08/21 19:10:45.0550 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 2010/08/21 19:10:45.0597 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys 2010/08/21 19:10:45.0690 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 2010/08/21 19:10:45.0799 rt61x64 (5020d8b04e39ec876d5943d3b6d1f04d) C:\Windows\system32\DRIVERS\netr6164.sys 2010/08/21 19:10:45.0877 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 2010/08/21 19:10:45.0955 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2010/08/21 19:10:46.0018 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys 2010/08/21 19:10:46.0096 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys 2010/08/21 19:10:46.0143 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 2010/08/21 19:10:46.0236 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 2010/08/21 19:10:46.0267 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 2010/08/21 19:10:46.0299 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 2010/08/21 19:10:46.0377 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 2010/08/21 19:10:46.0455 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 2010/08/21 19:10:46.0501 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 2010/08/21 19:10:46.0564 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 2010/08/21 19:10:46.0673 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 2010/08/21 19:10:46.0751 srv (cb5bd298e62aed1b4af3cc44811a30a5) C:\Windows\system32\DRIVERS\srv.sys 2010/08/21 19:10:46.0798 srv2 (26cd9130775c59439b77ece2f6df9c4c) C:\Windows\system32\DRIVERS\srv2.sys 2010/08/21 19:10:46.0845 srvnet (caea15e0e52fb15a2c8b505643228057) C:\Windows\system32\DRIVERS\srvnet.sys 2010/08/21 19:10:47.0001 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 2010/08/21 19:10:47.0079 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 2010/08/21 19:10:47.0110 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 2010/08/21 19:10:47.0141 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 2010/08/21 19:10:47.0250 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys 2010/08/21 19:10:47.0344 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys 2010/08/21 19:10:47.0406 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 2010/08/21 19:10:47.0469 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 2010/08/21 19:10:47.0500 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 2010/08/21 19:10:47.0547 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 2010/08/21 19:10:47.0687 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 2010/08/21 19:10:47.0796 tmlwf (35a6aeb61c7cf21b10cc05bda47339b5) C:\Windows\system32\DRIVERS\tmlwf.sys 2010/08/21 19:10:47.0921 tmpreflt (ee0d3cb7368bf08ff5610dd62990e62e) C:\Windows\system32\DRIVERS\tmpreflt.sys 2010/08/21 19:10:47.0968 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys 2010/08/21 19:10:48.0015 tmwfp (a4670e50c15d7bce7226e4b62700df09) C:\Windows\system32\DRIVERS\tmwfp.sys 2010/08/21 19:10:48.0124 tmxpflt (850db5e4b0c840c1ede013ac9838f1eb) C:\Windows\system32\DRIVERS\tmxpflt.sys 2010/08/21 19:10:48.0202 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/08/21 19:10:48.0264 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 2010/08/21 19:10:48.0311 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 2010/08/21 19:10:48.0389 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 2010/08/21 19:10:48.0451 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 2010/08/21 19:10:48.0514 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 2010/08/21 19:10:48.0561 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 2010/08/21 19:10:48.0592 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 2010/08/21 19:10:48.0670 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 2010/08/21 19:10:48.0701 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 2010/08/21 19:10:48.0779 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 2010/08/21 19:10:48.0841 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/08/21 19:10:48.0935 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 2010/08/21 19:10:48.0982 usbehci (da6d8d8ed0a53c63ac6f4bd40fe83fbe) C:\Windows\system32\DRIVERS\usbehci.sys 2010/08/21 19:10:49.0044 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 2010/08/21 19:10:49.0091 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys 2010/08/21 19:10:49.0169 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys 2010/08/21 19:10:49.0200 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/08/21 19:10:49.0247 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/08/21 19:10:49.0372 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/08/21 19:10:49.0434 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 2010/08/21 19:10:49.0481 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 2010/08/21 19:10:49.0543 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 2010/08/21 19:10:49.0606 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 2010/08/21 19:10:49.0715 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 2010/08/21 19:10:49.0793 vsapint (6a42451b220ac2eaeb3524200c3b8acc) C:\Windows\system32\DRIVERS\vsapint.sys 2010/08/21 19:10:49.0855 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 2010/08/21 19:10:49.0980 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 2010/08/21 19:10:50.0027 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2010/08/21 19:10:50.0043 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2010/08/21 19:10:50.0105 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 2010/08/21 19:10:50.0261 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 2010/08/21 19:10:50.0542 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys 2010/08/21 19:10:50.0635 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 2010/08/21 19:10:50.0713 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 2010/08/21 19:10:50.0869 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/08/21 19:10:50.0979 ================================================================================ 2010/08/21 19:10:50.0979 Scan finished 2010/08/21 19:10:50.0979 ================================================================================
-
Hi, MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 64-bit Base Board Manufacturer: EVGA BIOS Manufacturer: Phoenix Technologies, LTD System Manufacturer: EVGA System Product Name: 132-CK-NF78 Logical Drives Mask: 0x0001001c Kernel Drivers (total 147): 0x01E08000 \SystemRoot\system32\ntoskrnl.exe 0x0231F000 \SystemRoot\system32\hal.dll 0x00606000 \SystemRoot\system32\kdcom.dll 0x00610000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x0064B000 \SystemRoot\system32\PSHED.dll 0x0065F000 \SystemRoot\system32\CLFS.SYS 0x006BC000 \SystemRoot\system32\CI.dll 0x00806000 \SystemRoot\system32\drivers\Wdf01000.sys 0x008E0000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x008EE000 \SystemRoot\system32\drivers\acpi.sys 0x00944000 \SystemRoot\system32\drivers\WMILIB.SYS 0x0094D000 \SystemRoot\system32\drivers\msisadrv.sys 0x00957000 \SystemRoot\system32\drivers\pci.sys 0x00987000 \SystemRoot\System32\drivers\partmgr.sys 0x0099C000 \SystemRoot\system32\drivers\volmgr.sys 0x0076E000 \SystemRoot\System32\drivers\volmgrx.sys 0x009B0000 \SystemRoot\system32\drivers\pciide.sys 0x009B7000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x009C7000 \SystemRoot\System32\drivers\mountmgr.sys 0x009DA000 \SystemRoot\system32\drivers\atapi.sys 0x007D4000 \SystemRoot\system32\drivers\ataport.SYS 0x009E2000 \SystemRoot\system32\drivers\nvstor.sys 0x00A0A000 \SystemRoot\system32\drivers\storport.sys 0x00A67000 \SystemRoot\system32\drivers\fltmgr.sys 0x00AAE000 \SystemRoot\system32\drivers\fileinfo.sys 0x00AC2000 \SystemRoot\System32\Drivers\ksecdd.sys 0x00C0B000 \SystemRoot\system32\drivers\ndis.sys 0x00B49000 \SystemRoot\system32\drivers\msrpc.sys 0x00B99000 \SystemRoot\system32\drivers\NETIO.SYS 0x00E08000 \SystemRoot\System32\drivers\tcpip.sys 0x00F7E000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01006000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01186000 \SystemRoot\system32\drivers\wd.sys 0x0118E000 \SystemRoot\system32\drivers\volsnap.sys 0x011D2000 \SystemRoot\System32\Drivers\spldr.sys 0x011DA000 \SystemRoot\System32\Drivers\mup.sys 0x00FAA000 \SystemRoot\System32\drivers\ecache.sys 0x011EC000 \SystemRoot\system32\drivers\disk.sys 0x00DCE000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x00FD6000 \SystemRoot\system32\drivers\crcdisk.sys 0x03413000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x03420000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x03429000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x0360A000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x03F7D000 \SystemRoot\system32\DRIVERS\nvBridge.kmd 0x0343C000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x03F7F000 \SystemRoot\System32\drivers\watchdog.sys 0x03F8F000 \SystemRoot\system32\DRIVERS\fdc.sys 0x03F9C000 \SystemRoot\system32\DRIVERS\serial.sys 0x03FB9000 \SystemRoot\system32\DRIVERS\serenum.sys 0x03FC5000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x03FDB000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x03FE9000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x0351F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x03565000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x03581000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x03593000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x04000000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x04207000 \SystemRoot\system32\DRIVERS\nvm60x64.sys 0x04327000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x04360000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x0436D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x04390000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x0439C000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x043CD000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x043DD000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x040ED000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04105000 \SystemRoot\system32\DRIVERS\termdd.sys 0x04118000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x043FB000 \SystemRoot\system32\DRIVERS\swenum.sys 0x04124000 \SystemRoot\system32\DRIVERS\ks.sys 0x04158000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x04163000 \SystemRoot\system32\DRIVERS\umbus.sys 0x04173000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x041BB000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x04606000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x04732000 \SystemRoot\system32\drivers\portcls.sys 0x0476D000 \SystemRoot\system32\drivers\drmk.sys 0x04790000 \SystemRoot\system32\drivers\ksthunk.sys 0x04796000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x047A0000 \SystemRoot\System32\Drivers\Null.SYS 0x047B4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x047BC000 \SystemRoot\System32\drivers\vga.sys 0x047CA000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x047EF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x047A9000 \SystemRoot\system32\drivers\rdpencdd.sys 0x041CF000 \SystemRoot\System32\Drivers\Msfs.SYS 0x041DA000 \SystemRoot\System32\Drivers\Npfs.SYS 0x041EB000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x035A3000 \SystemRoot\system32\DRIVERS\tdx.sys 0x035C0000 \SystemRoot\system32\DRIVERS\smb.sys 0x0480E000 \SystemRoot\system32\drivers\afd.sys 0x04879000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x04882000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x04894000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x04896000 \SystemRoot\System32\DRIVERS\netbt.sys 0x048DA000 \SystemRoot\system32\DRIVERS\pacer.sys 0x048F8000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x04903000 \SystemRoot\system32\DRIVERS\tmlwf.sys 0x04938000 \SystemRoot\system32\DRIVERS\netbios.sys 0x04947000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x04962000 \SystemRoot\system32\DRIVERS\tmtdi.sys 0x0497F000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x049CC000 \SystemRoot\system32\drivers\nsiproxy.sys 0x049D8000 \SystemRoot\System32\Drivers\dfsc.sys 0x035DB000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x00FE0000 \SystemRoot\system32\drivers\usbaudio.sys 0x04A03000 \SystemRoot\system32\DRIVERS\udfs.sys 0x04A51000 \SystemRoot\System32\Drivers\crashdmp.sys 0x04A5F000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x04A69000 \SystemRoot\System32\Drivers\dump_nvstor.sys 0x000F0000 \SystemRoot\System32\win32k.sys 0x04A79000 \SystemRoot\System32\drivers\Dxapi.sys 0x04A85000 \SystemRoot\system32\DRIVERS\monitor.sys 0x004F0000 \SystemRoot\System32\TSDDD.dll 0x00640000 \SystemRoot\System32\cdd.dll 0x04A98000 \SystemRoot\system32\drivers\luafv.sys 0x04ABA000 \SystemRoot\system32\DRIVERS\tmpreflt.sys 0x08603000 \SystemRoot\system32\DRIVERS\vsapint.sys 0x04AC9000 \SystemRoot\system32\DRIVERS\tmxpflt.sys 0x087F0000 \??\C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys 0x04B20000 \SystemRoot\system32\drivers\spsys.sys 0x04BBA000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x08C04000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x08C38000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x08C43000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x08C5B000 \SystemRoot\system32\drivers\HTTP.sys 0x08CFE000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x08D27000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0x08D32000 \SystemRoot\system32\DRIVERS\bowser.sys 0x08D50000 \SystemRoot\System32\drivers\mpsdrv.sys 0x08D6A000 \SystemRoot\system32\drivers\mrxdav.sys 0x08D91000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x09602000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x0964B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x0966A000 \SystemRoot\System32\DRIVERS\srv2.sys 0x0969C000 \SystemRoot\System32\DRIVERS\srv.sys 0x09731000 \SystemRoot\system32\drivers\peauth.sys 0x097E7000 \SystemRoot\System32\Drivers\secdrv.SYS 0x08000000 \??\C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys 0x080B5000 \??\C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys 0x08100000 \SystemRoot\System32\drivers\tcpipreg.sys 0x09A04000 \SystemRoot\system32\DRIVERS\tmwfp.sys 0x09BC3000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys 0x09BCE000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x09BEA000 \??\C:\Windows\system32\drivers\mbam.sys 0x779F0000 \Windows\System32\ntdll.dll Processes (total 58): 0 System Idle Process 4 System 496 C:\Windows\System32\smss.exe 572 csrss.exe 616 C:\Windows\System32\wininit.exe 636 csrss.exe 672 C:\Windows\System32\services.exe 700 C:\Windows\System32\winlogon.exe 728 C:\Windows\System32\lsass.exe 740 C:\Windows\System32\lsm.exe 880 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\nvvsvc.exe 992 C:\Windows\System32\svchost.exe 548 C:\Windows\System32\svchost.exe 12 C:\Windows\System32\svchost.exe 560 C:\Windows\System32\svchost.exe 432 C:\Windows\System32\audiodg.exe 976 C:\Windows\System32\SLsvc.exe 1060 C:\Windows\System32\svchost.exe 1164 C:\Windows\System32\svchost.exe 1424 C:\Windows\System32\rundll32.exe 1536 C:\Windows\System32\spoolsv.exe 1636 C:\Windows\System32\svchost.exe 1740 C:\Windows\System32\taskeng.exe 1768 C:\Windows\System32\dwm.exe 1884 C:\Windows\explorer.exe 1984 C:\Windows\System32\taskeng.exe 1480 C:\Windows\RAVCpl64.exe 2132 C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe 2152 C:\Windows\System32\rundll32.exe 2160 C:\Program Files\Windows Sidebar\sidebar.exe 2168 C:\Windows\ehome\ehtray.exe 2188 C:\Windows\ehome\ehmsas.exe 2224 C:\Program Files (x86)\WinZip\WZQKPICK.EXE 2252 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 2276 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 2820 C:\Windows\SysWOW64\PnkBstrA.exe 2832 C:\Windows\System32\svchost.exe 2940 C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe 332 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 1360 C:\Windows\System32\svchost.exe 888 C:\Windows\System32\svchost.exe 2392 C:\Windows\System32\SearchIndexer.exe 368 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 2816 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 3400 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE 3912 C:\Program Files\Trend Micro\Internet Security\TmPfw.exe 3924 C:\Program Files\Trend Micro\Internet Security\TmProxy.exe 924 C:\Program Files\Trend Micro\BM\TMBMSRV.exe 4616 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 4928 C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe 4892 C:\Program Files (x86)\Skype\Phone\Skype.exe 4328 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE 2936 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE 2676 C:\Windows\System32\SearchProtocolHost.exe 4904 C:\Windows\System32\SearchFilterHost.exe 2788 C:\Users\Administrator\Desktop\MBRCheck.exe 5112 C:\Program Files (x86)\Mozilla Firefox\firefox.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS) \\.\Q: --> error 5 PhysicalDrive0 Model Number: HitachiHDP725032GLA, Rev: GM3O Size Device Name MBR Status -------------------------------------------- 298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979 Done!
-
Hi, So I've scanned many ways; after a restart before MB tells me to quarantine, when MB asks me to quarantine, and after MB tells me to quarantine it and I hit ignore instead of quarantining it. It's always found here when I get the popup to quarantine it, C:\program files (x86)\internet explorer\wmpscfgs.exe (Trojan.Agent) LOG same as always Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4450 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 8/19/2010 3:11:25 PM mbam-log-2010-08-19 (15-11-25).txt Scan type: Quick scan Objects scanned: 146900 Time elapsed: 6 minute(s), 28 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
Hi, I rarely restart my comp, maybe once a week, Malwarebytes only finds it when I restart, and has me Quarantine it. Should I run the quick scan right after a restart, before it has been Quarantined? LOG Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4447 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 8/18/2010 2:35:47 PM mbam-log-2010-08-18 (14-35-47).txt Scan type: Quick scan Objects scanned: 147361 Time elapsed: 8 minute(s), 29 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
Hi, Malwarebytes is still having me Quarantine it. SystemLook SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 11:02 on 15/08/2010 by Administrator (Administrator - Elevation successful) ========== filefind ========== Searching for "wmpscfgs" No files found. ========== regfind ========== Searching for "wmpscfgs" No data found. -=End Of File=-
