vikingdt2 Posted November 18, 2013 ID:755031 Share Posted November 18, 2013 I downloaded the frst program, ran it and attached it. Could someone please help with the BSOD error im getting. I tried bootsec /fixmbr and the other 2 to fix the MBR but that didn't work. ANY HELP?? please.FRST.txt Link to post Share on other sites More sharing options...
vikingdt2 Posted November 18, 2013 Author ID:755045 Share Posted November 18, 2013 I had a virus and when I deleted the virus I was stuck with this error message.. PLEASE HELP Link to post Share on other sites More sharing options...
vikingdt2 Posted November 18, 2013 Author ID:755050 Share Posted November 18, 2013 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02Ran by SYSTEM on MININT-GTO502O on 18-11-2013 07:48:13Running from F:\Windows 7 Home Premium (X64) OS Language: English(US)Internet Explorer Version 8Boot Mode: RecoveryThe current controlset is ControlSet001ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.==================== Registry (Whitelisted) ==================HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2122536 2010-05-07] (Synaptics Incorporated)HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\quickset.exe [3203440 2010-04-06] (Dell Inc.)HKLM\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?HKLM-x32\...\Run: [FATrayAlert] - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95560 2010-02-21] (Sensible Vision )HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)HKLM-x32\...\Run: [FAStartup] - [x]HKLM-x32\...\Run: [] - [x]Lsa: [Notification Packages] scecli FAPassSyncStartup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)==================== Services (Whitelisted) =================S2 ioloFileInfoList; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1072664 2013-05-29] (iolo technologies, LLC)S2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1072664 2013-05-29] (iolo technologies, LLC)S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [x]S2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x]S3 McODS; "C:\ProgramData\McAfee\msc\Updates\Installs\1\vso\%VSINSTALL_DIR64%\mcods.exe" [x]==================== Drivers (Whitelisted) ====================S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [23464 2008-12-09] (EldoS Corporation)S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)========================== Drivers MD5 =======================C:\Windows\system32\DRIVERS\1394ohci.sys 969C91060CBB5D17CB8440B5F78B4C51C:\Windows\System32\DRIVERS\ACPI.sys 794FF35015209B9D44F1360C42C9776DC:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legitC:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422EC:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legitC:\Windows\system32\drivers\amdsata.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legitC:\Windows\System32\drivers\amdxata.sys ==> MD5 is legitC:\Windows\system32\drivers\appid.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\atapi.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\bcmwl664.sys 8B5D16D20774FC3727F44E161BE2C0ACC:\Windows\System32\DRIVERS\bcmvwl64.sys D224B2E6BB543F1D8F1177D57FEC2950C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legitC:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legitC:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legitC:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legitC:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legitC:\Windows\System32\CLFS.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legitC:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\CtClsFlt.sys ==> MD5 is legitC:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legitC:\Windows\System32\drivers\discache.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legitC:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legitC:\Windows\System32\drivers\dxgkrnl.sys 24CE1ECF9D0AE0301775B07F5FEA175BC:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legitC:\Windows\system32\drivers\ElRawDsk.sys D38A883309E04B9FBFFE1ACA60EA3BBFC:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legitC:\Windows\System32\Drivers\exfat.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\facap.sys 2C1D443E14F376E8331F52F135DCA9EFC:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legitC:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legitC:\Windows\System32\drivers\filetrace.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitC:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legitC:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legitC:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legitC:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AFC:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\hidusb.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legitC:\Windows\System32\drivers\HTTP.sys ==> MD5 is legitC:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\iaStor.sys ABBF174CB394F5C437410A788B7E404AC:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\igdkmd64.sys 09CE164AFA8483E41808784D7FCA154EC:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9C:\Windows\System32\drivers\RTKVHD64.sys 6E4CCB3AFF07E2B9F2A937385C84B573C:\Windows\System32\DRIVERS\IntcDAud.sys 58CF58DEE26C909BD6F977B61D246295C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legitC:\Windows\System32\drivers\ipnat.sys ==> MD5 is legitC:\Windows\System32\drivers\irenum.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legitC:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03CC:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\L1C62x64.sys 39918DB0EFCF045A1CE6FABBF339F975C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legitC:\Windows\system32\drivers\luafv.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legitC:\Windows\System32\drivers\modem.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legitC:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\MpFilter.sys F8A10560B35C66F9DE212F03DAD5BFA7C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legitC:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CBC:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\msahci.sys BCCF16D5FB1109162380E3E28DC9E4E5C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legitC:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legitC:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legitC:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legitC:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legitC:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legitC:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legitC:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legitC:\Windows\System32\Drivers\mup.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legitC:\Windows\System32\drivers\ndis.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legitC:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\NisDrvWFP.sys 162100E0BC8377710F9D170631921C03C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legitC:\Windows\System32\Drivers\Ntfs.sys 9A6089B056EA1B83B36424FC9D0A300EC:\Windows\System32\Drivers\Null.sys ==> MD5 is legitC:\Windows\system32\drivers\nvraid.sys ==> MD5 is legitC:\Windows\system32\drivers\nvstor.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legitC:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legitC:\Windows\System32\drivers\pcw.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\PDFsFilter.sys 8570C04D9DBFDDD2CCF655DEB4D84715C:\Windows\System32\drivers\peauth.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legitC:\Windows\System32\Drivers\PxHlpa64.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legitC:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legitC:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legitC:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legitC:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legitC:\Windows\System32\Drivers\RtsUStor.sys 22D6B47D004A6568C500680BE2972854C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legitC:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\Sftfslh.sys 2046AA7491DE7EFA4D70E615D9BC9D09C:\Windows\System32\DRIVERS\Sftplaylh.sys 0E0446BC4D51BE4263ACB7E33491191CC:\Windows\System32\DRIVERS\Sftredirlh.sys C5FB982CD266E604ED3142102C26D62CC:\Windows\System32\DRIVERS\Sftvollh.sys 2575511AF67AA1FA068CCC4918E2C2A3C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legitC:\Windows\System32\Drivers\spldr.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\SynTP.sys C25866BDF0E818E02BB8E76845D26E54C:\Windows\System32\drivers\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CCC:\Windows\System32\DRIVERS\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CCC:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legitC:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legitC:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\udfs.sys 31BA4A33AFAB6A69EA092B18017F737FC:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\usbccgp.sys 537A4E03D7103C12D42DFD8FFDB5BDC9C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legitC:\Windows\system32\drivers\usbehci.sys FBB21EBE49F6D560DB37AC25FBC68E66C:\Windows\System32\DRIVERS\usbhub.sys 6B7A8A99C4A459E73C286A6763EA24CCC:\Windows\system32\drivers\usbohci.sys 8C88AA7617B4CBC2E4BED61D26B33A27C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legitC:\Windows\system32\drivers\usbuhci.sys 0B5B3B2DF3FD1709618ACFA50B8392B0C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legitC:\Windows\System32\drivers\vga.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legitC:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legitC:\Windows\System32\drivers\volsnap.sys 9E425AC5C9A5A973273D169F43B4F5E1C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legitC:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legitC:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\wimfltr.sys ==> MD5 is legitC:\Windows\System32\drivers\wimmount.sys ==> MD5 is legitC:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\WinUsb.sys 4D52C872018AF7E18D078978DCC3F6F2C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legitC:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legitC:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869FC:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-11-18 07:47 - 2013-11-18 07:47 - 00000000 ____D C:\FRST2013-11-17 21:24 - 2013-11-17 21:25 - 00000000 ____D C:\Windows\Microsoft Antimalware2013-11-17 18:07 - 2013-11-17 18:07 - 00000000 ____D C:\Windows\pss2013-11-17 17:59 - 2013-11-17 17:59 - 00000000 ____D C:\Users\rocket\AppData\Roaming\Malwarebytes2013-11-17 17:58 - 2013-11-17 17:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\rocket\Desktop\mbam-setup-1.75.0.1300.exe2013-11-17 17:58 - 2013-11-17 17:58 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-11-17 17:58 - 2013-11-17 17:58 - 00001111 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk2013-11-17 17:58 - 2013-11-17 17:58 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-17 17:58 - 2013-11-17 17:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-17 17:58 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys2013-11-06 02:00 - 2013-11-06 02:01 - 00000000 ____D C:\eb976771b2c9b103981af8c62013-11-02 07:10 - 2013-11-02 07:10 - 00000000 ____D C:\fa7025648a06f006d027252013-10-27 16:01 - 2013-10-27 16:01 - 00000000 ____D C:\269c08e512dcaf307eb10afedbc11b2013-10-27 01:00 - 2013-10-27 01:01 - 00000000 ____D C:\48d8c66b00ad7e08d22013-10-23 03:21 - 2013-10-23 03:21 - 00000000 ____D C:\c146fc4dec5b55ba9a502013-10-21 01:00 - 2013-10-21 01:00 - 00000000 ____D C:\348f6663efdb15d1f8370c77c8==================== One Month Modified Files and Folders =======2013-11-18 07:47 - 2013-11-18 07:47 - 00000000 ____D C:\FRST2013-11-17 21:25 - 2013-11-17 21:24 - 00000000 ____D C:\Windows\Microsoft Antimalware2013-11-17 18:22 - 2009-07-13 23:10 - 01578718 _____ C:\Windows\WindowsUpdate.log2013-11-17 18:16 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-11-17 18:16 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-11-17 18:08 - 2010-10-25 23:12 - 00096968 _____ C:\Windows\PFRO.log2013-11-17 18:08 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-11-17 18:08 - 2009-07-13 22:51 - 00125897 _____ C:\Windows\setupact.log2013-11-17 18:07 - 2013-11-17 18:07 - 00000000 ____D C:\Windows\pss2013-11-17 18:06 - 2013-06-23 08:06 - 00000000 ____D C:\Users\rocket\AppData\Roaming\DefaultTab2013-11-17 17:59 - 2013-11-17 17:59 - 00000000 ____D C:\Users\rocket\AppData\Roaming\Malwarebytes2013-11-17 17:58 - 2013-11-17 17:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\rocket\Desktop\mbam-setup-1.75.0.1300.exe2013-11-17 17:58 - 2013-11-17 17:58 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-11-17 17:58 - 2013-11-17 17:58 - 00001111 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk2013-11-17 17:58 - 2013-11-17 17:58 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-17 17:58 - 2013-11-17 17:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-17 11:27 - 2012-03-25 17:52 - 00002374 _____ C:\Users\rocket\Desktop\Google Chrome.lnk2013-11-17 11:24 - 2012-03-25 17:51 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1488074424-825075824-416149989-1001UA.job2013-11-17 09:34 - 2013-06-26 03:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-11-13 19:18 - 2012-03-25 17:51 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1488074424-825075824-416149989-1001Core.job2013-11-13 15:24 - 2013-08-19 01:01 - 00000000 ____D C:\Windows\System32\MRT2013-11-13 15:24 - 2010-12-09 18:07 - 82896128 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-11-11 19:44 - 2011-11-24 19:17 - 00002113 _____ C:\Windows\epplauncher.mif2013-11-11 18:50 - 2009-07-13 23:13 - 00727334 _____ C:\Windows\System32\PerfStringBackup.INI2013-11-06 04:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration2013-11-06 03:22 - 2010-12-01 16:22 - 00000000 ____D C:\users\rocket2013-11-06 02:01 - 2013-11-06 02:00 - 00000000 ____D C:\eb976771b2c9b103981af8c62013-11-02 07:10 - 2013-11-02 07:10 - 00000000 ____D C:\fa7025648a06f006d027252013-10-27 16:54 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat2013-10-27 16:01 - 2013-10-27 16:01 - 00000000 ____D C:\269c08e512dcaf307eb10afedbc11b2013-10-27 01:01 - 2013-10-27 01:00 - 00000000 ____D C:\48d8c66b00ad7e08d22013-10-23 03:21 - 2013-10-23 03:21 - 00000000 ____D C:\c146fc4dec5b55ba9a502013-10-23 03:16 - 2009-07-13 23:08 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT2013-10-21 01:00 - 2013-10-21 01:00 - 00000000 ____D C:\348f6663efdb15d1f8370c77c8ZeroAccess:C:\$Recycle.Bin\S-1-5-18\$c614d3bf243a3fd7a4fd36cd3756874bSome content of TEMP:====================C:\Users\rocket\AppData\Local\Temp\imagepackage64.exeC:\Users\rocket\AppData\Local\Temp\mpam-fex64.exe==================== Known DLLs (Whitelisted) ==================================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitTDL4: custom:26000022 <===== ATTENTION!==================== EXE ASSOCIATION =====================HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK==================== Restore Points =========================38Restore point made on: 2013-11-04 18:57:43Restore point made on: 2013-11-05 04:37:19Restore point made on: 2013-11-06 02:00:42Restore point made on: 2013-11-06 03:29:53Restore point made on: 2013-11-06 03:43:44Restore point made on: 2013-11-07 03:27:13Restore point made on: 2013-11-07 03:39:42Restore point made on: 2013-11-07 14:46:43Restore point made on: 2013-11-07 17:14:04Restore point made on: 2013-11-07 19:19:36Restore point made on: 2013-11-08 14:36:10Restore point made on: 2013-11-08 15:28:17Restore point made on: 2013-11-08 16:30:48Restore point made on: 2013-11-08 17:38:31Restore point made on: 2013-11-08 19:11:46Restore point made on: 2013-11-09 05:44:40Restore point made on: 2013-11-09 06:24:55Restore point made on: 2013-11-09 06:55:32Restore point made on: 2013-11-09 08:16:40Restore point made on: 2013-11-09 09:59:31Restore point made on: 2013-11-09 18:17:46Restore point made on: 2013-11-09 19:46:12Restore point made on: 2013-11-11 02:00:36Restore point made on: 2013-11-11 19:43:48Restore point made on: 2013-11-12 04:28:45Restore point made on: 2013-11-13 04:39:23Restore point made on: 2013-11-13 15:24:33Restore point made on: 2013-11-13 20:00:46Restore point made on: 2013-11-14 04:34:33Restore point made on: 2013-11-14 16:56:25Restore point made on: 2013-11-14 20:04:05Restore point made on: 2013-11-15 04:34:42Restore point made on: 2013-11-15 15:38:58Restore point made on: 2013-11-15 19:17:16Restore point made on: 2013-11-16 09:44:32Restore point made on: 2013-11-16 11:37:12Restore point made on: 2013-11-16 20:57:18Restore point made on: 2013-11-17 09:53:21==================== Memory info ===========================Percentage of memory in use: 11%Total physical RAM: 5940.52 MBAvailable physical RAM: 5261.29 MBTotal Pagefile: 5938.67 MBAvailable Pagefile: 5263.53 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.87 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:396.29 GB) NTFSDrive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.45 GB) NTFS ==>[system with boot components (obtained from reading drive)]ATTENTION: Malware custom entry on BCD on drive e: detected.Drive f: (Mikes Passport) (Fixed) (Total:232.88 GB) (Free:76.38 GB) NTFSDrive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 07F2837E)Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)========================================================Disk: 1 (Size: 233 GB) (Disk ID: 5B6AC646)Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)LastRegBack: 2013-11-11 02:28==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 10, 2013 Root Admin ID:762724 Share Posted December 10, 2013 Sorry for the delay. It looks like your post was somehow overlooked. If you still need assistance with this please let me know. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 28, 2013 Root Admin ID:769720 Share Posted December 28, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts