TechSpot

I think I have another virus :(

By MTilson
Mar 4, 2012
  1. I can't run the preliminary 5 steps because the computer is acting Wonky!

    If it try to access the internet and try to enter a website address and click in the box the line (cursor) travels across the bar. If I enter a website address anyway it adds a lot of spaces (because it it traveling) and takes you to a search page but it takes you to the bottom portion of the page and if you try to scroll up it flickers and brings you back to the bottom of the page.

    Any ideas?

    Thanks!!
     
  2. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Which browser behaves like that?
     
  3. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    Mozilla and Internet Explorer.
     
  4. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  5. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    Any suggestions on how I would go about doing that since I can't properly access any web pages or address bar?
     
  6. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Use the computer you're posting from and USB flash drive to transfer tools to bad computer.
     
  7. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    I'm getting
    Run-time error '13':
    Type mismatch
     
  8. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    When doing what?
    Remember, I'm not there.
     
  9. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    Well, I can't actually "Setup" on my computer because when it gets to the point where it says it will install in "this" location unless you would like it installed somewhere else and then gives you the Browse button the cursor travels across that bar, so it won't complete the install so I tried to place the complete program on the computer and when I try to perform the Quick Scan I get:
    Run-time error '13':
    Type mismatch
     
  10. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Are you talking about MBAM?

    Remember, I'm not there so I can't see what you're referring to.
     
  11. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    Yes, MBAM.
     
  12. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Skip it for now and continue with other steps.
     
  13. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    I got GMER onto the system and it appeared to run, but I'm not sure if it completed it's scan. It did not appear to produce a log.
     
  14. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    That's fine.
    Go ahead with DDS.
     
  15. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    Okay. I will do that.
     
  16. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    I have a favor to ask. The computer I was using for the process (that was not infected) is now having problems. Can we continue with that computer and then go back to the original one?
     
  17. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    I prefer you create new topic about different computer.
     
  18. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    Ok. Will do.
     
  19. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    I switched out the keyboard and am now able to run the programs. MBAM ran for more than 11 hours and then I aborted the scan. It did produce a log:

    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.18.04

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Mona Only :: TILSON-CC301A79 [administrator]

    3/18/2012 6:21:32 PM
    mbam-log-2012-03-18 (18-21-32).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 14680638
    Time elapsed: 11 hour(s), 55 minute(s), 15 second(s) [aborted]

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    Do you want me to try running it again?
     
  20. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    No. Continue with other steps.
     
  21. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2012-03-19 19:31:13
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\viamraid1Port4Path0Target0Lun0 Maxtor_6 rev.BACE
    Running: 4220i8ug.exe; Driver: C:\Users\MONAON~1\LOCALS~1\Temp\pfncikow.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
     
  22. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
    Run by Mona Only at 19:35:47 on 2012-03-19
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3006.2237 [GMT -7:00]
    .
    AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Secunia\PSI\sua.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\RALINK\Common\RaUI.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\WINDOWS\system32\wuauclt.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
    mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: UIHost=%SystemRoot%\System32\ultlogonui.exe
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [CPN Notifier] c:\program files\cake poker 2.0\PokerNotifier.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [SkyTel] SkyTel.EXE
    mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
    mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    dRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32
    StartupFolder: c:\users\monaon~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: c:\users\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
    StartupFolder: c:\users\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
    mPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
    dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    LSP: c:\program files\avira\antivir desktop\avsda.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{FF70B19D-A2F0-4EA7-8A1A-19106E0D926A} : DhcpNameServer = 192.168.0.1
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\mona only\application data\mozilla\firefox\profiles\act5fan8.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-17 36000]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
    R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-17 86224]
    R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-17 110032]
    R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2011-10-17 463824]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-17 74640]
    R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-3-1 583640]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-13 994360]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-13 399416]
    R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-12-3 821592]
    S3 gwiopm;gwiopm;\??\c:\program files\unknown device identifier\gwiopm.sys --> c:\program files\unknown device identifier\gwiopm.sys [?]
    S3 KLIF;KLIF;c:\windows\system32\drivers\klif.sys [2010-6-10 201504]
    S3 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2012-1-28 246816]
    .
    =============== Created Last 30 ================
    .
    2012-03-19 01:20:41 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-03-19 01:20:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-03-04 20:55:12 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-03-04 20:55:12 -------- d-----w- c:\windows\system32\wbem\Repository
    .
    ==================== Find3M ====================
    .
    2012-02-20 00:47:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-02-20 00:47:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-02-19 17:01:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-02-03 09:26:17 1869184 ----a-w- c:\windows\system32\win32k.sys
    2012-01-12 16:54:47 1869056 ------w- c:\windows\system32\_000005_.tmp.dll
    2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
    2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    ============= FINISH: 19:36:32.35 ===============
     
  23. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/15/2009 8:33:37 PM
    System Uptime: 3/18/2012 5:39:46 PM (26 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P5VD2-X
    Processor: Intel(R) Pentium(R) D CPU 3.00GHz | Socket 775 | 3011/200mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 190 GiB total, 143.023 GiB free.
    D: is FIXED (NTFS) - 190 GiB total, 189.831 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: System Interrupt Controller
    Device ID: PCI\VEN_1106&DEV_5327&SUBSYS_00000000&REV_00\3&2411E6FE&0&05
    Manufacturer:
    Name: System Interrupt Controller
    PNP Device ID: PCI\VEN_1106&DEV_5327&SUBSYS_00000000&REV_00\3&2411E6FE&0&05
    Service:
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMLITE-ON_DVDRW_LH-20A1L__________________BL02____\6&11FB6FEF&0&0.1.0
    Manufacturer: (Standard CD-ROM drives)
    Name: LITE-ON DVDRW LH-20A1L
    PNP Device ID: IDE\CDROMLITE-ON_DVDRW_LH-20A1L__________________BL02____\6&11FB6FEF&0&0.1.0
    Service: cdrom
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMSONY_DVD-ROM_DDU1632____________________AS20____\5&5CEE38F&0&0.0.0
    Manufacturer: (Standard CD-ROM drives)
    Name: SONY DVD-ROM DDU1632
    PNP Device ID: IDE\CDROMSONY_DVD-ROM_DDU1632____________________AS20____\5&5CEE38F&0&0.0.0
    Service: cdrom
    .
    Class GUID:
    Description:
    Device ID: ACPI\ATK0110\1010110
    Manufacturer:
    Name:
    PNP Device ID: ACPI\ATK0110\1010110
    Service:
    .
    ==== System Restore Points ===================
    .
    RP575: 12/21/2011 6:20:42 AM - System Checkpoint
    RP576: 12/22/2011 6:46:27 AM - System Checkpoint
    RP577: 12/23/2011 7:14:06 AM - System Checkpoint
    RP578: 12/24/2011 7:28:01 AM - System Checkpoint
    RP579: 12/24/2011 1:39:28 PM - No Virus/0 Hidden Objects/10 Warnings
    RP580: 12/25/2011 10:52:40 AM - No Virus/0 Hidden Objects/12 Warnings
    RP581: 12/25/2011 5:50:57 PM - Restore Operation
    RP582: 12/26/2011 9:36:59 AM - No Virurs/0 Hidden Objects/10 Warnings
    RP583: 12/28/2011 5:46:06 PM - System Checkpoint
    RP584: 12/29/2011 1:42:35 PM - No Virus/No Hidden Objects/10 Warnings
    RP585: 12/31/2011 11:54:22 AM - System Checkpoint
    RP586: 12/31/2011 3:47:22 PM - No Virus/No Hidden Objects/10 Warnings
    RP587: 1/1/2012 11:38:08 AM - No Virus/No Hidden Objects/10 Warnings
    RP588: 1/2/2012 11:00:06 AM - No Virus/No Hidden Objects/12 Warnings
    RP589: 1/2/2012 11:03:54 AM - Software Distribution Service 3.0
    RP590: 1/3/2012 6:27:04 PM - System Checkpoint
    RP591: 1/5/2012 6:50:26 AM - System Checkpoint
    RP592: 1/6/2012 7:13:11 AM - System Checkpoint
    RP593: 1/7/2012 9:39:04 AM - System Checkpoint
    RP594: 1/7/2012 11:32:45 AM - No Virus/No Hidden Objects/14 Warnings
    RP595: 1/8/2012 8:21:51 PM - System Checkpoint
    RP596: 1/10/2012 6:40:04 AM - System Checkpoint
    RP597: 1/11/2012 6:00:20 AM - Software Distribution Service 3.0
    RP598: 1/12/2012 6:49:18 AM - System Checkpoint
    RP599: 1/13/2012 7:20:22 AM - System Checkpoint
    RP600: 1/14/2012 8:19:54 AM - System Checkpoint
    RP601: 1/15/2012 9:23:45 AM - System Checkpoint
    RP602: 1/15/2012 10:23:30 AM - No Virus/No Hidden Objects/14 Warnings
    RP603: 1/16/2012 10:50:52 AM - No Virus/No Hidden Objects/14 Warnings
    RP604: 1/18/2012 6:25:24 AM - System Checkpoint
    RP605: 1/19/2012 6:35:11 AM - System Checkpoint
    RP606: 1/20/2012 6:41:33 AM - System Checkpoint
    RP607: 1/21/2012 12:16:57 PM - System Checkpoint
    RP608: 1/22/2012 9:19:18 AM - No Virus/No Hidden Objects/17 Warnings
    RP609: 1/24/2012 6:53:51 AM - System Checkpoint
    RP610: 1/25/2012 7:20:36 AM - System Checkpoint
    RP611: 1/25/2012 9:23:05 PM - Software Distribution Service 3.0
    RP612: 1/26/2012 9:55:13 PM - System Checkpoint
    RP613: 1/28/2012 6:20:49 AM - System Checkpoint
    RP614: 1/28/2012 10:03:00 AM - no virus/no hidden objects/14 warnings
    RP615: 1/29/2012 10:49:48 AM - System Checkpoint
    RP616: 1/29/2012 10:54:58 AM - no virus/no hidden objects/14 warnings
    RP617: 1/30/2012 11:20:49 AM - System Checkpoint
    RP618: 2/1/2012 6:44:17 AM - System Checkpoint
    RP619: 2/2/2012 6:48:47 AM - System Checkpoint
    RP620: 2/3/2012 6:50:26 AM - System Checkpoint
    RP621: 2/4/2012 9:45:08 AM - no v/ no h.o./ 14 warnings
    RP622: 2/5/2012 9:36:09 AM - No Virus/No Hidden Objects/14 Warnings
    RP623: 2/7/2012 6:40:54 AM - System Checkpoint
    RP624: 2/8/2012 7:17:44 AM - System Checkpoint
    RP625: 2/8/2012 7:45:43 AM - no V/no HO/14 W
    RP626: 2/9/2012 8:17:36 AM - System Checkpoint
    RP627: 2/11/2012 10:11:23 AM - System Checkpoint
    RP628: 2/11/2012 11:17:04 AM - no v/ no h.o./14 wa
    RP629: 2/17/2012 7:22:45 PM - Software Distribution Service 3.0
    RP630: 2/19/2012 9:19:45 AM - System Checkpoint
    RP631: 2/19/2012 10:18:21 AM - No Virus/No Hidden Objects/14 Warnings
    RP632: 2/19/2012 4:47:03 PM - Removed Java(TM) 6 Update 13
    RP633: 2/19/2012 4:47:29 PM - Installed Java(TM) 6 Update 31
    RP634: 2/19/2012 4:52:42 PM - Software Distribution Service 3.0
    RP635: 2/19/2012 4:58:32 PM - Software Distribution Service 3.0
    RP636: 2/20/2012 5:00:48 PM - System Checkpoint
    RP637: 2/21/2012 5:15:56 PM - System Checkpoint
    RP638: 2/22/2012 6:30:22 PM - System Checkpoint
    RP639: 2/24/2012 6:52:58 AM - System Checkpoint
    RP640: 2/25/2012 8:09:37 AM - System Checkpoint
    RP641: 2/26/2012 8:24:05 AM - System Checkpoint
    RP642: 2/27/2012 12:44:46 PM - System Checkpoint
    RP643: 2/28/2012 10:02:03 PM - System Checkpoint
    RP644: 3/1/2012 10:16:30 PM - System Checkpoint
    RP645: 3/3/2012 7:43:43 AM - No Virus/No Hidden Objects/14 Warnings
    RP646: 3/4/2012 12:27:00 PM - Restore Operation
    RP647: 3/4/2012 12:54:22 PM - Restore Operation
    RP648: 3/19/2012 3:03:51 AM - System Checkpoint
    RP649: 3/19/2012 6:00:16 AM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    PPA Calculator version 2.0.0.225
    Acrobat.com
    Adobe AIR
    Adobe Download Manager
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.5.0
    Adobe Shockwave Player 11.6
    Alky for Applications (Windows XP)
    Amazon Kindle For PC v1.0
    Amazon MP3 Uploader
    AnswerWorks 5.0 English Runtime
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    ATI Display Driver
    Avira Free Antivirus
    Bodog Poker
    Bonjour
    Cake Poker 2.0
    CCleaner
    CDisplay 1.8
    ClubWPT
    ClueFinders(R) 6th Grade Adventures
    Comcast Desktop Software (v1.2.0.9)
    Coupon Printer for Windows
    Deskcalc Pro
    Desktop Doctor
    Dragon NaturallySpeaking 8
    Driver Robot
    File Extension Finder
    Gadget Installer
    Gimp 2.6.2 Debug
    Google Talk Plugin
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB932716-v2)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Hoyle Board Games 2003
    Hoyle Card Games 2003
    Hoyle Casino 2007
    Hoyle Demo
    Hoyle Table Games 2004
    HP Officejet 6500 E710n-z Basic Device Software
    HP Officejet 6500 E710n-z Help
    HP Officejet 6500 E710n-z Product Improvement Study
    I.R.I.S. OCR
    IObit Malware Fighter
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 31
    Junk Mail filter update
    Luvin Poker
    Mabinogi
    Malwarebytes Anti-Malware version 1.60.1.1000
    MapleStory
    Microsoft .NET Framework (English)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Choice Guard
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft User-Mode Driver Framework Feature Pack 1.9
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft WinUsb 1.0
    MobileMe Control Panel
    Mozilla Firefox 10.0.2 (x86 en-US)
    Mozilla Firefox 11.0 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    neroxml
    Next Generation Visualisations
    O Dream Board
    OpenOffice.org 3.3
    Performance Platform Voguecash
    Players Only
    Poker4ever
    PokerStars
    Protected Folder
    Quicken 2011
    Ralink Wireless LAN
    Realtek High Definition Audio Driver
    Registry Mechanic 9.0
    Secunia PSI (2.0.0.4003)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    SpadeClub Poker
    Spelling Dictionaries Support For Adobe Reader 9
    Spybot - Search & Destroy
    SpywareBlaster 4.5
    Stamps.com
    SUPERAntiSpyware
    swMSM
    TBS WMP Plug-in
    The ClueFinders 4th Grade Adventures
    The Sims™ 2 Double Deluxe
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2492386)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    VCRedistSetup
    WebFldrs XP
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    Windows Management Framework Core
    Windows XP Media Center Edition 2005 KB925766
    Windows XP Media Center Edition 2005 KB973768
    XML Paper Specification Shared Components Pack 1.0
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/18/2012 5:43:04 PM, error: Service Control Manager [7024] - The Workstation service terminated with service-specific error 2250 (0x8CA).
    3/18/2012 5:43:04 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMF Service service to connect.
    3/18/2012 5:43:04 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The service has returned a service-specific error code.
    3/18/2012 5:43:04 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
    3/18/2012 5:43:04 PM, error: Service Control Manager [7000] - The IMF Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    3/18/2012 5:42:49 PM, error: ati2mtag [45062] - CRT invalid display type
    3/18/2012 5:42:39 PM, error: Workstation [5727] - Could not load RDR device driver.
    .
    ==== End Of File ===========================
     
  24. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

    -============================================================

    Download Bootkit Remover to your desktop.

    • Unzip downloaded file to your Desktop.
    • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.
     
  25. MTilson

    MTilson TS Rookie Topic Starter Posts: 93

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-03-19 20:03:44
    -----------------------------
    20:03:44.136 OS Version: Windows 5.1.2600 Service Pack 3
    20:03:44.136 Number of processors: 2 586 0x602
    20:03:44.136 ComputerName: TILSON-CC301A79 UserName: Mona Only
    20:03:44.871 Initialize success
    20:05:44.433 AVAST engine defs: 12031700
    20:07:00.543 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\viamraid1Port4Path0Target0Lun0
    20:07:00.543 Disk 0 Vendor: Maxtor_6 BACE Size: 194481MB BusType: 8
    20:07:00.543 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\viamraid1Port4Path0Target2Lun0
    20:07:00.558 Disk 1 Vendor: Maxtor_6 VA11 Size: 194481MB BusType: 8
    20:07:00.558 Disk 0 MBR read successfully
    20:07:00.558 Disk 0 MBR scan
    20:07:00.605 Disk 0 Windows XP default MBR code
    20:07:00.605 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 194466 MB offset 63
    20:07:00.636 Disk 0 scanning sectors +398267415
    20:07:00.683 Disk 0 scanning C:\WINDOWS\system32\drivers
    20:07:11.261 Service scanning
    20:07:11.855 Service .InCDPass \* **LOCKED** 123
    20:07:30.886 Modules scanning
    20:08:01.183 Disk 0 trace - called modules:
    20:08:01.214 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll SCSIPORT.SYS viamraid.sys
    20:08:01.214 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b093ab8]
    20:08:01.214 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000079[0x8b0d3920]
    20:08:01.214 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Scsi\viamraid1Port4Path0Target0Lun0[0x8aff9a38]
    20:08:01.871 AVAST engine scan C:\WINDOWS
    20:08:09.386 AVAST engine scan C:\WINDOWS\system32
    20:12:08.121 AVAST engine scan C:\WINDOWS\system32\drivers
    20:12:44.824 AVAST engine scan C:\Users\Mona Only
    20:31:45.199 AVAST engine scan C:\Users\All Users
    20:36:43.902 Scan finished successfully
    20:44:19.511 Disk 0 MBR has been saved successfully to "C:\Users\Mona Only\Desktop\MBR.dat"
    20:44:19.511 The log file has been saved successfully to "C:\Users\Mona Only\Desktop\aswMBR.txt"
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...