Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Infected?

  1. #11
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Again nothing malicious but it looks like some of your programs are crashing or not running.

    This is just a double check , if nothing is found than I will link you to a windows forum for help

    Download MBRCheck.exe to your desktop.
    • Be sure to disable your security programs
    • Double click on the file to run it
    • A window will open on your desktop
    • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
    • If nothing unusual is found just press Enter
    • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
    • Please post the contents of that file.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  2. #12
    Member
    Join Date
    Sep 2008
    Posts
    37

    Default

    Thank you for all your help so far.
    Here is the MBR check log:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows Vista Ultimate Edition
    Windows Information: Service Pack 2 (build 6002), 64-bit
    Base Board Manufacturer: ASUSTeK Computer INC.
    BIOS Manufacturer: American Megatrends Inc.
    System Manufacturer: System manufacturer
    System Product Name: P5QL-E
    Logical Drives Mask: 0x00000ffd

    Kernel Drivers (total 169):
    0x02E0E000 \SystemRoot\system32\ntoskrnl.exe
    0x03326000 \SystemRoot\system32\hal.dll
    0x0060A000 \SystemRoot\system32\kdcom.dll
    0x00614000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x0064F000 \SystemRoot\system32\PSHED.dll
    0x00663000 \SystemRoot\system32\CLFS.SYS
    0x006C0000 \SystemRoot\system32\CI.dll
    0x00800000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x008DA000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x008E8000 \SystemRoot\system32\drivers\acpi.sys
    0x0093E000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x00947000 \SystemRoot\system32\drivers\msisadrv.sys
    0x00951000 \SystemRoot\system32\drivers\pci.sys
    0x00981000 \SystemRoot\System32\drivers\partmgr.sys
    0x00996000 \SystemRoot\system32\drivers\volmgr.sys
    0x00772000 \SystemRoot\System32\drivers\volmgrx.sys
    0x009AA000 \SystemRoot\system32\drivers\pciide.sys
    0x009B1000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x009C1000 \SystemRoot\System32\drivers\mountmgr.sys
    0x009D4000 \SystemRoot\system32\drivers\atapi.sys
    0x009DC000 \SystemRoot\system32\drivers\ataport.SYS
    0x007D8000 \SystemRoot\system32\DRIVERS\jraid.sys
    0x00A00000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
    0x00A2E000 \SystemRoot\system32\drivers\fltmgr.sys
    0x00A75000 \SystemRoot\system32\drivers\fileinfo.sys
    0x00A89000 \SystemRoot\system32\DRIVERS\ndasfs.sys
    0x00B44000 \SystemRoot\system32\DRIVERS\lfsfilt.sys
    0x007F2000 \SystemRoot\System32\Drivers\PxHlpa64.sys
    0x00C00000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x00E00000 \SystemRoot\system32\drivers\ndis.sys
    0x00C87000 \SystemRoot\system32\drivers\msrpc.sys
    0x00CD7000 \SystemRoot\system32\drivers\NETIO.SYS
    0x01008000 \SystemRoot\System32\drivers\tcpip.sys
    0x0117D000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x011A9000 \SystemRoot\system32\DRIVERS\lpx6x.sys
    0x011D0000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x01206000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x01386000 \SystemRoot\system32\drivers\volsnap.sys
    0x013CA000 \SystemRoot\System32\Drivers\spldr.sys
    0x013D2000 \SystemRoot\System32\Drivers\mup.sys
    0x00FC3000 \SystemRoot\System32\drivers\ecache.sys
    0x00D30000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x013E4000 \SystemRoot\system32\drivers\disk.sys
    0x00D59000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x011DD000 \SystemRoot\system32\drivers\crcdisk.sys
    0x00D98000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x011F5000 \SystemRoot\system32\DRIVERS\tunmp.sys
    0x00DA5000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x02C0B000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    0x03929000 \SystemRoot\System32\Drivers\nvBridge.kmd
    0x03A0B000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x03AEE000 \SystemRoot\System32\drivers\watchdog.sys
    0x03AFE000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x03B0A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x03B50000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x03C0D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x03CFA000 \SystemRoot\system32\DRIVERS\L1E60x64.sys
    0x03D0D000 \SystemRoot\system32\drivers\ctaud2k.sys
    0x03B61000 \SystemRoot\system32\drivers\portcls.sys
    0x03B9C000 \SystemRoot\system32\drivers\drmk.sys
    0x03BBF000 \SystemRoot\system32\drivers\ks.sys
    0x0392B000 \SystemRoot\system32\drivers\ctoss2k.sys
    0x03DDF000 \SystemRoot\system32\drivers\ctprxy2k.sys
    0x03DE7000 \SystemRoot\system32\drivers\ksthunk.sys
    0x03DED000 \SystemRoot\system32\DRIVERS\ohci1394.sys
    0x03966000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
    0x03C00000 \SystemRoot\system32\DRIVERS\fdc.sys
    0x03BF3000 \SystemRoot\system32\DRIVERS\ASACPI.sys
    0x03976000 \SystemRoot\system32\DRIVERS\serial.sys
    0x03993000 \SystemRoot\system32\DRIVERS\serenum.sys
    0x0399F000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x039BB000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x00DB8000 \SystemRoot\system32\DRIVERS\msiscsi.sys
    0x03E04000 \SystemRoot\system32\DRIVERS\storport.sys
    0x03E61000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x03E84000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x03E90000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x03EC1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x03ED1000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x03EEF000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x03F07000 \SystemRoot\system32\DRIVERS\rdpdr.sys
    0x03FA1000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x03FB4000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x03FC2000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x03FCE000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x04001000 \SystemRoot\system32\DRIVERS\ndasbus.sys
    0x0407E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x04089000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x04099000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x040E1000 \SystemRoot\system32\drivers\hap16v2k.sys
    0x05204000 \SystemRoot\system32\drivers\ha10kx2k.sys
    0x04123000 \SystemRoot\system32\drivers\emupia2k.sys
    0x053BD000 \SystemRoot\system32\DRIVERS\flpydisk.sys
    0x04175000 \SystemRoot\system32\drivers\ctsfm2k.sys
    0x0540D000 \SystemRoot\system32\drivers\ctac32k.sys
    0x054BB000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x054CF000 \SystemRoot\System32\drivers\COMMONFX.SYS
    0x054FA000 \SystemRoot\System32\drivers\CTSBLFX.SYS
    0x05606000 \SystemRoot\System32\drivers\CTAUDFX.SYS
    0x05C04000 \SystemRoot\system32\drivers\RTKVHD64.sys
    0x056B6000 \SystemRoot\System32\Drivers\aswSnx.SYS
    0x05D7F000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x05D81000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0x05D8B000 \SystemRoot\System32\Drivers\Null.SYS
    0x05DB5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x05DBD000 \SystemRoot\System32\drivers\vga.sys
    0x05DCB000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x05DF0000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x05D94000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x05783000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x0578C000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x06204000 \SystemRoot\system32\DRIVERS\ndasrofs.sys
    0x0630A000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x06326000 \SystemRoot\system32\DRIVERS\ndasfat.sys
    0x063BF000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x063CA000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x063DB000 \SystemRoot\System32\DRIVERS\rasacd.sys
    0x05795000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x063E4000 \SystemRoot\System32\Drivers\aswTdi.SYS
    0x057B2000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0x057BD000 \SystemRoot\system32\DRIVERS\smb.sys
    0x0640C000 \SystemRoot\system32\drivers\afd.sys
    0x06477000 \SystemRoot\System32\Drivers\aswRdr.SYS
    0x06484000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x064C8000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x064E6000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x064F5000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x06510000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x0655D000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x06569000 \SystemRoot\system32\drivers\csc.sys
    0x065DF000 \SystemRoot\System32\Drivers\dfsc.sys
    0x055A5000 \SystemRoot\System32\Drivers\aswSP.SYS
    0x06400000 \SystemRoot\SysWow64\drivers\AsIO.sys
    0x057D8000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x057E6000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x063F6000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0x053C8000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x00030000 \SystemRoot\System32\win32k.sys
    0x057F2000 \SystemRoot\System32\drivers\Dxapi.sys
    0x053DB000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x004F0000 \SystemRoot\System32\TSDDD.dll
    0x00610000 \SystemRoot\System32\cdd.dll
    0x041BF000 \SystemRoot\system32\drivers\luafv.sys
    0x039C8000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
    0x05400000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
    0x041E1000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x03FD0000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x0A40D000 \SystemRoot\system32\drivers\spsys.sys
    0x0A4A7000 \SystemRoot\system32\drivers\HTTP.sys
    0x0A54A000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x0A573000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x0A591000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x0A5AB000 \SystemRoot\system32\drivers\mrxdav.sys
    0x0A5D2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x0A601000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x0A64A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x0A669000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x0A69B000 \SystemRoot\System32\DRIVERS\srv.sys
    0x0A72E000 \SystemRoot\system32\DRIVERS\asyncmac.sys
    0x0A739000 \SystemRoot\system32\drivers\peauth.sys
    0x0A7EF000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x03FE8000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x0B03C000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0x0B058000 \??\C:\Users\Tod\AppData\Local\Temp\aswMBR.sys
    0x0B103000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x0B183000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    0x0B19B000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
    0x0B1BB000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
    0x77800000 \Windows\System32\ntdll.dll

    Processes (total 96):
    0 System Idle Process
    4 System
    540 C:\Windows\System32\smss.exe
    620 csrss.exe
    680 csrss.exe
    688 C:\Windows\System32\wininit.exe
    740 C:\Windows\System32\winlogon.exe
    768 C:\Windows\System32\services.exe
    784 C:\Windows\System32\lsass.exe
    792 C:\Windows\System32\lsm.exe
    948 C:\Windows\System32\svchost.exe
    1016 C:\Windows\System32\nvvsvc.exe
    300 C:\Windows\System32\svchost.exe
    372 C:\Windows\System32\svchost.exe
    12 C:\Windows\System32\svchost.exe
    672 C:\Windows\System32\svchost.exe
    760 C:\Windows\System32\svchost.exe
    1104 C:\Windows\System32\audiodg.exe
    1136 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    1208 C:\Windows\System32\svchost.exe
    1224 C:\Windows\System32\SLsvc.exe
    1304 C:\Windows\System32\svchost.exe
    1344 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    1356 C:\Windows\System32\nvvsvc.exe
    1452 C:\Windows\System32\svchost.exe
    1552 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    1628 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    1848 C:\Windows\System32\spoolsv.exe
    1872 C:\Windows\System32\svchost.exe
    1776 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    2096 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    2136 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    2152 C:\Program Files\Bonjour\mDNSResponder.exe
    2204 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    2284 C:\Program Files\Common Files\Motive\McciCMService.exe
    2328 C:\Program Files\NDAS\System\ndassvc.exe
    2468 C:\Windows\System32\svchost.exe
    2488 C:\Windows\System32\svchost.exe
    2524 C:\Windows\System32\svchost.exe
    2540 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    2656 C:\Windows\System32\SearchIndexer.exe
    2760 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    2768 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    924 unsecapp.exe
    1064 WmiPrvSE.exe
    3484 C:\Windows\System32\taskeng.exe
    1644 C:\Windows\System32\svchost.exe
    1672 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    2880 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3416 C:\Windows\System32\taskeng.exe
    1332 C:\Windows\System32\dwm.exe
    3544 C:\Windows\explorer.exe
    4112 C:\Program Files\ASUS\Six Engine\SixEngine.exe
    4604 C:\Program Files\Windows Defender\MSASCui.exe
    4652 C:\Windows\RAVCpl64.exe
    4972 C:\Program Files\TELUS\McciTrayApp.exe
    5104 C:\Program Files\Windows Sidebar\sidebar.exe
    4180 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    4252 C:\Windows\ehome\ehtray.exe
    3692 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    4364 C:\Program Files\NDAS\System\ndasmgmt.exe
    4376 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    4388 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    4680 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    4176 C:\Windows\SysWOW64\CtHelper.exe
    2848 C:\Program Files (x86)\iTunes\iTunesHelper.exe
    4272 C:\Program Files\Windows Media Player\wmpnscfg.exe
    4420 C:\Program Files\iPod\bin\iPodService.exe
    4792 C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
    3284 C:\Windows\ehome\ehmsas.exe
    3548 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    5040 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    5628 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    5712 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    3440 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    3516 C:\Windows\splwow64.exe
    6092 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
    3016 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    3008 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    3636 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    4440 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    5976 C:\Windows\SysWOW64\rundll32.exe
    3920 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
    4140 taskeng.exe
    2744 C:\Windows\SysWOW64\SearchProtocolHost.exe
    1908 taskeng.exe
    6080 mcupdate.exe
    6588 WUDFHost.exe
    6472 C:\Windows\System32\SearchProtocolHost.exe
    6356 C:\Windows\servicing\TrustedInstaller.exe
    5468 C:\Windows\System32\VSSVC.exe
    6112 C:\Windows\System32\svchost.exe
    7112 C:\Windows\System32\SearchFilterHost.exe
    6776 MpCmdRun.exe
    4260 C:\Users\Tod\Desktop\MBRCheck.exe
    3376 C:\Windows\SysWOW64\conime.exe

    \\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)
    \\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
    \\.\F: --> \\.\PhysicalDrive2 at offset 0x00000000`00100000 (NTFS)
    \\.\G: --> \\.\PhysicalDrive2 at offset 0x00000013`88100000 (NTFS)
    \\.\H: --> \\.\PhysicalDrive3 at offset 0x00000000`00007e00 (NTFS)

    PhysicalDrive1 Model Number: WDCWD1002FAEX-00Y9A0, Rev: 01.01V01
    PhysicalDrive0 Model Number: ST3400620AS, Rev: 3.AAD
    PhysicalDrive2 Model Number: ST3500320AS, Rev: SD15
    PhysicalDrive3 Model Number: SAMSUNGSP1213N, Rev: TL100-24

    Size Device Name MBR Status
    --------------------------------------------
    931 GB \\.\PhysicalDrive1 Windows 2008 MBR code detected
    SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
    372 GB \\.\PhysicalDrive0 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
    465 GB \\.\PhysicalDrive2 Windows 2008 MBR code detected
    SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
    111 GB \\.\PhysicalDrive3 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


    Done!

  3. #13
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    The last scan we ran checked your Master Boot Record as the latest threats have been targeting and infecting it, but with your aswMBR and MBRcheck logs yours looks just fine.


    Why dont you post here in there windows forum for slow computers as we just do malware removal on this one
    http://forums.whatthetech.com/index.php?showforum=119

    You can link them to this thread so they can see what we have done.

    Good Luck,

    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •