-
Hi,
Again nothing malicious but it looks like some of your programs are crashing or not running.
This is just a double check , if nothing is found than I will link you to a windows forum for help
Download MBRCheck.exe to your desktop.
- Be sure to disable your security programs
- Double click on the file to run it
- A window will open on your desktop
- if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
- If nothing unusual is found just press Enter
- A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
- Please post the contents of that file.
-
Thank you for all your help so far.
Here is the MBR check log:
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows Vista Ultimate Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: P5QL-E
Logical Drives Mask: 0x00000ffd
Kernel Drivers (total 169):
0x02E0E000 \SystemRoot\system32\ntoskrnl.exe
0x03326000 \SystemRoot\system32\hal.dll
0x0060A000 \SystemRoot\system32\kdcom.dll
0x00614000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x0064F000 \SystemRoot\system32\PSHED.dll
0x00663000 \SystemRoot\system32\CLFS.SYS
0x006C0000 \SystemRoot\system32\CI.dll
0x00800000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008DA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008E8000 \SystemRoot\system32\drivers\acpi.sys
0x0093E000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00947000 \SystemRoot\system32\drivers\msisadrv.sys
0x00951000 \SystemRoot\system32\drivers\pci.sys
0x00981000 \SystemRoot\System32\drivers\partmgr.sys
0x00996000 \SystemRoot\system32\drivers\volmgr.sys
0x00772000 \SystemRoot\System32\drivers\volmgrx.sys
0x009AA000 \SystemRoot\system32\drivers\pciide.sys
0x009B1000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x009C1000 \SystemRoot\System32\drivers\mountmgr.sys
0x009D4000 \SystemRoot\system32\drivers\atapi.sys
0x009DC000 \SystemRoot\system32\drivers\ataport.SYS
0x007D8000 \SystemRoot\system32\DRIVERS\jraid.sys
0x00A00000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x00A2E000 \SystemRoot\system32\drivers\fltmgr.sys
0x00A75000 \SystemRoot\system32\drivers\fileinfo.sys
0x00A89000 \SystemRoot\system32\DRIVERS\ndasfs.sys
0x00B44000 \SystemRoot\system32\DRIVERS\lfsfilt.sys
0x007F2000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x00C00000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E00000 \SystemRoot\system32\drivers\ndis.sys
0x00C87000 \SystemRoot\system32\drivers\msrpc.sys
0x00CD7000 \SystemRoot\system32\drivers\NETIO.SYS
0x01008000 \SystemRoot\System32\drivers\tcpip.sys
0x0117D000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x011A9000 \SystemRoot\system32\DRIVERS\lpx6x.sys
0x011D0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01206000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01386000 \SystemRoot\system32\drivers\volsnap.sys
0x013CA000 \SystemRoot\System32\Drivers\spldr.sys
0x013D2000 \SystemRoot\System32\Drivers\mup.sys
0x00FC3000 \SystemRoot\System32\drivers\ecache.sys
0x00D30000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x013E4000 \SystemRoot\system32\drivers\disk.sys
0x00D59000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x011DD000 \SystemRoot\system32\drivers\crcdisk.sys
0x00D98000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x011F5000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x00DA5000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x02C0B000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x03929000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x03A0B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03AEE000 \SystemRoot\System32\drivers\watchdog.sys
0x03AFE000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03B0A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03B50000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03C0D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03CFA000 \SystemRoot\system32\DRIVERS\L1E60x64.sys
0x03D0D000 \SystemRoot\system32\drivers\ctaud2k.sys
0x03B61000 \SystemRoot\system32\drivers\portcls.sys
0x03B9C000 \SystemRoot\system32\drivers\drmk.sys
0x03BBF000 \SystemRoot\system32\drivers\ks.sys
0x0392B000 \SystemRoot\system32\drivers\ctoss2k.sys
0x03DDF000 \SystemRoot\system32\drivers\ctprxy2k.sys
0x03DE7000 \SystemRoot\system32\drivers\ksthunk.sys
0x03DED000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x03966000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x03C00000 \SystemRoot\system32\DRIVERS\fdc.sys
0x03BF3000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x03976000 \SystemRoot\system32\DRIVERS\serial.sys
0x03993000 \SystemRoot\system32\DRIVERS\serenum.sys
0x0399F000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x039BB000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x00DB8000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x03E04000 \SystemRoot\system32\DRIVERS\storport.sys
0x03E61000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03E84000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x03E90000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03EC1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x03ED1000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x03EEF000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x03F07000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0x03FA1000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03FB4000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03FC2000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03FCE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04001000 \SystemRoot\system32\DRIVERS\ndasbus.sys
0x0407E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04089000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04099000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x040E1000 \SystemRoot\system32\drivers\hap16v2k.sys
0x05204000 \SystemRoot\system32\drivers\ha10kx2k.sys
0x04123000 \SystemRoot\system32\drivers\emupia2k.sys
0x053BD000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0x04175000 \SystemRoot\system32\drivers\ctsfm2k.sys
0x0540D000 \SystemRoot\system32\drivers\ctac32k.sys
0x054BB000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x054CF000 \SystemRoot\System32\drivers\COMMONFX.SYS
0x054FA000 \SystemRoot\System32\drivers\CTSBLFX.SYS
0x05606000 \SystemRoot\System32\drivers\CTAUDFX.SYS
0x05C04000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x056B6000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x05D7F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05D81000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x05D8B000 \SystemRoot\System32\Drivers\Null.SYS
0x05DB5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05DBD000 \SystemRoot\System32\drivers\vga.sys
0x05DCB000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x05DF0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05D94000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05783000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0578C000 \SystemRoot\system32\drivers\rdpencdd.sys
0x06204000 \SystemRoot\system32\DRIVERS\ndasrofs.sys
0x0630A000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x06326000 \SystemRoot\system32\DRIVERS\ndasfat.sys
0x063BF000 \SystemRoot\System32\Drivers\Msfs.SYS
0x063CA000 \SystemRoot\System32\Drivers\Npfs.SYS
0x063DB000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x05795000 \SystemRoot\system32\DRIVERS\tdx.sys
0x063E4000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x057B2000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x057BD000 \SystemRoot\system32\DRIVERS\smb.sys
0x0640C000 \SystemRoot\system32\drivers\afd.sys
0x06477000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x06484000 \SystemRoot\System32\DRIVERS\netbt.sys
0x064C8000 \SystemRoot\system32\DRIVERS\pacer.sys
0x064E6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x064F5000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x06510000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0655D000 \SystemRoot\system32\drivers\nsiproxy.sys
0x06569000 \SystemRoot\system32\drivers\csc.sys
0x065DF000 \SystemRoot\System32\Drivers\dfsc.sys
0x055A5000 \SystemRoot\System32\Drivers\aswSP.SYS
0x06400000 \SystemRoot\SysWow64\drivers\AsIO.sys
0x057D8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x057E6000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x063F6000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x053C8000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x057F2000 \SystemRoot\System32\drivers\Dxapi.sys
0x053DB000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x00610000 \SystemRoot\System32\cdd.dll
0x041BF000 \SystemRoot\system32\drivers\luafv.sys
0x039C8000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x05400000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x041E1000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03FD0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0A40D000 \SystemRoot\system32\drivers\spsys.sys
0x0A4A7000 \SystemRoot\system32\drivers\HTTP.sys
0x0A54A000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0A573000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0A591000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0A5AB000 \SystemRoot\system32\drivers\mrxdav.sys
0x0A5D2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0A601000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0A64A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0A669000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0A69B000 \SystemRoot\System32\DRIVERS\srv.sys
0x0A72E000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x0A739000 \SystemRoot\system32\drivers\peauth.sys
0x0A7EF000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03FE8000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0B03C000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x0B058000 \??\C:\Users\Tod\AppData\Local\Temp\aswMBR.sys
0x0B103000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x0B183000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x0B19B000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x0B1BB000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0x77800000 \Windows\System32\ntdll.dll
Processes (total 96):
0 System Idle Process
4 System
540 C:\Windows\System32\smss.exe
620 csrss.exe
680 csrss.exe
688 C:\Windows\System32\wininit.exe
740 C:\Windows\System32\winlogon.exe
768 C:\Windows\System32\services.exe
784 C:\Windows\System32\lsass.exe
792 C:\Windows\System32\lsm.exe
948 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\nvvsvc.exe
300 C:\Windows\System32\svchost.exe
372 C:\Windows\System32\svchost.exe
12 C:\Windows\System32\svchost.exe
672 C:\Windows\System32\svchost.exe
760 C:\Windows\System32\svchost.exe
1104 C:\Windows\System32\audiodg.exe
1136 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
1208 C:\Windows\System32\svchost.exe
1224 C:\Windows\System32\SLsvc.exe
1304 C:\Windows\System32\svchost.exe
1344 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1356 C:\Windows\System32\nvvsvc.exe
1452 C:\Windows\System32\svchost.exe
1552 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1628 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1848 C:\Windows\System32\spoolsv.exe
1872 C:\Windows\System32\svchost.exe
1776 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2096 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2136 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2152 C:\Program Files\Bonjour\mDNSResponder.exe
2204 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
2284 C:\Program Files\Common Files\Motive\McciCMService.exe
2328 C:\Program Files\NDAS\System\ndassvc.exe
2468 C:\Windows\System32\svchost.exe
2488 C:\Windows\System32\svchost.exe
2524 C:\Windows\System32\svchost.exe
2540 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2656 C:\Windows\System32\SearchIndexer.exe
2760 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2768 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
924 unsecapp.exe
1064 WmiPrvSE.exe
3484 C:\Windows\System32\taskeng.exe
1644 C:\Windows\System32\svchost.exe
1672 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
2880 C:\Program Files\Windows Media Player\wmpnetwk.exe
3416 C:\Windows\System32\taskeng.exe
1332 C:\Windows\System32\dwm.exe
3544 C:\Windows\explorer.exe
4112 C:\Program Files\ASUS\Six Engine\SixEngine.exe
4604 C:\Program Files\Windows Defender\MSASCui.exe
4652 C:\Windows\RAVCpl64.exe
4972 C:\Program Files\TELUS\McciTrayApp.exe
5104 C:\Program Files\Windows Sidebar\sidebar.exe
4180 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
4252 C:\Windows\ehome\ehtray.exe
3692 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
4364 C:\Program Files\NDAS\System\ndasmgmt.exe
4376 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
4388 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
4680 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
4176 C:\Windows\SysWOW64\CtHelper.exe
2848 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4272 C:\Program Files\Windows Media Player\wmpnscfg.exe
4420 C:\Program Files\iPod\bin\iPodService.exe
4792 C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
3284 C:\Windows\ehome\ehmsas.exe
3548 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
5040 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
5628 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
5712 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
3440 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
3516 C:\Windows\splwow64.exe
6092 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
3016 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
3008 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
3636 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
4440 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
5976 C:\Windows\SysWOW64\rundll32.exe
3920 C:\Users\Tod\AppData\Local\Google\Chrome\Application\chrome.exe
4140 taskeng.exe
2744 C:\Windows\SysWOW64\SearchProtocolHost.exe
1908 taskeng.exe
6080 mcupdate.exe
6588 WUDFHost.exe
6472 C:\Windows\System32\SearchProtocolHost.exe
6356 C:\Windows\servicing\TrustedInstaller.exe
5468 C:\Windows\System32\VSSVC.exe
6112 C:\Windows\System32\svchost.exe
7112 C:\Windows\System32\SearchFilterHost.exe
6776 MpCmdRun.exe
4260 C:\Users\Tod\Desktop\MBRCheck.exe
3376 C:\Windows\SysWOW64\conime.exe
\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\F: --> \\.\PhysicalDrive2 at offset 0x00000000`00100000 (NTFS)
\\.\G: --> \\.\PhysicalDrive2 at offset 0x00000013`88100000 (NTFS)
\\.\H: --> \\.\PhysicalDrive3 at offset 0x00000000`00007e00 (NTFS)
PhysicalDrive1 Model Number: WDCWD1002FAEX-00Y9A0, Rev: 01.01V01
PhysicalDrive0 Model Number: ST3400620AS, Rev: 3.AAD
PhysicalDrive2 Model Number: ST3500320AS, Rev: SD15
PhysicalDrive3 Model Number: SAMSUNGSP1213N, Rev: TL100-24
Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive1 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
372 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive2 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
111 GB \\.\PhysicalDrive3 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Done!
-
Hi,
The last scan we ran checked your Master Boot Record as the latest threats have been targeting and infecting it, but with your aswMBR and MBRcheck logs yours looks just fine.
Why dont you post here in there windows forum for slow computers as we just do malware removal on this one
http://forums.whatthetech.com/index.php?showforum=119
You can link them to this thread so they can see what we have done.
Good Luck,
Ken
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules