Jump to content

windows installer virus


Recommended Posts

Welcome to the forum.

Please uninstall these:

BitTorrent

BitTorrentBar Toolbar

Continued use of filesharing or ill-advised downloads will surely re-infect your system.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

It's also against the forums policy concerning P2P programs:

http://forums.malwar...showtopic=97700

~~~~~~~~~~~~~~~~~~~~~

Next.............

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

------->Your topic will be closed if you haven't replied within 3 days!<--------

Link to post
Share on other sites

very sorry, i forgot that those programs were still on this computer.

here is my report

RogueKiller V8.2.3 [11/07/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version

Started in : Normal mode

User : killer [Admin rights]

Mode : Scan -- Date : 11/10/2012 17:48:40

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[TASK][sUSP PATH] RunDAOD : C:\Windows\DAODx.exe -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FILE] @ : C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\@ --> FOUND

[ZeroAccess][FOLDER] U : C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U --> FOUND

[ZeroAccess][FOLDER] L : C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\L --> FOUND

[ZeroAccess][FILE] @ : C:\Users\killer\AppData\Local\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\@ --> FOUND

[ZeroAccess][FOLDER] U : C:\Users\killer\AppData\Local\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U --> FOUND

[ZeroAccess][FOLDER] L : C:\Users\killer\AppData\Local\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\L --> FOUND

[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC\Desktop.ini --> FOUND

[susp.ASLR|Sig - ZeroAccess][FILE] services.exe : C:\Windows\system32\services.exe --> FOUND

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : Rans.Gendarm ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500KS-00MJB0 ATA Device +++++

--- User ---

[MBR] 0bc0a2128e7abed07e0d39b7f8c5101c

[bSP] b93cd2b1099ec53ffb57bb3980c0ed3a : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238372 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_11102012_02d1748.txt >>

RKreport[1]_S_11102012_02d1748.txt

Link to post
Share on other sites

Here you go......

Please read the following information first.

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall

http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

Please create a new system restore point before running Malwarebytes Anti-Malware.

Download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced and will be in the MBAR folder..... mbar-log.txt and system-log.txt

MrC

Link to post
Share on other sites

Looks to be fixed, Thank you!

mbar log

Malwarebytes Anti-Rootkit 1.1.0.1009

www.malwarebytes.org

Database version: v2012.11.11.01

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 8.0.7601.17514

killer :: KILLER-PC [administrator]

11/10/2012 6:38:11 PM

mbar-log-2012-11-10 (18-38-11).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: PUP | PUM | P2P

Objects scanned: 28830

Time elapsed: 6 minute(s), 39 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

system log

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 8.0.7601.17514

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 3.210000 GHz

Memory total: 3353534464, free: 1727770624

------------ Kernel report ------------

11/10/2012 18:04:14

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\halmacpi.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\vmbus.sys

\SystemRoot\system32\drivers\winhv.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\vmstorfl.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\AtiPcie.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\aswSnx.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\Drivers\aswrdr2.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\drivers\AsIO.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\amdppm.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbfilter.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\ASACPI.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\drivers\1394ohci.sys

\SystemRoot\system32\DRIVERS\Rt86win7.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\tap0901t.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtiHdmi.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\viahduaa.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_dumpata.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\usbscan.sys

\SystemRoot\system32\DRIVERS\usbprint.sys

\SystemRoot\system32\DRIVERS\dot4usb.sys

\SystemRoot\system32\DRIVERS\Dot4.sys

\SystemRoot\system32\drivers\Dot4Prt.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\aswMonFlt.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\??\C:\Windows\system32\drivers\TrueSight.sys

\SystemRoot\system32\DRIVERS\umpass.sys

\SystemRoot\system32\drivers\spsys.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\oleaut32.dll

\Windows\System32\user32.dll

\Windows\System32\normaliz.dll

\Windows\System32\Wldap32.dll

\Windows\System32\urlmon.dll

\Windows\System32\clbcatq.dll

\Windows\System32\imm32.dll

\Windows\System32\wininet.dll

\Windows\System32\Difxapi.dll

\Windows\System32\nsi.dll

\Windows\System32\setupapi.dll

\Windows\System32\sechost.dll

\Windows\System32\gdi32.dll

\Windows\System32\msvcrt.dll

\Windows\System32\ws2_32.dll

\Windows\System32\kernel32.dll

\Windows\System32\shell32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\iertutil.dll

\Windows\System32\msctf.dll

\Windows\System32\advapi32.dll

\Windows\System32\lpk.dll

\Windows\System32\shlwapi.dll

\Windows\System32\psapi.dll

\Windows\System32\usp10.dll

\Windows\System32\ole32.dll

\Windows\System32\comdlg32.dll

\Windows\System32\wintrust.dll

\Windows\System32\crypt32.dll

\Windows\System32\comctl32.dll

\Windows\System32\devobj.dll

\Windows\System32\KernelBase.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\msasn1.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff86174ac8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\

Lower Device Object: 0xffffffff862d3908

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

DriverEntry returned 0x0

Function returned 0x0

Downloaded database version: v2012.11.10.10

Downloaded database version: v2012.11.09.02

Initializing...

Done!

Scanning directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff86174ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff862e5a10, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff86174ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff861808d8, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff862d3908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\

------------ End ----------

Upper DeviceData: 0xffffffffbb6e3270, 0xffffffff86174ac8, 0xffffffff85e324d0

Lower DeviceData: 0xffffffffbb410b78, 0xffffffff862d3908, 0xffffffff85d0fe50

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 5AE45AE4

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 2048 Numsec = 204800

Partition file system is NTFS

Partition is bootable

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 206848 Numsec = 488185856

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 250058268160 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-488375055-488395055)...

Done!

Performing system, memory and registry scan...

Backup file found for a file C:\Windows\System32\services.exe

Infected: C:\Windows\assembly\GAC\Desktop.ini --> [Trojan.0access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\@ --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\L\00000004.@ --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA045.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA57F.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA580.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzD386.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzD3B6.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzDBF3.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzDC14.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3E3D.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3FEA.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz44CB.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz44F4.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4552.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz82D4.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz270F.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz275E.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz2D97.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB97A.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB9A5.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB9B6.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBBFA.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBD02.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBE5B.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBF26.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5D58.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5D69.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz64CC.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz64EC.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzDEB4.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzDFBF.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE0A3.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE1D1.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE1E2.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE9B0.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE9D0.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE9FE.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzED61.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzEED1.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8E3D.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8E4D.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz92ED.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9477.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz94CF.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz951E.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz988A.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz47C4.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz49F3.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4A13.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4A26.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4D9E.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4EE2.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4F16.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz52D9.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3768.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz38D.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3B27.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3B37.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB5C2.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB69A.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB6AB.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7340.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz748B.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7547.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7B05.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7B06.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7F0C.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7F0D.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7F23.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9A30.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9BA3.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9C83.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9CBB.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9CBD.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzF69E.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzF799.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1102.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1103.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz18FF.tmp --> [Rootkit.Zaccess]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz190F.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1A44.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1A48.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1B43.tmp --> [Rootkit.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1BEA.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1C1E.tmp --> [Trojan.Dropper.BCMiner]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz20AF.tmp --> [Rootkit.0Access]

Infected: C:\Users\killer\Local Settings\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\@ --> [backdoor.0Access]

Infected: C:\Users\killer\Local Settings\Application Data\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\@ --> [backdoor.0Access]

Infected: c:\windows\$ntuninstallkb9240$\1126459196 --> [backdoor.0Access]

Infected: c:\windows\$ntuninstallkb9240$\1126459196\l --> [backdoor.0Access]

Infected: c:\windows\$ntuninstallkb9240$\1126459196\u --> [backdoor.0Access]

Infected: c:\windows\$ntuninstallkb9240$\118873815 --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\L --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5532.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz555F.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz556F.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz573B.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA16.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA4E8.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA70E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzA98F.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzAA89.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCF64.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCF6F.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzD14A.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzD2A2.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzD6DC.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzD750.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3FDA.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4012.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz45D0.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz45FF.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8359.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz837A.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8610.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz86E8.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8749.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz87C3.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8D6E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8DA.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz2299.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz22F9.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz2474.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz27F8.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz292.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz2A8A.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz2B1E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz2DA.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB96E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBA50.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBAEF.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBD3.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzBE79.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzC442.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzC44B.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzC57A.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5E43.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5E9B.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz639B.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz63E3.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz650C.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz65F2.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz67B3.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz68E3.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzDCFF.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE12D.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE4A1.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE522.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE69.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzE864.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzEBB5.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzEC8E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9013.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz94E7.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz969E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz96B1.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9741.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz97EA.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4AD0.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4B63.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4BC0.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz4DB9.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz50D8.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5274.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz52D6.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz5487.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3117.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3593.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz35FD.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz36F4.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz370.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz396E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzAFA6.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB10C.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB4A5.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB528.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB5E9.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB7A5.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz71BF.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz739C.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz74AF.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz75DB.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz77F6.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7D7C.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz7DF3.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz80BB.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9C04.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9D74.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzF3EE.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzF4DF.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzF977.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzFA77.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzFB15.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCA93.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCB99.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCC8E.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCC9.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz12B8.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz19AC.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz1BD4.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz21D5.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz30E1.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz3B77.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz467B.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz54CC.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz57B.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz6F42.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz81B0.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz8DC2.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9935.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trz9D79.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzAEB2.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzB7C6.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzC5E4.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzCCD7.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzDC4C.tmp --> [backdoor.0Access]

Infected: C:\Windows\Installer\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U\trzF2D3.tmp --> [backdoor.0Access]

Infected: C:\Users\killer\Local Settings\Application Data\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\U --> [backdoor.0Access]

Infected: C:\Users\killer\Local Settings\Application Data\{4faaf995-03ee-0f7f-5ac0-44dc1d5db5df}\L --> [backdoor.0Access]

Done!

Scan finished

Creating System Restore point...

Scheduling clean up...

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Removal scheduling successful. System shutdown needed.

System shutdown occured

=======================================

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 8.0.7601.17514

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 3.210000 GHz

Memory total: 3353534464, free: 2519261184

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 8.0.7601.17514

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 3.210000 GHz

Memory total: 3353534464, free: 1852743680

------------ Kernel report ------------

11/10/2012 18:31:17

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\halmacpi.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\System32\drivers\imofugc.sys

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\vmbus.sys

\SystemRoot\system32\drivers\winhv.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\vmstorfl.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\AtiPcie.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\aswSnx.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\Drivers\aswrdr2.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\drivers\AsIO.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\amdppm.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbfilter.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\ASACPI.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\drivers\1394ohci.sys

\SystemRoot\system32\DRIVERS\Rt86win7.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\tap0901t.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtiHdmi.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\viahduaa.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_dumpata.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\usbscan.sys

\SystemRoot\system32\DRIVERS\usbprint.sys

\SystemRoot\system32\DRIVERS\dot4usb.sys

\SystemRoot\system32\DRIVERS\Dot4.sys

\SystemRoot\system32\drivers\Dot4Prt.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\aswMonFlt.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\DRIVERS\umpass.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\psapi.dll

\Windows\System32\nsi.dll

\Windows\System32\advapi32.dll

\Windows\System32\Wldap32.dll

\Windows\System32\imm32.dll

\Windows\System32\iertutil.dll

\Windows\System32\ws2_32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\wininet.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\shell32.dll

\Windows\System32\sechost.dll

\Windows\System32\kernel32.dll

\Windows\System32\msctf.dll

\Windows\System32\imagehlp.dll

\Windows\System32\urlmon.dll

\Windows\System32\normaliz.dll

\Windows\System32\ole32.dll

\Windows\System32\setupapi.dll

\Windows\System32\shlwapi.dll

\Windows\System32\lpk.dll

\Windows\System32\usp10.dll

\Windows\System32\comdlg32.dll

\Windows\System32\user32.dll

\Windows\System32\gdi32.dll

\Windows\System32\oleaut32.dll

\Windows\System32\Difxapi.dll

\Windows\System32\msvcrt.dll

\Windows\System32\crypt32.dll

\Windows\System32\comctl32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\devobj.dll

\Windows\System32\wintrust.dll

\Windows\System32\KernelBase.dll

\Windows\System32\msasn1.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff86375ac8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\

Lower Device Object: 0xffffffff864d2030

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

DriverEntry returned 0x0

Function returned 0x0

Downloaded database version: v2012.11.11.01

Initializing...

Done!

Scanning directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff86375ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86383258, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff86375ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86383848, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff864d2030, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\

------------ End ----------

Upper DeviceData: 0xffffffffbfc955e0, 0xffffffff86375ac8, 0xffffffff85da5ac8

Lower DeviceData: 0xffffffffbdcc8328, 0xffffffff864d2030, 0xffffffff85de0528

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 5AE45AE4

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 2048 Numsec = 204800

Partition file system is NTFS

Partition is bootable

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 206848 Numsec = 488185856

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 250058268160 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-488375055-488395055)...

Done!

Performing system, memory and registry scan...

Done!

Scan finished

=======================================

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.