Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Iminient
Message
<blockquote data-quote="aztony" data-source="post: 147886" data-attributes="member: 13823"><p>I think his report was added to the wrong thread.</p><p></p><p><a href="http://malwaretips.com/threads/tales-from-the-cryptolocker-wrestling-with-ransomware.20317/#post-147885" target="_blank">http://malwaretips.com/threads/tales-from-the-cryptolocker-wrestling-with-ransomware.20317/#post-147885</a></p><p>aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software</p><p>Run date: 2013-12-09 14:13:15</p><p>-----------------------------</p><p>14:13:15.046 OS Version: Windows 5.1.2600 Service Pack 3</p><p>14:13:15.046 Number of processors: 1 586 0xE08</p><p>14:13:15.046 ComputerName: ROYSPC UserName: </p><p>14:13:16.187 Initialize success</p><p>14:14:47.937 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\My Documents\aswMBR.txt"</p><p>14:20:44.250 AVAST engine defs: 13120900</p><p>15:17:14.609 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p></p><p></p><p>aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software</p><p>Run date: 2013-12-12 18:17:52</p><p>-----------------------------</p><p>18:17:52.734 OS Version: Windows 5.1.2600 Service Pack 3</p><p>18:17:52.734 Number of processors: 1 586 0xE08</p><p>18:17:52.734 ComputerName: ROYSPC UserName: </p><p>18:17:56.906 Initialize success</p><p>18:18:25.343 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p></p><p></p><p>aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software</p><p>Run date: 2013-12-12 18:17:52</p><p>-----------------------------</p><p>18:17:52.734 OS Version: Windows 5.1.2600 Service Pack 3</p><p>18:17:52.734 Number of processors: 1 586 0xE08</p><p>18:17:52.734 ComputerName: ROYSPC UserName: </p><p>18:17:56.906 Initialize success</p><p>18:18:25.343 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p>18:22:16.375 AVAST engine defs: 13121200</p><p>18:22:33.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0</p><p>18:22:33.750 Disk 0 Vendor: ST316081 3.AH Size: 152627MB BusType: 3</p><p>18:22:34.296 Disk 0 MBR read successfully</p><p>18:22:34.296 Disk 0 MBR scan</p><p>18:22:34.906 Disk 0 unknown MBR code</p><p>18:22:34.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 145670 MB offset 63</p><p>18:22:35.250 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 6947 MB offset 298347840</p><p>18:22:37.968 Disk 0 scanning sectors +312575760</p><p>18:22:38.265 Disk 0 scanning C:\WINDOWS\system32\drivers</p><p>18:23:32.125 Service scanning</p><p>18:24:18.046 Service MpKsl2f0a5a90 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4279B06-AFB3-43EA-8CD4-09271FDF18D1}\MpKsl2f0a5a90.sys **LOCKED** 32</p><p>18:24:52.406 Modules scanning</p><p>18:25:06.734 Disk 0 trace - called modules:</p><p>18:25:06.765 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll </p><p>18:25:06.765 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8641fab8]</p><p>18:25:06.765 3 CLASSPNP.SYS[f7668fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86d77030]</p><p>18:25:07.390 AVAST engine scan C:\WINDOWS</p><p>18:25:50.078 AVAST engine scan C:\WINDOWS\system32</p><p>18:32:54.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\MBR.dat"</p><p>18:32:55.031 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p></p><p></p><p>aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software</p><p>Run date: 2013-12-12 18:17:52</p><p>-----------------------------</p><p>18:17:52.734 OS Version: Windows 5.1.2600 Service Pack 3</p><p>18:17:52.734 Number of processors: 1 586 0xE08</p><p>18:17:52.734 ComputerName: ROYSPC UserName: </p><p>18:17:56.906 Initialize success</p><p>18:18:25.343 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p>18:22:16.375 AVAST engine defs: 13121200</p><p>18:22:33.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0</p><p>18:22:33.750 Disk 0 Vendor: ST316081 3.AH Size: 152627MB BusType: 3</p><p>18:22:34.296 Disk 0 MBR read successfully</p><p>18:22:34.296 Disk 0 MBR scan</p><p>18:22:34.906 Disk 0 unknown MBR code</p><p>18:22:34.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 145670 MB offset 63</p><p>18:22:35.250 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 6947 MB offset 298347840</p><p>18:22:37.968 Disk 0 scanning sectors +312575760</p><p>18:22:38.265 Disk 0 scanning C:\WINDOWS\system32\drivers</p><p>18:23:32.125 Service scanning</p><p>18:24:18.046 Service MpKsl2f0a5a90 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4279B06-AFB3-43EA-8CD4-09271FDF18D1}\MpKsl2f0a5a90.sys **LOCKED** 32</p><p>18:24:52.406 Modules scanning</p><p>18:25:06.734 Disk 0 trace - called modules:</p><p>18:25:06.765 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll </p><p>18:25:06.765 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8641fab8]</p><p>18:25:06.765 3 CLASSPNP.SYS[f7668fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86d77030]</p><p>18:25:07.390 AVAST engine scan C:\WINDOWS</p><p>18:25:50.078 AVAST engine scan C:\WINDOWS\system32</p><p>18:32:54.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\MBR.dat"</p><p>18:32:55.031 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p>18:37:21.218 AVAST engine scan C:\WINDOWS\system32\drivers</p><p>18:38:59.421 AVAST engine scan C:\Documents and Settings\HP_Administrator.ROYSPC</p><p>19:17:46.062 AVAST engine scan C:\Documents and Settings\All Users</p><p>19:30:49.718 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\MBR.dat"</p><p>19:30:49.921 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt"</p><p><span style="font-size: 12px"><strong>Attached Files:</strong></span></p></blockquote><p></p>
[QUOTE="aztony, post: 147886, member: 13823"] I think his report was added to the wrong thread. [url]http://malwaretips.com/threads/tales-from-the-cryptolocker-wrestling-with-ransomware.20317/#post-147885[/url] aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2013-12-09 14:13:15 ----------------------------- 14:13:15.046 OS Version: Windows 5.1.2600 Service Pack 3 14:13:15.046 Number of processors: 1 586 0xE08 14:13:15.046 ComputerName: ROYSPC UserName: 14:13:16.187 Initialize success 14:14:47.937 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\My Documents\aswMBR.txt" 14:20:44.250 AVAST engine defs: 13120900 15:17:14.609 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2013-12-12 18:17:52 ----------------------------- 18:17:52.734 OS Version: Windows 5.1.2600 Service Pack 3 18:17:52.734 Number of processors: 1 586 0xE08 18:17:52.734 ComputerName: ROYSPC UserName: 18:17:56.906 Initialize success 18:18:25.343 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2013-12-12 18:17:52 ----------------------------- 18:17:52.734 OS Version: Windows 5.1.2600 Service Pack 3 18:17:52.734 Number of processors: 1 586 0xE08 18:17:52.734 ComputerName: ROYSPC UserName: 18:17:56.906 Initialize success 18:18:25.343 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" 18:22:16.375 AVAST engine defs: 13121200 18:22:33.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 18:22:33.750 Disk 0 Vendor: ST316081 3.AH Size: 152627MB BusType: 3 18:22:34.296 Disk 0 MBR read successfully 18:22:34.296 Disk 0 MBR scan 18:22:34.906 Disk 0 unknown MBR code 18:22:34.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 145670 MB offset 63 18:22:35.250 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 6947 MB offset 298347840 18:22:37.968 Disk 0 scanning sectors +312575760 18:22:38.265 Disk 0 scanning C:\WINDOWS\system32\drivers 18:23:32.125 Service scanning 18:24:18.046 Service MpKsl2f0a5a90 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4279B06-AFB3-43EA-8CD4-09271FDF18D1}\MpKsl2f0a5a90.sys **LOCKED** 32 18:24:52.406 Modules scanning 18:25:06.734 Disk 0 trace - called modules: 18:25:06.765 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll 18:25:06.765 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8641fab8] 18:25:06.765 3 CLASSPNP.SYS[f7668fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86d77030] 18:25:07.390 AVAST engine scan C:\WINDOWS 18:25:50.078 AVAST engine scan C:\WINDOWS\system32 18:32:54.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\MBR.dat" 18:32:55.031 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2013-12-12 18:17:52 ----------------------------- 18:17:52.734 OS Version: Windows 5.1.2600 Service Pack 3 18:17:52.734 Number of processors: 1 586 0xE08 18:17:52.734 ComputerName: ROYSPC UserName: 18:17:56.906 Initialize success 18:18:25.343 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" 18:22:16.375 AVAST engine defs: 13121200 18:22:33.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 18:22:33.750 Disk 0 Vendor: ST316081 3.AH Size: 152627MB BusType: 3 18:22:34.296 Disk 0 MBR read successfully 18:22:34.296 Disk 0 MBR scan 18:22:34.906 Disk 0 unknown MBR code 18:22:34.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 145670 MB offset 63 18:22:35.250 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 6947 MB offset 298347840 18:22:37.968 Disk 0 scanning sectors +312575760 18:22:38.265 Disk 0 scanning C:\WINDOWS\system32\drivers 18:23:32.125 Service scanning 18:24:18.046 Service MpKsl2f0a5a90 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4279B06-AFB3-43EA-8CD4-09271FDF18D1}\MpKsl2f0a5a90.sys **LOCKED** 32 18:24:52.406 Modules scanning 18:25:06.734 Disk 0 trace - called modules: 18:25:06.765 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll 18:25:06.765 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8641fab8] 18:25:06.765 3 CLASSPNP.SYS[f7668fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86d77030] 18:25:07.390 AVAST engine scan C:\WINDOWS 18:25:50.078 AVAST engine scan C:\WINDOWS\system32 18:32:54.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\MBR.dat" 18:32:55.031 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" 18:37:21.218 AVAST engine scan C:\WINDOWS\system32\drivers 18:38:59.421 AVAST engine scan C:\Documents and Settings\HP_Administrator.ROYSPC 19:17:46.062 AVAST engine scan C:\Documents and Settings\All Users 19:30:49.718 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\MBR.dat" 19:30:49.921 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.ROYSPC\Desktop\aswMBR.txt" [SIZE=3][B]Attached Files:[/B][/SIZE] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
