Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cant get rid of MEVIO


  • Please log in to reply
No replies to this topic

#1 pmelland

pmelland

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 22 November 2011 - 12:37 PM

Recommendations on getting rid of mevio on my laptop. Thank you.


Paul

here is MBRCheck log

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Intel Corp.
BIOS Manufacturer: INSYDE
System Manufacturer: TOSHIBA
System Product Name: Satellite L755
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 202):
0x02E68000 \SystemRoot\system32\ntoskrnl.exe
0x02E1F000 \SystemRoot\system32\hal.dll
0x00BB9000 \SystemRoot\system32\kdcom.dll
0x00C18000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C67000 \SystemRoot\system32\PSHED.dll
0x00C7B000 \SystemRoot\system32\CLFS.SYS
0x00CD9000 \SystemRoot\system32\CI.dll
0x00E5A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EFE000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F0D000 \SystemRoot\system32\drivers\ACPI.sys
0x00F64000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F6D000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F77000 \SystemRoot\system32\drivers\pci.sys
0x00FAA000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FB7000 \SystemRoot\System32\drivers\partmgr.sys
0x00FCC000 \SystemRoot\system32\drivers\compbatt.sys
0x00FD5000 \SystemRoot\system32\drivers\BATTC.SYS
0x00FE1000 \SystemRoot\system32\drivers\volmgr.sys
0x00D99000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E00000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E1A000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00E21000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x01051000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x011A5000 \SystemRoot\system32\drivers\atapi.sys
0x011AE000 \SystemRoot\system32\drivers\ataport.SYS
0x011D8000 \SystemRoot\system32\DRIVERS\msahci.sys
0x011E3000 \SystemRoot\system32\drivers\amdxata.sys
0x01000000 \SystemRoot\system32\drivers\fltmgr.sys
0x01261000 \SystemRoot\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS
0x012D2000 \SystemRoot\system32\drivers\fileinfo.sys
0x012E6000 \SystemRoot\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS
0x01405000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01200000 \SystemRoot\System32\Drivers\msrpc.sys
0x015A8000 \SystemRoot\System32\Drivers\ksecdd.sys
0x016F5000 \SystemRoot\System32\Drivers\cng.sys
0x01767000 \SystemRoot\System32\drivers\pcw.sys
0x01778000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01600000 \SystemRoot\system32\drivers\ndis.sys
0x01782000 \SystemRoot\system32\drivers\NETIO.SYS
0x015C3000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018A1000 \SystemRoot\System32\drivers\tcpip.sys
0x01AA5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AEF000 \SystemRoot\system32\drivers\wd.sys
0x01AF7000 \SystemRoot\system32\drivers\volsnap.sys
0x01B43000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x01B48000 \SystemRoot\system32\DRIVERS\tos_sps64.sys
0x01BC2000 \SystemRoot\System32\Drivers\spldr.sys
0x01800000 \SystemRoot\System32\drivers\rdyboost.sys
0x0183A000 \SystemRoot\System32\Drivers\mup.sys
0x0184C000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01855000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01BCA000 \SystemRoot\system32\drivers\disk.sys
0x013CA000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x043B5000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x043DF000 \SystemRoot\System32\Drivers\Null.SYS
0x043E8000 \SystemRoot\System32\Drivers\Beep.SYS
0x04200000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x04225000 \SystemRoot\System32\drivers\vga.sys
0x00E31000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x04233000 \SystemRoot\System32\drivers\watchdog.sys
0x04243000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x043EF000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01BEE000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0188F000 \SystemRoot\System32\Drivers\Msfs.SYS
0x017E2000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0445D000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0447F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0448C000 \SystemRoot\system32\drivers\afd.sys
0x04515000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0455A000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x04563000 \SystemRoot\system32\DRIVERS\pacer.sys
0x04589000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x0459F000 \SystemRoot\system32\DRIVERS\netbios.sys
0x045AE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x045C9000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03C8D000 \SystemRoot\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS
0x03CF4000 \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS
0x03D2A000 \SystemRoot\system32\drivers\NISx64\1206000.01D\Ironx64.SYS
0x03D57000 \SystemRoot\system32\drivers\NISx64\1206000.01D\SRTSPX64.SYS
0x03D6D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03DBE000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03DCA000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03C00000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110903.030\IDSvia64.sys
0x0468F000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x04708000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x0472E000 \SystemRoot\System32\drivers\discache.sys
0x0473D000 \SystemRoot\System32\Drivers\dfsc.sys
0x0475B000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04C87000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110812.001\BHDrvx64.sys
0x04DA5000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0581B000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04A58000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04B4C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04B92000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04BA3000 \SystemRoot\system32\drivers\usbehci.sys
0x04A00000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04BB4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04E65000 \SystemRoot\system32\DRIVERS\rtl8192Ce.sys
0x04FD2000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04FDF000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x04E00000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04E1E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05268000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x053C7000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x053C9000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x053D8000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x053E2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x053F8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05200000 \SystemRoot\system32\DRIVERS\QIOMem.sys
0x0520A000 \SystemRoot\system32\DRIVERS\TVALZFL.sys
0x05211000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0521A000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0522A000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05240000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04E2D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x063CD000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04E39000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04BD8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x05800000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05264000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04C00000 \SystemRoot\system32\DRIVERS\ks.sys
0x04C43000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0476C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04C55000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x02E10000 \SystemRoot\system32\drivers\CHDRT64.sys
0x02F9F000 \SystemRoot\system32\drivers\portcls.sys
0x02FDC000 \SystemRoot\system32\drivers\drmk.sys
0x02E00000 \SystemRoot\system32\drivers\ksthunk.sys
0x04600000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x04C6A000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x04DCB000 \SystemRoot\System32\Drivers\usbvideo.sys
0x02E06000 \SystemRoot\system32\DRIVERS\pgeffect.sys
0x000D0000 \SystemRoot\System32\win32k.sys
0x04E54000 \SystemRoot\System32\drivers\Dxapi.sys
0x04653000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0424C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x04661000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x04674000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00490000 \SystemRoot\System32\TSDDD.dll
0x007D0000 \SystemRoot\System32\cdd.dll
0x047C6000 \SystemRoot\system32\drivers\luafv.sys
0x02871000 \SystemRoot\system32\DRIVERS\eamonm.sys
0x0294A000 \SystemRoot\system32\drivers\WudfPf.sys
0x0296B000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02980000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x029D3000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x029E6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03E52000 \SystemRoot\system32\drivers\HTTP.sys
0x03F1B000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03F39000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03F51000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03F7E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03FCC000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x03E00000 \SystemRoot\system32\DRIVERS\epfwwfpr.sys
0x0728D000 \SystemRoot\system32\drivers\peauth.sys
0x07333000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0733E000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0736F000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07381000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08811000 \SystemRoot\System32\DRIVERS\srv.sys
0x0895A000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x08975000 \SystemRoot\System32\Drivers\fastfat.SYS
0x088A9000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x76D10000 \Windows\System32\ntdll.dll
0x47980000 \Windows\System32\smss.exe
0xFF030000 \Windows\System32\apisetschema.dll
0xFFEA0000 \Windows\System32\autochk.exe
0x76EE0000 \Windows\System32\normaliz.dll
0xFEFB0000 \Windows\System32\gdi32.dll
0xFED50000 \Windows\System32\iertutil.dll
0xFEC40000 \Windows\System32\msctf.dll
0xFEBE0000 \Windows\System32\Wldap32.dll
0xFEBC0000 \Windows\System32\sechost.dll
0xFEBB0000 \Windows\System32\nsi.dll
0xFDE20000 \Windows\System32\shell32.dll
0xFDC10000 \Windows\System32\ole32.dll
0xFDB90000 \Windows\System32\shlwapi.dll
0xFDB60000 \Windows\System32\imm32.dll
0x76ED0000 \Windows\System32\psapi.dll
0xFDB50000 \Windows\System32\lpk.dll
0xFDA80000 \Windows\System32\usp10.dll
0xFDA00000 \Windows\System32\difxapi.dll
0x76BF0000 \Windows\System32\kernel32.dll
0xFD8D0000 \Windows\System32\wininet.dll
0xFD7F0000 \Windows\System32\advapi32.dll
0xFD610000 \Windows\System32\setupapi.dll
0xFD4E0000 \Windows\System32\rpcrt4.dll
0xFD440000 \Windows\System32\msvcrt.dll
0xFD360000 \Windows\System32\oleaut32.dll
0xFD340000 \Windows\System32\imagehlp.dll
0xFD1C0000 \Windows\System32\urlmon.dll
0xFD170000 \Windows\System32\ws2_32.dll
0xFD0D0000 \Windows\System32\clbcatq.dll
0xFD030000 \Windows\System32\comdlg32.dll
0x76AF0000 \Windows\System32\user32.dll
0xFCFC0000 \Windows\System32\KernelBase.dll
0xFCE50000 \Windows\System32\crypt32.dll
0xFCE10000 \Windows\System32\cfgmgr32.dll
0xFCD70000 \Windows\System32\comctl32.dll
0xFCD30000 \Windows\System32\wintrust.dll
0xFCD10000 \Windows\System32\devobj.dll
0xFCD00000 \Windows\System32\msasn1.dll

Processes (total 75):
0 System Idle Process
4 System
360 C:\Windows\System32\smss.exe
476 csrss.exe
552 C:\Windows\System32\wininit.exe
568 csrss.exe
624 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
656 C:\Windows\System32\lsm.exe
752 C:\Windows\System32\winlogon.exe
768 C:\Windows\System32\svchost.exe
848 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\svchost.exe
992 C:\Windows\System32\svchost.exe
124 C:\Windows\System32\svchost.exe
608 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
1284 C:\Windows\System32\spoolsv.exe
1312 C:\Windows\System32\svchost.exe
1416 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
1460 C:\Windows\SysWOW64\svchost.exe
1484 C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
1780 C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
1936 C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
2004 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
1168 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1668 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
1700 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2092 C:\Windows\System32\TODDSrv.exe
2128 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
2256 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2348 C:\Program Files\Toshiba\TECO\TecoService.exe
2444 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3004 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
3140 C:\Windows\System32\svchost.exe
1772 C:\Windows\System32\svchost.exe
2424 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
2436 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
780 C:\Windows\System32\SearchIndexer.exe
1696 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
3912 C:\Windows\System32\taskhost.exe
2596 C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
1016 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
2312 C:\Windows\System32\dwm.exe
3700 C:\Windows\explorer.exe
3076 C:\Windows\System32\igfxtray.exe
3560 C:\Windows\System32\hkcmd.exe
2068 C:\Windows\System32\igfxpers.exe
1240 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
4160 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4196 C:\Windows\System32\audiodg.exe
4284 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4344 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
4376 C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\dd.exe
4556 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
5036 C:\Program Files\Windows Media Player\wmpnetwk.exe
2524 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
948 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
1604 C:\Windows\System32\svchost.exe
4956 C:\Program Files (x86)\Internet Explorer\iexplore.exe
3988 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
5032 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
4648 C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
5260 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
3624 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
4688 C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
1976 C:\Windows\System32\taskeng.exe
6056 C:\Windows\System32\SearchProtocolHost.exe
3572 C:\Windows\System32\SearchFilterHost.exe
4632 WmiPrvSE.exe
4476 WmiPrvSE.exe
5312 WUDFHost.exe
4564 C:\Windows\System32\dllhost.exe
4636 E:\Utilities\Rootkit\MBRcheck\MBRCheck.exe
1500 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK6475GSX, Rev: GT001M

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 38BE7869FCCF026F920DA4A541B12E68993C36ED


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Done!

Edited by pmelland, 22 November 2011 - 01:21 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users