After I posted to you about the "new" infections.
AVG asked me to deal with the issues, I selected that option, AVG then asked for a restart to complete the process.
When I ran a scan after the restart, I wasn't surprised to find that the infections were still present!
I was surprised though to see that AVG had now found 25 infections!!!
This time I didn't opt to heal them, I decided to get feedback from you.
Another scan was run today and the number of infections is now up to 34!!
I have included the log output for you to look at:
Scheduled Scan
Medium priority;"34";"0";"34"
Folders selected for scanning:;"Scan Whole Computer"
Started:;"17/09/2013, 16:00:02"
Finished:;"17/09/2013, 16:34:54"
Total object scanned:;"3004350"
User who launched the scan:;"SYSTEM"
Status;"Priority";"Name";"Description";"Result"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_SET_EA -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_CLEANUP -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_PNP -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_SET_QUOTA -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_INTERNAL_DEVICE_CONTROL -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_PNP -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_DEVICE_CONTROL -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_QUERY_INFORMATION -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_READ -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_READ -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_SET_VOLUME_INFORMATION -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_CREATE -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_WRITE -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_FLUSH_BUFFERS -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_CREATE -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_SHUTDOWN -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_SYSTEM_CONTROL -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_DIRECTORY_CONTROL -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_DEVICE_CONTROL -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"i8042prt.sys, hooked import HAL.dll READ_PORT_UCHAR -> spfb.sys +0x11E9C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_SET_SECURITY -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_FLUSH_BUFFERS -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_SHUTDOWN -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_WRITE -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_CLEANUP -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_QUERY_QUOTA -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_QUERY_EA -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \Driver\volmgr IRP_MJ_POWER -> spfb.sys +0x12CD8";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_LOCK_CONTROL -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_SET_INFORMATION -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_QUERY_SECURITY -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_FILE_SYSTEM_CONTROL -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
Infected;"Medium";"IRP hook, \FileSystem\Ntfs IRP_MJ_CLOSE -> spfb.sys +0x1204C";"C:\Windows\System32\Drivers\spfb.sys";"Infected"
I've done as you requested, checked the show hidden.
I found the C:\Windows\System32\drivers\i8042prt.sys and have uploaded it.
I could not find the C:\Windows\System32\Drivers\splb.sys, there is no folder called 'Drivers'. I thought that might be a typo on your part so I checked the 'drivers' folder for both the splb.sys file and the spfb.sys file listed above and found neither of them.