This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Are MEMSWEEP2 and FB50.tmp from Sophos Anti-Rootkit?

After I install Sophos Anti-Rootk it, even logs shows errors about MEMSWEEP2 and FB50.tmp

Windows 7 64bit.

The MEMSWEEP2 service failed to start due to the following error:
This driver has been blocked from loading

-	System

Provider

[ Name]

Service Control Manager

[ Guid]

{555908d1-a6d7-4695-8e1e-26931d2012f4}

[ EventSourceName]

Service Control Manager

EventID

7000

[ Qualifiers]

49152

Version

Level

Task

Opcode

Keywords

0x8080000000000000

TimeCreated

[ SystemTime]

2010-07-16T19:11:19.530097100Z

EventRecordID

63912

Correlation

Execution

[ ProcessID]

448

[ ThreadID]

2848

Channel

System

Computer

johan-PC

Security

-	EventData

param1

MEMSWEEP2

param2

%%1275

This thread was automatically locked due to age.

Parents

0 joel99 over 15 years ago

\??\C:\Windows\system32\FB50.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- System

- Provider

[ Name] Application Popup

- EventID 1060

[ Qualifiers] 49152

Level 2

Task 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2010-07-16T19:11:19.530097100Z

EventRecordID 63911

Channel System

Computer johan-PC

Security
- EventData

\??\C:\Windows\system32\FB50.tmp

000000000200300000000000240400C0000000006B0300C000000000000000000000000000000000
Binary data:
In Words
0000: 00000000 00300002 00000000 C0000424
0008: 00000000 C000036B 00000000 00000000
0010: 00000000 00000000
In Bytes
0000: 00 00 00 00 02 00 30 00 ......0.
0008: 00 00 00 00 24 04 00 C0 ....$..À
0010: 00 00 00 00 6B 03 00 C0 ....k..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
:3966
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 joel99 over 15 years ago

\??\C:\Windows\system32\FB50.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- System

- Provider

[ Name] Application Popup

- EventID 1060

[ Qualifiers] 49152

Level 2

Task 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2010-07-16T19:11:19.530097100Z

EventRecordID 63911

Channel System

Computer johan-PC

Security
- EventData

\??\C:\Windows\system32\FB50.tmp

000000000200300000000000240400C0000000006B0300C000000000000000000000000000000000
Binary data:
In Words
0000: 00000000 00300002 00000000 C0000424
0008: 00000000 C000036B 00000000 00000000
0010: 00000000 00000000
In Bytes
0000: 00 00 00 00 02 00 30 00 ......0.
0008: 00 00 00 00 24 04 00 C0 ....$..À
0010: 00 00 00 00 6B 03 00 C0 ....k..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
:3966
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data