WiredWX Hobby Weather ToolsLog in

 


Computer Infected Not Sure what it is

2 posters

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
I was not aware we were working on a Windows 7 system, as your profile says "windows xp."

We have proven recovery methods here, if anything bad were to happen. Go ahead with this fix, which would be correct for Windows 7.

Fix using MBRCheck.exe

Run MBRCheck.exe again by double-clicking on it.
  • Wait until you see the following line: Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  • Enter 'Y' and then press Enter.
  • When asked: 'Enter your choice:', select option 2 (Restore the MBR of a physical disk with a standard boot code) and press the Enter key.
  • Now the program will ask: 'Enter the physical disk number to fix (0-99, -1 to cancel)'
  • Enter 0 and press the Enter key.
  • The program will show Available MBR codes followed by a list of operating systems as shown below:
    Available MBR codes:
    [ 0] Default (Windows XP)
    [ 1] Windows XP
    [ 2] Windows Server 2003
    [ 3] Windows Vista
    [ 4] Windows 2008
    [ 5] Windows 7
    [-1] Cancel
    Please select the MBR code to write to this drive (5):
  • Please select your version of Windows from the list and enter the corresponding number and then press Enter.
  • When prompted for confirmation: "Do you want to fix the MBR code?". Type the full word Yes (not Y or the fix will not work) and press Enter.
  • Left-click on the title bar (where program name and path is written).
  • From the menu chose Edit -> Select All.
  • Press the Enter key to copy selected text.
  • Open Notepad, paste that text into it and save to your desktop as MBRCheck.txt.
  • When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
  • Reboot your computer to complete the fix and copy/paste MBRCheck.txt in your next reply.
  • If your computer does not restart on its own, please restart it manually.

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000003fc

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit: Y

Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: 2

Enter the physical disk number to fix (0-99, -1 to cancel): 0
Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: YES
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!
Press ENTER to exit...

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
So is that it? Did we get it?

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
Please re-run MBRCheck and post a log.

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000003fc

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
Ah, just noticed the computer is still acting up

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
Hello

Is there any way to speed this process up - my computer is now getting very bad and really acting up. Please help, ASAP

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
I am noticing that many of the exact same symptoms that happened with my other computer are happening on this one ( I referenced the thread in the opening paragraph and we got rid of the problem)

It lights up only one program icon on my desktop and will only open that particular one -I then have to right click and hit open to get them going (Any folder I finally get open - only one icon gets highlighted and opened, all others won't)

When I go online it sometimes just starts flashing and not let me do anything.
Please help, even several suggestions at once will be fine. It is my main computer and need to get back on it.
Thanks

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
Because you bumped your topic repeatedly, I did not see that you replied. Please be patient. As you can see in my signature that I respond slowly on weekends.

Fix using MBRCheck.exe

Run MBRCheck.exe again by double-clicking on it.
  • Wait until you see the following line: Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  • Enter 'Y' and then press Enter.
  • When asked: 'Enter your choice:', select option 2 (Restore the MBR of a physical disk with a standard boot code) and press the Enter key.
  • Now the program will ask: 'Enter the physical disk number to fix (0-99, -1 to cancel)'
  • Enter 0 and press the Enter key.
  • The program will show Available MBR codes followed by a list of operating systems as shown below:
    Available MBR codes:
    [ 0] Default (Windows XP)
    [ 1] Windows XP
    [ 2] Windows Server 2003
    [ 3] Windows Vista
    [ 4] Windows 2008
    [ 5] Windows 7
    [-1] Cancel
    Please select the MBR code to write to this drive:
  • Please select your version of Windows from the list and enter the corresponding number and then press Enter.
  • When prompted for confirmation: "Do you want to fix the MBR code?". Type the full word Yes (not Y or the fix will not work) and press Enter.
  • Left-click on the title bar (where program name and path is written).
  • From the menu chose Edit -> Select All.
  • Press the Enter key to copy selected text.
  • Open Notepad, paste that text into it and save to your desktop as MBRCheck.txt.
  • When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
  • Reboot your computer to complete the fix and copy/paste MBRCheck.txt in your next reply.
  • If your computer does not restart on its own, please restart it manually.

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 199):
0x0345F000 \SystemRoot\system32\ntoskrnl.exe
0x03416000 \SystemRoot\system32\hal.dll
0x00BB0000 \SystemRoot\system32\kdcom.dll
0x00CD2000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D16000 \SystemRoot\system32\PSHED.dll
0x00D2A000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00EE3000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F87000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F96000 \SystemRoot\system32\drivers\fltmgr.sys
0x00E00000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E57000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E60000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E6A000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E9D000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00EAA000 \SystemRoot\system32\DRIVERS\isapnp.sys
0x00EB3000 \SystemRoot\system32\DRIVERS\mpio.sys
0x00FE2000 \SystemRoot\System32\drivers\partmgr.sys
0x00FF7000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00CC0000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00D88000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D9D000 \SystemRoot\System32\drivers\volmgrx.sys
0x010CA000 \SystemRoot\system32\DRIVERS\intelide.sys
0x010D2000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x010E2000 \SystemRoot\system32\DRIVERS\aliide.sys
0x010E9000 \SystemRoot\system32\DRIVERS\amdide.sys
0x010F0000 \SystemRoot\system32\DRIVERS\cmdide.sys
0x010F8000 \SystemRoot\System32\drivers\mountmgr.sys
0x01112000 \SystemRoot\system32\DRIVERS\msdsm.sys
0x01138000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x01161000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01191000 \SystemRoot\system32\DRIVERS\pciide.sys
0x01198000 \SystemRoot\system32\DRIVERS\viaide.sys
0x0129E000 \SystemRoot\system32\DRIVERS\iaStorV.sys
0x013BC000 \SystemRoot\system32\DRIVERS\atapi.sys
0x013C5000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x01200000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x0121D000 \SystemRoot\system32\DRIVERS\storport.sys
0x0127F000 \SystemRoot\system32\DRIVERS\msahci.sys
0x011A0000 \SystemRoot\system32\DRIVERS\HpSAMD.sys
0x01000000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x01434000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x0148A000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x014B9000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x014D7000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x0151E000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01529000 \SystemRoot\system32\DRIVERS\arc.sys
0x01542000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x0155D000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x015E4000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x01400000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x0141F000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x0107B000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x0128A000 \SystemRoot\system32\DRIVERS\megasas.sys
0x016D7000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x0177B000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x0178B000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x01832000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01600000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x019D6000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x019E4000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01800000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x0165F000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x0180A000 \SystemRoot\system32\drivers\fileinfo.sys
0x01689000 \SystemRoot\system32\drivers\PCTCore64.sys
0x016C1000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01A03000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01C1D000 \SystemRoot\System32\Drivers\msrpc.sys
0x01C7B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01C95000 \SystemRoot\System32\Drivers\cng.sys
0x01D08000 \SystemRoot\System32\drivers\pcw.sys
0x01D19000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01E0E000 \SystemRoot\system32\drivers\ndis.sys
0x01F00000 \SystemRoot\system32\drivers\NETIO.SYS
0x01F60000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x02000000 \SystemRoot\System32\drivers\tcpip.sys
0x01F8B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01FD5000 \SystemRoot\system32\DRIVERS\wd.sys
0x01D23000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01FDD000 \SystemRoot\System32\Drivers\spldr.sys
0x01D6F000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x01D8C000 \SystemRoot\System32\drivers\rdyboost.sys
0x01FE5000 \SystemRoot\System32\Drivers\mup.sys
0x01FF7000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01DC6000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01C00000 \SystemRoot\system32\DRIVERS\disk.sys
0x01BA6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01E00000 \SystemRoot\System32\Drivers\Null.SYS
0x01C16000 \SystemRoot\System32\Drivers\Beep.SYS
0x01BD0000 \SystemRoot\System32\drivers\vga.sys
0x017B6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01BDE000 \SystemRoot\System32\drivers\watchdog.sys
0x01BEE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01BF7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0181E000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01827000 \SystemRoot\System32\Drivers\Msfs.SYS
0x017DB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0109A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x017EC000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0349A000 \SystemRoot\System32\Drivers\avgtdia.sys
0x034EB000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03530000 \SystemRoot\system32\drivers\afd.sys
0x035BA000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x035C3000 \SystemRoot\system32\DRIVERS\pacer.sys
0x035E9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03400000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0342C000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03447000 \SystemRoot\system32\DRIVERS\termdd.sys
0x04221000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04272000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0427E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04289000 \SystemRoot\System32\drivers\discache.sys
0x04298000 \SystemRoot\System32\Drivers\dfsc.sys
0x042B6000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x042C7000 \SystemRoot\System32\Drivers\avgmfx64.sys
0x042CF000 \SystemRoot\System32\Drivers\avgldx64.sys
0x04316000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0433C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04352000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0441D000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04C48000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04D3C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04D82000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04D8F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04DE5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04C00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04B1C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x0507E000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x057DD000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05000000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0501E000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x0502A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04B55000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x05039000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x0503B000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0504A000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0504F000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0505F000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04C24000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x057EA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04B9E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04BCD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0435B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04400000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x057F6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0437C000 \SystemRoot\system32\DRIVERS\ks.sys
0x04BE8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05AC8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05B22000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05B37000 \SystemRoot\system32\drivers\CHDRT64.sys
0x05A00000 \SystemRoot\system32\drivers\portcls.sys
0x05A3D000 \SystemRoot\system32\drivers\drmk.sys
0x05A5F000 \SystemRoot\system32\drivers\ksthunk.sys
0x05A65000 \SystemRoot\system32\DRIVERS\CAXHWAZL.sys
0x07C2C000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x07E63000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x07F2E000 \SystemRoot\system32\drivers\modem.sys
0x07F3D000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x00000000 \SystemRoot\System32\win32k.sys
0x07F72000 \SystemRoot\System32\drivers\Dxapi.sys
0x07F7E000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x07F9B000 \SystemRoot\System32\Drivers\usbvideo.sys
0x07FC9000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x07FD7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x07FF0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x07E00000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x07E0E000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00480000 \SystemRoot\System32\TSDDD.dll
0x007D0000 \SystemRoot\System32\cdd.dll
0x07E1C000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x07E37000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00850000 \SystemRoot\System32\ATMFD.DLL
0x07DA0000 \SystemRoot\system32\drivers\luafv.sys
0x07DC3000 \SystemRoot\system32\drivers\WudfPf.sys
0x07E44000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02E6C000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02EBF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02ED2000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02EEA000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x02EF4000 \SystemRoot\system32\drivers\HTTP.sys
0x02FBC000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02FDA000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02E00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03C89000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03CD7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x03CFA000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x03CFF000 \SystemRoot\system32\drivers\peauth.sys
0x03DA5000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03DB0000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x03DDD000 \SystemRoot\System32\drivers\tcpipreg.sys
0x03DEF000 \SystemRoot\system32\DRIVERS\XAudio64.sys
0x03C00000 \SystemRoot\System32\DRIVERS\srv2.sys
0x078CC000 \SystemRoot\System32\DRIVERS\srv.sys
0x07962000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x07993000 \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
0x77490000 \Windows\System32\ntdll.dll
0x48070000 \Windows\System32\smss.exe
0xFF7B0000 \Windows\System32\apisetschema.dll
0xFFB60000 \Windows\System32\autochk.exe

Processes (total 63):
0 System Idle Process
4 System
304 C:\Windows\System32\smss.exe
392 csrss.exe
456 C:\Windows\System32\wininit.exe
472 C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
480 csrss.exe
488 C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
552 C:\Windows\System32\services.exe
568 C:\Windows\System32\lsass.exe
576 C:\Windows\System32\lsm.exe
608 C:\Windows\System32\winlogon.exe
664 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
836 C:\Windows\System32\svchost.exe
484 C:\Windows\System32\svchost.exe
1076 C:\Windows\System32\svchost.exe
1108 C:\Windows\System32\svchost.exe
1140 C:\Windows\System32\svchost.exe
1300 C:\Windows\System32\svchost.exe
1384 C:\Windows\System32\svchost.exe
1584 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1700 C:\Windows\System32\spoolsv.exe
1728 C:\Windows\System32\svchost.exe
1816 C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
1924 C:\Windows\System32\svchost.exe
1952 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2032 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
1264 C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
1884 C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
1172 C:\Windows\System32\svchost.exe
2180 C:\Program Files (x86)\AVG\AVG9\avgemc.exe
2228 C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
2620 C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
2680 unsecapp.exe
2792 WmiPrvSE.exe
3020 C:\Windows\System32\taskhost.exe
2292 C:\Windows\System32\dwm.exe
2324 C:\Windows\explorer.exe
3504 C:\Windows\System32\svchost.exe
3556 C:\Program Files\Java\jre6\bin\jusched.exe
3584 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3600 C:\Program Files (x86)\POP Peeper\POPPeeper.exe
3748 WUDFHost.exe
3768 C:\Program Files (x86)\AVG\AVG9\avgtray.exe
3784 C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
3952 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3968 C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
4000 C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
3900 C:\Windows\System32\SearchIndexer.exe
3936 C:\Program Files\Windows Media Player\wmpnetwk.exe
1420 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
4144 C:\Windows\System32\svchost.exe
3756 C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
4284 C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
2988 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
3472 C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
3764 C:\Program Files (x86)\AVG\AVG9\avgscana.exe
4356 C:\Windows\System32\conhost.exe
4532 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
1636 C:\Program Files (x86)\AVG\AVG9\avgui.exe
4596 C:\Users\LA\Desktop\MBRCheck.exe
2732 C:\Windows\System32\conhost.exe
4652 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543232L9A300, Rev: FB4OC40J

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: YES
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
And now, a new log please.

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000001fc

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
Did you ever have any recovery discs that came along with your computer?

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
can belazur elp me - dont want to lose data

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
This has nothing to do with who can help you, without a recovery or install disc, we are very limited.

Your Master Boot Record is severely infected. We need to fully disinfect it, or else this malware will never go away.

I don't want you to reformat/reinstall. We just need to do a data-safe recovery method that fixes the Master Boot Record.

Otherwise: your system will be continuously infected.

Reboot your computer, and at the boot screen, press F8 until you get a menu showing "Safe Mode, Safe Mode with Networking, etc."

Please tell me if you see an option called "Repair Your Computer."

descriptionComputer Infected Not Sure what it is - Page 2 EmptyRe: Computer Infected Not Sure what it is

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum