Computer Infected Not Sure what it is

I was not aware we were working on a Windows 7 system, as your profile says "windows xp."

We have proven recovery methods here, if anything bad were to happen. Go ahead with this fix, which would be correct for Windows 7.

Fix using MBRCheck.exe

Run MBRCheck.exe again by double-clicking on it.

• Wait until you see the following line: Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  
• Enter 'Y' and then press Enter.
  
• When asked: 'Enter your choice:', select option 2 (Restore the MBR of a physical disk with a standard boot code) and press the Enter key.
  
• Now the program will ask: 'Enter the physical disk number to fix (0-99, -1 to cancel)'
  
• Enter 0 and press the Enter key.
  
• The program will show Available MBR codes followed by a list of operating systems as shown below:
  

  Available MBR codes:
  [ 0] Default (Windows XP)
  [ 1] Windows XP
  [ 2] Windows Server 2003
  [ 3] Windows Vista
  [ 4] Windows 2008
  [ 5] Windows 7
  [-1] Cancel
  Please select the MBR code to write to this drive (5):
  

• Please select your version of Windows from the list and enter the corresponding number and then press Enter.
  
• When prompted for confirmation: "Do you want to fix the MBR code?". Type the full word Yes (not Y or the fix will not work) and press Enter.
  
• Left-click on the title bar (where program name and path is written).
  
• From the menu chose Edit -> Select All.
  
• Press the Enter key to copy selected text.
  
• Open Notepad, paste that text into it and save to your desktop as MBRCheck.txt.
  
• When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
  
• Reboot your computer to complete the fix and copy/paste MBRCheck.txt in your next reply.
  
• If your computer does not restart on its own, please restart it manually.
  

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000003fc

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit: Y

Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: 2

Enter the physical disk number to fix (0-99, -1 to cancel): 0
Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: YES
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!
Press ENTER to exit...

So is that it? Did we get it?

Please re-run MBRCheck and post a log.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000003fc

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit

Ah, just noticed the computer is still acting up

Hello

Is there any way to speed this process up - my computer is now getting very bad and really acting up. Please help, ASAP

I am noticing that many of the exact same symptoms that happened with my other computer are happening on this one ( I referenced the thread in the opening paragraph and we got rid of the problem)

It lights up only one program icon on my desktop and will only open that particular one -I then have to right click and hit open to get them going (Any folder I finally get open - only one icon gets highlighted and opened, all others won't)

When I go online it sometimes just starts flashing and not let me do anything.
Please help, even several suggestions at once will be fine. It is my main computer and need to get back on it.
Thanks

Because you bumped your topic repeatedly, I did not see that you replied. Please be patient. As you can see in my signature that I respond slowly on weekends.

Fix using MBRCheck.exe

Run MBRCheck.exe again by double-clicking on it.

• Wait until you see the following line: Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  
• Enter 'Y' and then press Enter.
  
• When asked: 'Enter your choice:', select option 2 (Restore the MBR of a physical disk with a standard boot code) and press the Enter key.
  
• Now the program will ask: 'Enter the physical disk number to fix (0-99, -1 to cancel)'
  
• Enter 0 and press the Enter key.
  
• The program will show Available MBR codes followed by a list of operating systems as shown below:
  

  Available MBR codes:
  [ 0] Default (Windows XP)
  [ 1] Windows XP
  [ 2] Windows Server 2003
  [ 3] Windows Vista
  [ 4] Windows 2008
  [ 5] Windows 7
  [-1] Cancel
  Please select the MBR code to write to this drive:
  

• Please select your version of Windows from the list and enter the corresponding number and then press Enter.
  
• When prompted for confirmation: "Do you want to fix the MBR code?". Type the full word Yes (not Y or the fix will not work) and press Enter.
  
• Left-click on the title bar (where program name and path is written).
  
• From the menu chose Edit -> Select All.
  
• Press the Enter key to copy selected text.
  
• Open Notepad, paste that text into it and save to your desktop as MBRCheck.txt.
  
• When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
  
• Reboot your computer to complete the fix and copy/paste MBRCheck.txt in your next reply.
  
• If your computer does not restart on its own, please restart it manually.
  

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 199):
0x0345F000 \SystemRoot\system32\ntoskrnl.exe
0x03416000 \SystemRoot\system32\hal.dll
0x00BB0000 \SystemRoot\system32\kdcom.dll
0x00CD2000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D16000 \SystemRoot\system32\PSHED.dll
0x00D2A000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00EE3000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F87000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F96000 \SystemRoot\system32\drivers\fltmgr.sys
0x00E00000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E57000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E60000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E6A000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E9D000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00EAA000 \SystemRoot\system32\DRIVERS\isapnp.sys
0x00EB3000 \SystemRoot\system32\DRIVERS\mpio.sys
0x00FE2000 \SystemRoot\System32\drivers\partmgr.sys
0x00FF7000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00CC0000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00D88000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D9D000 \SystemRoot\System32\drivers\volmgrx.sys
0x010CA000 \SystemRoot\system32\DRIVERS\intelide.sys
0x010D2000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x010E2000 \SystemRoot\system32\DRIVERS\aliide.sys
0x010E9000 \SystemRoot\system32\DRIVERS\amdide.sys
0x010F0000 \SystemRoot\system32\DRIVERS\cmdide.sys
0x010F8000 \SystemRoot\System32\drivers\mountmgr.sys
0x01112000 \SystemRoot\system32\DRIVERS\msdsm.sys
0x01138000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x01161000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01191000 \SystemRoot\system32\DRIVERS\pciide.sys
0x01198000 \SystemRoot\system32\DRIVERS\viaide.sys
0x0129E000 \SystemRoot\system32\DRIVERS\iaStorV.sys
0x013BC000 \SystemRoot\system32\DRIVERS\atapi.sys
0x013C5000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x01200000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x0121D000 \SystemRoot\system32\DRIVERS\storport.sys
0x0127F000 \SystemRoot\system32\DRIVERS\msahci.sys
0x011A0000 \SystemRoot\system32\DRIVERS\HpSAMD.sys
0x01000000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x01434000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x0148A000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x014B9000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x014D7000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x0151E000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01529000 \SystemRoot\system32\DRIVERS\arc.sys
0x01542000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x0155D000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x015E4000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x01400000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x0141F000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x0107B000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x0128A000 \SystemRoot\system32\DRIVERS\megasas.sys
0x016D7000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x0177B000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x0178B000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x01832000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01600000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x019D6000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x019E4000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01800000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x0165F000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x0180A000 \SystemRoot\system32\drivers\fileinfo.sys
0x01689000 \SystemRoot\system32\drivers\PCTCore64.sys
0x016C1000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01A03000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01C1D000 \SystemRoot\System32\Drivers\msrpc.sys
0x01C7B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01C95000 \SystemRoot\System32\Drivers\cng.sys
0x01D08000 \SystemRoot\System32\drivers\pcw.sys
0x01D19000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01E0E000 \SystemRoot\system32\drivers\ndis.sys
0x01F00000 \SystemRoot\system32\drivers\NETIO.SYS
0x01F60000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x02000000 \SystemRoot\System32\drivers\tcpip.sys
0x01F8B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01FD5000 \SystemRoot\system32\DRIVERS\wd.sys
0x01D23000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01FDD000 \SystemRoot\System32\Drivers\spldr.sys
0x01D6F000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x01D8C000 \SystemRoot\System32\drivers\rdyboost.sys
0x01FE5000 \SystemRoot\System32\Drivers\mup.sys
0x01FF7000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01DC6000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01C00000 \SystemRoot\system32\DRIVERS\disk.sys
0x01BA6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01E00000 \SystemRoot\System32\Drivers\Null.SYS
0x01C16000 \SystemRoot\System32\Drivers\Beep.SYS
0x01BD0000 \SystemRoot\System32\drivers\vga.sys
0x017B6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01BDE000 \SystemRoot\System32\drivers\watchdog.sys
0x01BEE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01BF7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0181E000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01827000 \SystemRoot\System32\Drivers\Msfs.SYS
0x017DB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0109A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x017EC000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0349A000 \SystemRoot\System32\Drivers\avgtdia.sys
0x034EB000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03530000 \SystemRoot\system32\drivers\afd.sys
0x035BA000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x035C3000 \SystemRoot\system32\DRIVERS\pacer.sys
0x035E9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03400000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0342C000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03447000 \SystemRoot\system32\DRIVERS\termdd.sys
0x04221000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04272000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0427E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04289000 \SystemRoot\System32\drivers\discache.sys
0x04298000 \SystemRoot\System32\Drivers\dfsc.sys
0x042B6000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x042C7000 \SystemRoot\System32\Drivers\avgmfx64.sys
0x042CF000 \SystemRoot\System32\Drivers\avgldx64.sys
0x04316000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0433C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04352000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0441D000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04C48000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04D3C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04D82000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04D8F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04DE5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04C00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04B1C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x0507E000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x057DD000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05000000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0501E000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x0502A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04B55000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x05039000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x0503B000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0504A000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0504F000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0505F000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04C24000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x057EA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04B9E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04BCD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0435B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04400000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x057F6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0437C000 \SystemRoot\system32\DRIVERS\ks.sys
0x04BE8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05AC8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05B22000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05B37000 \SystemRoot\system32\drivers\CHDRT64.sys
0x05A00000 \SystemRoot\system32\drivers\portcls.sys
0x05A3D000 \SystemRoot\system32\drivers\drmk.sys
0x05A5F000 \SystemRoot\system32\drivers\ksthunk.sys
0x05A65000 \SystemRoot\system32\DRIVERS\CAXHWAZL.sys
0x07C2C000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x07E63000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x07F2E000 \SystemRoot\system32\drivers\modem.sys
0x07F3D000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x00000000 \SystemRoot\System32\win32k.sys
0x07F72000 \SystemRoot\System32\drivers\Dxapi.sys
0x07F7E000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x07F9B000 \SystemRoot\System32\Drivers\usbvideo.sys
0x07FC9000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x07FD7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x07FF0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x07E00000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x07E0E000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00480000 \SystemRoot\System32\TSDDD.dll
0x007D0000 \SystemRoot\System32\cdd.dll
0x07E1C000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x07E37000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00850000 \SystemRoot\System32\ATMFD.DLL
0x07DA0000 \SystemRoot\system32\drivers\luafv.sys
0x07DC3000 \SystemRoot\system32\drivers\WudfPf.sys
0x07E44000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02E6C000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02EBF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02ED2000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02EEA000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x02EF4000 \SystemRoot\system32\drivers\HTTP.sys
0x02FBC000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02FDA000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02E00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03C89000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03CD7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x03CFA000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x03CFF000 \SystemRoot\system32\drivers\peauth.sys
0x03DA5000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03DB0000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x03DDD000 \SystemRoot\System32\drivers\tcpipreg.sys
0x03DEF000 \SystemRoot\system32\DRIVERS\XAudio64.sys
0x03C00000 \SystemRoot\System32\DRIVERS\srv2.sys
0x078CC000 \SystemRoot\System32\DRIVERS\srv.sys
0x07962000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x07993000 \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
0x77490000 \Windows\System32\ntdll.dll
0x48070000 \Windows\System32\smss.exe
0xFF7B0000 \Windows\System32\apisetschema.dll
0xFFB60000 \Windows\System32\autochk.exe

Processes (total 63):
0 System Idle Process
4 System
304 C:\Windows\System32\smss.exe
392 csrss.exe
456 C:\Windows\System32\wininit.exe
472 C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
480 csrss.exe
488 C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
552 C:\Windows\System32\services.exe
568 C:\Windows\System32\lsass.exe
576 C:\Windows\System32\lsm.exe
608 C:\Windows\System32\winlogon.exe
664 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
836 C:\Windows\System32\svchost.exe
484 C:\Windows\System32\svchost.exe
1076 C:\Windows\System32\svchost.exe
1108 C:\Windows\System32\svchost.exe
1140 C:\Windows\System32\svchost.exe
1300 C:\Windows\System32\svchost.exe
1384 C:\Windows\System32\svchost.exe
1584 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1700 C:\Windows\System32\spoolsv.exe
1728 C:\Windows\System32\svchost.exe
1816 C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
1924 C:\Windows\System32\svchost.exe
1952 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2032 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
1264 C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
1884 C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
1172 C:\Windows\System32\svchost.exe
2180 C:\Program Files (x86)\AVG\AVG9\avgemc.exe
2228 C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
2620 C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
2680 unsecapp.exe
2792 WmiPrvSE.exe
3020 C:\Windows\System32\taskhost.exe
2292 C:\Windows\System32\dwm.exe
2324 C:\Windows\explorer.exe
3504 C:\Windows\System32\svchost.exe
3556 C:\Program Files\Java\jre6\bin\jusched.exe
3584 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3600 C:\Program Files (x86)\POP Peeper\POPPeeper.exe
3748 WUDFHost.exe
3768 C:\Program Files (x86)\AVG\AVG9\avgtray.exe
3784 C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
3952 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3968 C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
4000 C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
3900 C:\Windows\System32\SearchIndexer.exe
3936 C:\Program Files\Windows Media Player\wmpnetwk.exe
1420 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
4144 C:\Windows\System32\svchost.exe
3756 C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
4284 C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
2988 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
3472 C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
3764 C:\Program Files (x86)\AVG\AVG9\avgscana.exe
4356 C:\Windows\System32\conhost.exe
4532 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
1636 C:\Program Files (x86)\AVG\AVG9\avgui.exe
4596 C:\Users\LA\Desktop\MBRCheck.exe
2732 C:\Windows\System32\conhost.exe
4652 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543232L9A300, Rev: FB4OC40J

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: YES
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!

And now, a new log please.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000001fc

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 081931698ABD9DABC19782A342939160804017BE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Did you ever have any recovery discs that came along with your computer?

can belazur elp me - dont want to lose data

This has nothing to do with who can help you, without a recovery or install disc, we are very limited.

Your Master Boot Record is severely infected. We need to fully disinfect it, or else this malware will never go away.

I don't want you to reformat/reinstall. We just need to do a data-safe recovery method that fixes the Master Boot Record.

Otherwise: your system will be continuously infected.

Reboot your computer, and at the boot screen, press F8 until you get a menu showing "Safe Mode, Safe Mode with Networking, etc."

Please tell me if you see an option called "Repair Your Computer."

Yes, there seems to be a Repair your computer option.
And I can find disc 1 and 2 of recovery discs that I made but there is a third missing (should I be looking for that one? ). I'm not even sure if recovery discs and bootable discs are the same thing?

When booting, select the Repair your computer option.

Then, select Command Prompt.

Type in bootrec.exe /FixMbr and press Enter.

Once done, type in exit and it should reboot your computer.

When you have finished that, please post a new MBRCheck log.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G60 Notebook PC
Logical Drives Mask: 0x000003fc

Kernel Drivers (total 236):
0x0341B000 \SystemRoot\system32\ntoskrnl.exe
0x039F7000 \SystemRoot\system32\hal.dll
0x00BBD000 \SystemRoot\system32\kdcom.dll
0x00CB3000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CF7000 \SystemRoot\system32\PSHED.dll
0x00D0B000 \SystemRoot\system32\CLFS.SYS
0x00EA2000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F62000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F71000 \SystemRoot\system32\drivers\fltmgr.sys
0x00E00000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E57000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E60000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E6A000 \SystemRoot\system32\DRIVERS\pci.sys
0x00FBD000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00FCA000 \SystemRoot\system32\DRIVERS\isapnp.sys
0x00FD3000 \SystemRoot\system32\DRIVERS\mpio.sys
0x00D69000 \SystemRoot\System32\drivers\partmgr.sys
0x00D7E000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00D87000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00D93000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x010CA000 \SystemRoot\System32\drivers\volmgrx.sys
0x01126000 \SystemRoot\system32\DRIVERS\intelide.sys
0x0112E000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x0113E000 \SystemRoot\system32\DRIVERS\aliide.sys
0x01145000 \SystemRoot\system32\DRIVERS\amdide.sys
0x0114C000 \SystemRoot\system32\DRIVERS\cmdide.sys
0x01154000 \SystemRoot\System32\drivers\mountmgr.sys
0x0116E000 \SystemRoot\system32\DRIVERS\msdsm.sys
0x01194000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x011BD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x011ED000 \SystemRoot\system32\drivers\pavboot64.sys
0x011F8000 \SystemRoot\system32\DRIVERS\pciide.sys
0x01000000 \SystemRoot\system32\DRIVERS\viaide.sys
0x01265000 \SystemRoot\system32\DRIVERS\iaStorV.sys
0x01383000 \SystemRoot\system32\DRIVERS\atapi.sys
0x0138C000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x013B6000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x01200000 \SystemRoot\system32\DRIVERS\storport.sys
0x013D3000 \SystemRoot\system32\DRIVERS\msahci.sys
0x013DE000 \SystemRoot\system32\DRIVERS\HpSAMD.sys
0x01008000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x00DA8000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x01083000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x014AC000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x014CA000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x01511000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x0151C000 \SystemRoot\system32\DRIVERS\arc.sys
0x01535000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x01550000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x015D7000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x01400000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x0141F000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x01432000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x01451000 \SystemRoot\system32\DRIVERS\megasas.sys
0x0167F000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x01723000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x01733000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x0181B000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x0175E000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x019BF000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x019CD000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x019E5000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x017BD000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x01800000 \SystemRoot\system32\drivers\fileinfo.sys
0x01600000 \SystemRoot\system32\drivers\PCTCore64.sys
0x01638000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01A33000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01C83000 \SystemRoot\System32\Drivers\msrpc.sys
0x01CE1000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01CFB000 \SystemRoot\System32\Drivers\cng.sys
0x01D6E000 \SystemRoot\System32\drivers\pcw.sys
0x01D7F000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01EE9000 \SystemRoot\system32\drivers\ndis.sys
0x01E00000 \SystemRoot\system32\drivers\NETIO.SYS
0x01E60000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x02001000 \SystemRoot\System32\drivers\tcpip.sys
0x01E8B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01ED5000 \SystemRoot\system32\DRIVERS\wd.sys
0x01D89000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01EDD000 \SystemRoot\System32\Drivers\spldr.sys
0x01FDB000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x01C00000 \SystemRoot\System32\drivers\rdyboost.sys
0x01C3A000 \SystemRoot\System32\Drivers\mup.sys
0x01C4C000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0145D000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01C55000 \SystemRoot\system32\DRIVERS\disk.sys
0x01DD5000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01C6B000 \SystemRoot\System32\Drivers\Null.SYS
0x01FF8000 \SystemRoot\System32\Drivers\Beep.SYS
0x01C74000 \SystemRoot\System32\drivers\vga.sys
0x01BD6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01A00000 \SystemRoot\System32\drivers\watchdog.sys
0x01A10000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01A19000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01A22000 \SystemRoot\system32\drivers\rdprefmp.sys
0x019EF000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0164D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0165E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x017E7000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03472000 \SystemRoot\System32\Drivers\avgtdia.sys
0x034C3000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03508000 \SystemRoot\system32\drivers\afd.sys
0x03592000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0359B000 \SystemRoot\system32\DRIVERS\pacer.sys
0x035C1000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x035D7000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0341D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03438000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0423A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0428B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x04297000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x042A2000 \SystemRoot\System32\drivers\discache.sys
0x042B1000 \SystemRoot\System32\Drivers\dfsc.sys
0x042CF000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x042E0000 \SystemRoot\System32\Drivers\avgmfx64.sys
0x042E8000 \SystemRoot\System32\Drivers\avgldx64.sys
0x0432F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04355000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0436B000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x044A3000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04C91000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04D85000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04DCB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04C00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04C56000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04C67000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04BA2000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x05051000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x057B0000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x057BD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x057DB000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x057E7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05000000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x05049000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04DD8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0504B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04DE7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x04BDB000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04400000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04424000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04430000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0445F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0447A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04374000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x057F6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0438E000 \SystemRoot\system32\DRIVERS\ks.sys
0x043D1000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05A64000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05ABE000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05AD3000 \SystemRoot\system32\drivers\CHDRT64.sys
0x05B7F000 \SystemRoot\system32\drivers\portcls.sys
0x05BBC000 \SystemRoot\system32\drivers\drmk.sys
0x05BDE000 \SystemRoot\system32\drivers\ksthunk.sys
0x05A00000 \SystemRoot\system32\DRIVERS\CAXHWAZL.sys
0x07C4F000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x07EAF000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x07F7A000 \SystemRoot\system32\drivers\modem.sys
0x07F89000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x07FB0000 \SystemRoot\System32\drivers\Dxapi.sys
0x07FCA000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x07E00000 \SystemRoot\System32\Drivers\usbvideo.sys
0x07E2E000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x07E49000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x07E57000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x07E70000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x07E79000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x07E87000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x07E94000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004C0000 \SystemRoot\System32\TSDDD.dll
0x00620000 \SystemRoot\System32\cdd.dll
0x00950000 \SystemRoot\System32\ATMFD.DLL
0x07DC3000 \SystemRoot\system32\drivers\luafv.sys
0x07C00000 \SystemRoot\system32\drivers\WudfPf.sys
0x07FE7000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02E6D000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02EC0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02ED3000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02EEB000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x02EF5000 \SystemRoot\system32\drivers\HTTP.sys
0x02FBD000 \SystemRoot\System32\Drivers\fastfat.SYS
0x02E00000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02E1E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02E36000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0324B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03299000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x032BC000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x032C1000 \SystemRoot\system32\drivers\peauth.sys
0x03367000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03372000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0339F000 \SystemRoot\System32\drivers\tcpipreg.sys
0x033B1000 \SystemRoot\system32\DRIVERS\XAudio64.sys
0x04E49000 \SystemRoot\System32\DRIVERS\srv2.sys
0x04EB1000 \SystemRoot\System32\DRIVERS\srv.sys
0x04F47000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x76FC0000 \Windows\System32\ntdll.dll
0x48530000 \Windows\System32\smss.exe
0xFF2E0000 \Windows\System32\apisetschema.dll
0xFF650000 \Windows\System32\autochk.exe
0x76EA0000 \Windows\System32\kernel32.dll
0xFF150000 \Windows\System32\urlmon.dll
0xFF070000 \Windows\System32\oleaut32.dll
0xFF020000 \Windows\System32\Wldap32.dll
0x76DA0000 \Windows\System32\user32.dll
0x77190000 \Windows\System32\normaliz.dll
0xFEEF0000 \Windows\System32\wininet.dll
0xFEED0000 \Windows\System32\sechost.dll
0xFEEB0000 \Windows\System32\imagehlp.dll
0xFEDE0000 \Windows\System32\usp10.dll
0xFED60000 \Windows\System32\shlwapi.dll
0x77180000 \Windows\System32\psapi.dll
0xFED10000 \Windows\System32\ws2_32.dll
0xFEC00000 \Windows\System32\msctf.dll
0xFEBF0000 \Windows\System32\lpk.dll
0xFEB10000 \Windows\System32\advapi32.dll
0xFEA70000 \Windows\System32\msvcrt.dll
0xFEA60000 \Windows\System32\nsi.dll
0xFE9C0000 \Windows\System32\clbcatq.dll
0xFE760000 \Windows\System32\iertutil.dll
0xFE6F0000 \Windows\System32\gdi32.dll
0xFE5C0000 \Windows\System32\rpcrt4.dll
0xFE590000 \Windows\System32\imm32.dll
0xFE380000 \Windows\System32\ole32.dll
0xFE1A0000 \Windows\System32\setupapi.dll
0xFD410000 \Windows\System32\shell32.dll
0xFD390000 \Windows\System32\difxapi.dll
0xFD2F0000 \Windows\System32\comdlg32.dll
0xFD250000 \Windows\System32\comctl32.dll
0xFD0E0000 \Windows\System32\crypt32.dll
0xFD0A0000 \Windows\System32\cfgmgr32.dll
0xFD080000 \Windows\System32\devobj.dll
0xFD040000 \Windows\System32\wintrust.dll
0xFCFD0000 \Windows\System32\KernelBase.dll
0xFCFC0000 \Windows\System32\msasn1.dll
0x75FA0000 \Windows\SysWOW64\normaliz.dll

Processes (total 59):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
400 csrss.exe
484 C:\Windows\System32\wininit.exe
492 csrss.exe
504 C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
512 C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
592 C:\Windows\System32\services.exe
612 C:\Windows\System32\winlogon.exe
628 C:\Windows\System32\lsass.exe
636 C:\Windows\System32\lsm.exe
704 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
800 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\svchost.exe
1012 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\svchost.exe
1152 C:\Windows\System32\svchost.exe
1292 C:\Windows\System32\svchost.exe
1392 C:\Windows\System32\svchost.exe
1512 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1676 C:\Windows\System32\spoolsv.exe
1712 C:\Windows\System32\svchost.exe
1840 C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
1936 C:\Windows\System32\svchost.exe
1984 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
1260 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
1412 C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
1888 C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
2052 C:\Windows\System32\svchost.exe
2340 C:\Program Files (x86)\AVG\AVG9\avgemc.exe
2396 C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
2480 unsecapp.exe
2540 WmiPrvSE.exe
2676 C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
3048 C:\Windows\System32\taskhost.exe
2148 C:\Windows\System32\dwm.exe
1192 C:\Windows\explorer.exe
2120 C:\Program Files\Java\jre6\bin\jusched.exe
2476 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2620 C:\Program Files (x86)\POP Peeper\POPPeeper.exe
3204 C:\Program Files (x86)\AVG\AVG9\avgtray.exe
3244 C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
3260 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3300 C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
3316 C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
3916 C:\Windows\System32\SearchIndexer.exe
4052 C:\Windows\System32\svchost.exe
2468 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
3980 WUDFHost.exe
3752 C:\Program Files\Windows Media Player\wmpnetwk.exe
1216 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1500 C:\Windows\System32\svchost.exe
4420 C:\Windows\System32\SearchProtocolHost.exe
1664 C:\Windows\System32\SearchFilterHost.exe
1420 C:\Program Files (x86)\Real\RealPlayer\realplay.exe
4120 C:\Users\LA\Desktop\MBRCheck.exe
4528 C:\Windows\System32\conhost.exe
4488 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`66b00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543232L9A300, Rev: FB4OC40J

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

Yay!

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic

Sorry for the delay, I ran the scan and everything came out clean. I think we got it!!:-) So can probably close off.

Thanks for all your expert help!

Hiya! Your logs appear to be clean. If there are no more issues, then we shall clean up!

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

• Select Start > All Programs > Accessories > System tools > System Restore.
  
• On the dialogue box that appears select Create a Restore Point
  
• Click NEXT
  
• Enter a name e.g. Clean
  
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  
• In the Drop down box that appears select your main drive e.g. C
  
• Click OK
  
• The System will do some calculation and the display a dialogue box with TABS
  
• Select the More Options Tab.
  
• At the bottom will be a system restore box with a CLEANUP button click this
  
• Accept the Warning and select OK again, the program will close and you are done

Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

• Save it to your Desktop.
  
• Double click OTC.exe.
  
• Click the CleanUp! button.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Tell me in your next reply, if you have completed these tasks:

• Cleaned System Restore
  
• Ran OTC
  
• Ran TFC
  
• Ran Security Check

Also, let me know how your computer is running, and don't forget to post the contents of the Security Check log.

Still with us?

Hi,

I am very sorry. Had a problem getting back onto this site. I did all of the above. So here is the log

Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG Free 9.0
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
AVG9 successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
CCleaner
Eusing Free Registry Cleaner
Auslogics Registry Cleaner
Java(TM) 6 Update 22
Java(TM) 6 Update 16
Java(TM) 6 Update 17
Out of date Java installed!
Adobe Flash Player 10.1.82.76
Adobe Reader 9.3
Adobe Reader 9.1 MUI
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgemc.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Firewall

• Tallemu Online Armor: the free version is just as good as the premium. I have linked you to the free version.
  
• Comodo Firewall: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  
• PC Tools Firewall Plus: free and excellent firewall.

AntiSpyware

• SpywareBlaster
  SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  
• Spybot - Search & Destroy.
  Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
  

NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Securing your computer

• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
  

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:

• Firefox may be downloaded from here: http://www.getfirefox.com
  
• Opera is available here: http://www.opera.com/download/
  

See this page for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see this page if you would like to leave feedback or contribute to our site. Do you have any more questions?

Thanks very much. I do have windows firewall so do I need to also put on another firewall? If I use a different firewall should I then turn off windows firewall?

Also am having a small problem and ran all anti-spyware and only gmer found a problem which I am posting below. Is it a problem and if so how do I fix it?

GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-25 12:38:23
Windows 6.1.7600
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7B1BDBB9-CA66-4A0A-BAF2-CAC9E292D1DB}@LeaseObtainedTime 1288027595
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7B1BDBB9-CA66-4A0A-BAF2-CAC9E292D1DB}@T1 1288027649
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7B1BDBB9-CA66-4A0A-BAF2-CAC9E292D1DB}@T2 1288027694
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7B1BDBB9-CA66-4A0A-BAF2-CAC9E292D1DB}@LeaseTerminatesTime 1288027715

---- EOF - GMER 1.0.15 ----

thanks

That is no problem. Looks safe.

Not everything GMER finds (luckily) is bad.

Also, choosing a different firewall from the list will be better, because Windows Firewall is a bit lacking, it seems. A third party firewall will be stronger.