Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan agent 2 and generic 19


  • This topic is locked This topic is locked

#31
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jasonmflatt,

Why did you run OTL scan in Safe mode? Is there any reason? Can you start windows in normal mode?

Please download MBRCheck.exe to your desktop.

  • Double click to run it
  • It will prompt you with some text
  • A text file will be generated on your desktop
  • Now paste that text here for me.

  • 0

Advertisements


#32
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
it wouldnt let me run in normal mode
  • 0

#33
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 1 (build 6001), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1545
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 133):
0x0204A000 \SystemRoot\system32\ntoskrnl.exe
0x02004000 \SystemRoot\system32\hal.dll
0x00609000 \SystemRoot\system32\kdcom.dll
0x00613000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00640000 \SystemRoot\system32\PSHED.dll
0x00654000 \SystemRoot\system32\CLFS.SYS
0x006B1000 \SystemRoot\system32\CI.dll
0x0080E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008E8000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008F6000 \SystemRoot\system32\drivers\acpi.sys
0x0094C000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00955000 \SystemRoot\system32\drivers\msisadrv.sys
0x0095F000 \SystemRoot\system32\drivers\pci.sys
0x0098F000 \SystemRoot\System32\drivers\partmgr.sys
0x009A4000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x009A8000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x009B4000 \SystemRoot\system32\drivers\volmgr.sys
0x00763000 \SystemRoot\System32\drivers\volmgrx.sys
0x009C8000 \SystemRoot\System32\drivers\mountmgr.sys
0x00A0B000 \SystemRoot\system32\drivers\iastor.sys
0x00B1B000 \SystemRoot\system32\drivers\fltmgr.sys
0x00B61000 \SystemRoot\system32\drivers\fileinfo.sys
0x00B75000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x00C0B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E09000 \SystemRoot\system32\drivers\ndis.sys
0x00C92000 \SystemRoot\system32\drivers\msrpc.sys
0x00CE2000 \SystemRoot\system32\drivers\NETIO.SYS
0x0100B000 \SystemRoot\System32\drivers\tcpip.sys
0x0117F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01207000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0138B000 \SystemRoot\system32\drivers\volsnap.sys
0x013CF000 \SystemRoot\System32\Drivers\spldr.sys
0x013D7000 \SystemRoot\System32\Drivers\mup.sys
0x011AB000 \SystemRoot\System32\drivers\ecache.sys
0x013E9000 \SystemRoot\system32\drivers\disk.sys
0x00FCC000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x011D7000 \SystemRoot\system32\drivers\crcdisk.sys
0x02317000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02324000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x0232D000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0233E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x02384000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x02404000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x0257C000 \SystemRoot\system32\DRIVERS\yk60x64.sys
0x025E1000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x02397000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x023CC000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x023D8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x025F7000 \SystemRoot\SysWOW64\drivers\Afc.sys
0x00D3A000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x023E6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x023F3000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x011EF000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x00D56000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x00D69000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x00DA1000 \SystemRoot\system32\DRIVERS\storport.sys
0x00B81000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x00B8E000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x00BB1000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x00BBD000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x00BEE000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x009DB000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x007C9000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x007E1000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02400000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0260A000 \SystemRoot\system32\DRIVERS\ks.sys
0x0263E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02649000 \SystemRoot\system32\DRIVERS\umbus.sys
0x02659000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x026A1000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x026B5000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x0272D000 \SystemRoot\system32\DRIVERS\portcls.sys
0x02768000 \SystemRoot\system32\DRIVERS\drmk.sys
0x0278B000 \SystemRoot\system32\drivers\ksthunk.sys
0x02791000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x0279B000 \SystemRoot\System32\Drivers\Null.SYS
0x027A4000 \SystemRoot\System32\drivers\vga.sys
0x027B2000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x027D7000 \SystemRoot\System32\drivers\watchdog.sys
0x027E6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x027EF000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01000000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02C01000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02C12000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x02C1B000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02C38000 \SystemRoot\system32\DRIVERS\smb.sys
0x02C53000 \SystemRoot\System32\Drivers\avgtdia.sys
0x02CA4000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02CE8000 \SystemRoot\system32\drivers\afd.sys
0x02D55000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02D73000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02D82000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02D9D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02DEB000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02E0E000 \SystemRoot\System32\Drivers\dfsc.sys
0x02E2B000 \SystemRoot\system32\drivers\RTSTOR64.SYS
0x02E40000 \SystemRoot\system32\drivers\USBD.SYS
0x02E42000 \SystemRoot\System32\Drivers\avgmfx64.sys
0x02E4A000 \SystemRoot\System32\Drivers\avgldx64.sys
0x02E91000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x02EA6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02EC2000 \SystemRoot\system32\DRIVERS\OA009Vid.sys
0x02F0E000 \SystemRoot\system32\DRIVERS\OA009Ufd.sys
0x02F38000 \SystemRoot\System32\Drivers\fastfat.SYS
0x02F6D000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x02F89000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02200000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x00040000 \SystemRoot\System32\win32k.sys
0x02F97000 \SystemRoot\System32\drivers\Dxapi.sys
0x00490000 \SystemRoot\System32\drivers\dxg.sys
0x00620000 \SystemRoot\System32\TSDDD.dll
0x00870000 \SystemRoot\System32\framebuf.dll
0x02FA3000 \SystemRoot\system32\drivers\luafv.sys
0x03E09000 \SystemRoot\system32\drivers\spsys.sys
0x03F1A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03F2E000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03F62000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03F6D000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0440E000 \SystemRoot\system32\drivers\HTTP.sys
0x044AD000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x044D5000 \SystemRoot\system32\DRIVERS\bowser.sys
0x044F3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0450D000 \SystemRoot\system32\drivers\mrxdav.sys
0x04534000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0455D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x045A6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x045C5000 \SystemRoot\System32\DRIVERS\srv2.sys
0x04807000 \SystemRoot\System32\DRIVERS\srv.sys
0x0489E000 \SystemRoot\system32\drivers\peauth.sys
0x04954000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0495F000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0496E000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x77810000 \Windows\System32\ntdll.dll

Processes (total 85):
0 System Idle Process
4 System
424 C:\Windows\System32\smss.exe
492 csrss.exe
528 C:\Windows\System32\wininit.exe
548 csrss.exe
556 C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
564 C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
604 C:\Windows\System32\services.exe
616 C:\Windows\System32\lsass.exe
624 C:\Windows\System32\lsm.exe
676 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
768 C:\Windows\System32\winlogon.exe
920 C:\Windows\System32\svchost.exe
300 C:\Windows\System32\svchost.exe
552 C:\Windows\System32\svchost.exe
988 C:\Windows\System32\svchost.exe
464 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\stacsv64.exe
1184 C:\Windows\System32\audiodg.exe
1268 C:\Windows\System32\SLsvc.exe
1296 C:\Windows\System32\svchost.exe
1364 C:\Program Files\Dell\DellDock\DockLogin.exe
1448 C:\Windows\System32\svchost.exe
1564 C:\Windows\System32\WLTRYSVC.EXE
1576 C:\Windows\System32\BCMWLTRY.EXE
1596 C:\Windows\System32\wlanext.exe
1716 C:\Windows\System32\spoolsv.exe
1740 C:\Windows\System32\svchost.exe
1976 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
2004 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe
2032 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
252 C:\Windows\SysWOW64\atashost.exe
1396 C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
1436 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2052 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2180 C:\Windows\System32\svchost.exe
2220 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2292 C:\Windows\System32\svchost.exe
2384 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
2456 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
2520 C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
2612 C:\Windows\System32\svchost.exe
2672 C:\Windows\System32\SearchIndexer.exe
2708 C:\Windows\System32\rundll32.exe
2764 C:\Program Files (x86)\AVG\AVG9\avgemc.exe
2860 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2952 C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
3136 drvinst.exe
3156 C:\Windows\System32\taskeng.exe
3500 C:\Windows\System32\taskeng.exe
3560 C:\Windows\System32\dwm.exe
3608 C:\Windows\explorer.exe
3968 C:\Program Files\DellTPad\Apoint.exe
3976 C:\Program Files\IDT\WDM\sttray64.exe
4008 C:\Windows\System32\WLTRAY.EXE
4016 C:\Program Files\Dell\QuickSet\quickset.exe
4032 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
4084 C:\Program Files\Windows Sidebar\sidebar.exe
3144 C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
3204 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
1104 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
852 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
1464 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3248 C:\Program Files\Dell\DellDock\DellDock.exe
1220 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
1304 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
2904 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
3276 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
3420 C:\Program Files (x86)\iTunes\iTunesHelper.exe
2288 C:\Program Files (x86)\AVG\AVG9\avgtray.exe
3356 C:\Program Files (x86)\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
2392 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
3032 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
2696 C:\Program Files\iPod\bin\iPodService.exe
2448 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
1100 WmiPrvSE.exe
872 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
4180 C:\Program Files\DellTPad\ApMsgFwd.exe
4500 C:\Program Files\DellTPad\hidfind.exe
4516 C:\Program Files\DellTPad\ApntEx.exe
5092 WmiPrvSE.exe
4816 <unknown>
2140 <unknown>
1208 D:\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`02800000 (NTFS)

PhysicalDrive0 Model Number: ST9320325AS, Rev: 0002DEM1

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Done!
  • 0

#34
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
whats next>?
  • 0

#35
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jasonmflatt,

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter
    .

  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the Licence agreement and click on next
  • It will by default install it to your desktop folder.Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


Leave the rest of the settings as they appear as default.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.


  • 0

#36
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
downloading to flash drive.. Ill post log when finished.. Thanks
  • 0

#37
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Autoscan: completed 11 minutes ago (events: 2, objects: 14403, time: 00:04:52)
10/4/2010 10:23:39 PM Task started
10/4/2010 10:28:31 PM Task completed
Autoscan: completed 1 minute ago (events: 2, objects: 11041, time: 00:04:53)
  • 0

#38
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jasonmflatt,

Do you have Windows Vista installation disk. Maybe we will need it to repair your system.
  • 0

#39
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
i dont think so
  • 0

#40
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
what should I do now?
  • 0

Advertisements


#41
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jasonmflatt,

OK then. We will create Vista repair disk from your system. You will need blank CD or DVD disk and CD/DVD burner device.

Step 1
Creating Recovery disk

  • Insert blank CD/DVD into CD/DVD burner ROM
  • Click Start -> All Programs -> Maintenance -> Create a System Repair Disc
  • Press Create disk
  • Please wait until burning process finish the disk


Step 2

System Repair

  • Insert System Repair Disk you have created
  • Now follow article to repair your system from this link

  • 0

#42
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
dont see anything that says create a system repair disk under maintenance
  • 0

#43
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
what should I do now
  • 0

#44
jasonmflatt

jasonmflatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
can somebody please assist me
  • 0

#45
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jasonmflatt,

Sorry for waiting. We had a little problems with link etc. Now we are back.

Step 1

OK then. We need to download it and burn it on disk.

Download Download Windows Vista 64-bit (x64) Recovery Disc
Unzip the recovery disc you downloaded
Use this article to burn image to disk

Step 2

System Repair

  • Insert System Repair Disk you have created
  • Now follow article to repair your system from this link

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP