Machine will not boot after attempting to remove malware
#16
Posted 14 December 2010 - 10:33 PM
#17
Posted 14 December 2010 - 10:39 PM
#18
Posted 14 December 2010 - 10:41 PM
#19
Posted 14 December 2010 - 10:55 PM
Yes I have a windows xp sp3 installation disk, I tried to use the recovery console yesteday and it kept saying it could nof find the HDD and could not continue
Could you try it again please. If recovery console would not be available then we may have to look for other options.
Next
Please download MBRCheck.exe to your Desktop. Run the application.
If no infection is found, it will produce a report on the desktop. Post that report in your next reply.
If an infection is found, you will be presented with the following dialog:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.
Edited by Salagubang, 14 December 2010 - 10:57 PM.
#20
Posted 14 December 2010 - 11:00 PM
#21
Posted 14 December 2010 - 11:02 PM
if i am able to use recovery console which command am i going to try
fixmbr
#22
Posted 14 December 2010 - 11:07 PM
© 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 140):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7A87000 \WINDOWS\system32\KDCOM.DLL
0xF7997000 \WINDOWS\system32\BOOTVID.dll
0xF7458000 ACPI.sys
0xF7A89000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7447000 pci.sys
0xF7587000 isapnp.sys
0xF7597000 ohci1394.sys
0xF75A7000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF799B000 compbatt.sys
0xF799F000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7B4F000 pciide.sys
0xF7807000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7429000 pcmcia.sys
0xF75B7000 MountMgr.sys
0xF740A000 ftdisk.sys
0xF7A8B000 dmload.sys
0xF73E4000 dmio.sys
0xF780F000 PartMgr.sys
0xF79A3000 ACPIEC.sys
0xF7B50000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF75C7000 VolSnap.sys
0xF732D000 iaStor.sys
0xF7315000 atapi.sys
0xF7817000 cercsr6.sys
0xF72FD000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF75D7000 disk.sys
0xF75E7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF72DD000 fltmgr.sys
0xF72CB000 sr.sys
0xF72B4000 KSecDD.sys
0xF7227000 Ntfs.sys
0xF71FA000 NDIS.sys
0xF71E0000 Mup.sys
0xF77C7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF5CD1000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xF5CBD000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF5C95000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF5A72000 \SystemRoot\system32\DRIVERS\NETw4x32.sys
0xF78D7000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF5A4E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF78DF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF77D7000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF77E7000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xF5A3A000 \SystemRoot\system32\DRIVERS\parport.sys
0xF77F7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF78E7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF78EF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7637000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7617000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7627000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF5A17000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7A6B000 \SystemRoot\system32\DRIVERS\cpqbttn.sys
0xF7647000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF78F7000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7A83000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF71BC000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF58D2000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xF7C11000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7657000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF6CE7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF58BB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7667000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7677000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF78FF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF58AA000 \SystemRoot\system32\DRIVERS\psched.sys
0xF62F7000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7907000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF790F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF587A000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF62E7000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7AC3000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF581C000 \SystemRoot\system32\DRIVERS\update.sys
0xF6CCB000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7167000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF16C4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAA777000 \SystemRoot\system32\drivers\ADIHdAud.sys
0xAA753000 \SystemRoot\system32\drivers\portcls.sys
0xF16A4000 \SystemRoot\system32\drivers\drmk.sys
0xAA73B000 \SystemRoot\system32\drivers\AEAudio.sys
0xAA615000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0xF7AF9000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF29B9000 \SystemRoot\System32\Drivers\Modem.SYS
0xF1694000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xAA595000 \??\C:\Program Files\Symantec AntiVirus\savrt.sys
0xAA573000 \??\C:\Program Files\Symantec\SYMEVENT.SYS
0xAA55F000 \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys
0xF1684000 \SystemRoot\System32\Drivers\btwusb.sys
0xF2991000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xA9DEE000 \SystemRoot\system32\DRIVERS\btport.sys
0xF7B2D000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xA8101000 \SystemRoot\system32\DRIVERS\btwdndis.sys
0xF7C09000 \SystemRoot\System32\Drivers\Null.SYS
0xF7B35000 \SystemRoot\System32\Drivers\Beep.SYS
0xA809E000 \SystemRoot\system32\drivers\btaudio.sys
0xF7967000 \SystemRoot\System32\drivers\vga.sys
0xF7B47000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7B49000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7847000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7867000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7A7F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA806B000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA8012000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA7FEC000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA7FB1000 \SystemRoot\System32\Drivers\SYMTDI.SYS
0xF5636000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xA7F89000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF46DC000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xA7F67000 \SystemRoot\System32\drivers\afd.sys
0xA9654000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA7F3C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA7ECC000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF5616000 \SystemRoot\System32\Drivers\Fips.SYS
0xA7E6E000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0xA7E51000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0xA4D62000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA4CAB000 \SystemRoot\System32\Drivers\dump_iastor.sys
0xBF800000 \SystemRoot\System32\win32k.sys
0xA569B000 \SystemRoot\System32\drivers\Dxapi.sys
0xF787F000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BDB000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04F000 \SystemRoot\System32\igxpdv32.DLL
0xBF1E7000 \SystemRoot\System32\igxpdx32.DLL
0xF71AC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA4C2E000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA53BE000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF7C48000 \SystemRoot\System32\Drivers\LBeepKE.sys
0xA4B5E000 \SystemRoot\system32\DRIVERS\srv.sys
0xA46E9000 \SystemRoot\system32\drivers\wdmaud.sys
0xA4AAE000 \SystemRoot\system32\drivers\sysaudio.sys
0xA4067000 \SystemRoot\System32\Drivers\HTTP.sys
0xA3FEF000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA3424000 \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20101128.002\navex15.sys
0xA3410000 \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20101128.002\naveng.sys
0xA2E6D000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll
Processes (total 60):
0 System Idle Process
4 System
952 C:\WINDOWS\system32\smss.exe
1000 csrss.exe
1028 C:\WINDOWS\system32\winlogon.exe
1072 C:\WINDOWS\system32\services.exe
1084 C:\WINDOWS\system32\lsass.exe
1248 C:\WINDOWS\system32\svchost.exe
1308 svchost.exe
1556 C:\WINDOWS\system32\svchost.exe
1732 svchost.exe
1892 svchost.exe
284 C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
324 C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
968 C:\WINDOWS\system32\spoolsv.exe
1600 svchost.exe
1644 C:\Program Files\LSI SoftModem\agrsmsvc.exe
1656 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
1700 C:\Program Files\Symantec AntiVirus\DefWatch.exe
2044 C:\WINDOWS\system32\svchost.exe
176 C:\WINDOWS\system32\svchost.exe
200 C:\Program Files\Java\jre6\bin\jqs.exe
252 C:\WINDOWS\system32\svchost.exe
1460 C:\WINDOWS\system32\svchost.exe
1768 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
628 C:\WINDOWS\system32\svchost.exe
644 C:\Program Files\Symantec AntiVirus\Rtvscan.exe
696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
436 C:\WINDOWS\system32\wuauclt.exe
1500 alg.exe
2560 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2608 C:\WINDOWS\explorer.exe
2936 C:\Program Files\Analog Devices\Core\smax4pnp.exe
2944 C:\WINDOWS\system32\igfxtray.exe
2960 C:\WINDOWS\system32\hkcmd.exe
2968 C:\WINDOWS\system32\igfxpers.exe
3104 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
3112 C:\WINDOWS\system32\igfxsrvc.exe
3120 C:\PROGRA~1\SYMANT~1\VPTray.exe
3140 C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
3236 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
3264 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3284 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
3404 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
472 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
2052 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
1128 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
2532 C:\Program Files\Logitech\SetPoint\SetPoint.exe
2992 C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
2220 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
3776 C:\WINDOWS\system32\ctfmon.exe
2288 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
3752 C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
2308 C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
3328 C:\Program Files\Internet Explorer\iexplore.exe
2660 C:\Program Files\Internet Explorer\iexplore.exe
2104 C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
2624 C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
2672 C:\Program Files\Internet Explorer\iexplore.exe
2448 C:\Documents and Settings\Reeves\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
PhysicalDrive0 Model Number: HitachiHTS541612J9SA00, Rev: SBDOC7BP
Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 3DD27C7EE9B2D8B2CB511843C79460E5DB3CA995
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Done!
#23
Posted 14 December 2010 - 11:14 PM
#24
Posted 14 December 2010 - 11:29 PM
#25
Posted 14 December 2010 - 11:33 PM
#26
Posted 14 December 2010 - 11:43 PM
disable SATA Native mode
#27
Posted 14 December 2010 - 11:44 PM
Typically 0x0000007e is caused by damaged registry and invalid (orphaned) registry keys gathered in the system, a system service or device driver , a virus, BIOS incompatible with Windows, incompatible drivers or third-party remote control program.
any ideas on how to fix this, then maybe I can run the recovery console and we can finally be done with this one
#28
Posted 14 December 2010 - 11:52 PM
#29
Posted 14 December 2010 - 11:56 PM
#30
Posted 15 December 2010 - 12:01 AM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users