Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

error msg: Disk Drive C unreadable HELP PLS :(

Started by love2teach956 , Oct 30 2011 09:28 PM

  • Please log in to reply

#31
love2teach956
Posted 22 November 2011 - 10:39 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8222

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

11/22/2011 8:31:22 PM
mbam-log-2011-11-22 (20-31-22).txt

Scan type: Quick scan
Objects scanned: 184772
Time elapsed: 1 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

here is OTL log:
OTL logfile created on: 11/22/2011 8:22:03 PM - Run 13
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ellery\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.83 Gb Available Physical Memory | 71.54% Memory free
7.92 Gb Paging File | 6.60 Gb Available in Paging File | 83.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 403.98 Gb Free Space | 89.56% Space Free | Partition Type: NTFS

Computer Name: ELLERY-PC | User Name: Ellery | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/08 19:12:46 | 000,584,192 | R--- | M] (OldTimer Tools) -- C:\Users\Ellery\Desktop\OTL.exe
PRC - [2011/09/06 09:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 09:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2009/10/15 01:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/09/11 10:07:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/06/24 18:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/24 14:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/04 17:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/17 02:39:20 | 002,295,296 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\6d859463c9e6a7423ddb335211a79dda\System.Core.ni.dll
MOD - [2011/10/17 02:39:16 | 000,997,888 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll
MOD - [2011/10/17 02:31:17 | 000,368,128 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll
MOD - [2011/10/17 02:31:08 | 001,840,640 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7fb80e48899821b64471f8e7ac2d08b7\System.Web.Services.ni.dll
MOD - [2011/10/17 02:30:47 | 014,322,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll
MOD - [2011/10/17 02:30:32 | 012,431,360 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011/10/17 02:30:25 | 001,586,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011/10/17 02:30:22 | 012,216,320 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll
MOD - [2011/10/17 02:30:11 | 003,325,952 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011/10/17 02:30:05 | 005,452,800 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011/10/17 02:30:02 | 000,971,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011/10/17 02:30:01 | 007,949,312 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011/10/17 02:29:52 | 011,490,304 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/10/15 01:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/09/11 10:08:00 | 000,268,016 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/09/11 10:08:00 | 000,140,528 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/09/11 10:08:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/09/11 10:07:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/09/11 10:05:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/08/21 08:57:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [1996/11/17 00:00:00 | 000,022,016 | -H-- | M] () -- C:\Windows\SysWOW64\DOCOBJ.DLL
MOD - [1996/11/17 00:00:00 | 000,012,288 | -H-- | M] () -- C:\Windows\SysWOW64\HLINKPRX.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/16 17:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/06/28 20:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/14 18:51:20 | 000,051,712 | -H-- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/16 17:06:20 | 000,022,520 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 17:06:18 | 002,769,400 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 01:00:00 | 000,055,280 | -H-- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/28 20:44:38 | 000,487,424 | -H-- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/25 03:26:10 | 000,273,456 | -H-- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/15 11:06:42 | 000,172,704 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 02:54:36 | 000,408,600 | -H-- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 19:16:56 | 007,333,472 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 19:10:00 | 000,393,728 | -H-- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | -H-- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 00:15:18 | 000,215,552 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A 49 2B 98 15 A3 CC 01 [binary data]
IE - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems:


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/30 19:06:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/19 15:59:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{02C2357F-6111-4C54-9AAC-B4FA3F1191E9}: C:\Users\Ellery\AppData\Local\{02C2357F-6111-4C54-9AAC-B4FA3F1191E9}

[2011/10/08 14:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ellery\AppData\Roaming\Mozilla\Extensions
[2011/11/21 11:50:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ellery\AppData\Roaming\Mozilla\Firefox\Profiles\skz1dxvz.default\extensions
[2011/11/16 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\ELLERY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SKZ1DXVZ.DEFAULT\EXTENSIONS\{EC9032C7-C20A-464F-7B0E-13A3A9E97385}

O1 HOSTS File: ([2011/11/21 12:20:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Ellery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Ellery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE ()
O4 - Startup: C:\Users\Ellery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{412B5C3D-27AE-4B40-B566-FF34FD010B4D}: DhcpNameServer = 134.139.19.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6856E191-803C-433A-B603-54C8CF1692AF}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-4018035911-1171316561-4070910582-1000\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/22 19:46:56 | 000,543,024 | ---- | C] (Microsoft Corporation) -- C:\Users\Ellery\IE9-Windows7-x64-enu.exe
[2011/11/21 12:25:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/21 12:24:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/21 12:05:10 | 000,000,000 | ---D | C] -- C:\Users\Ellery\Desktop\ComboFix
[2011/11/21 12:03:50 | 004,303,424 | R--- | C] (Swearware) -- C:\Users\Ellery\Desktop\ComboFix.exe
[2011/11/19 19:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/11/17 21:27:17 | 000,000,000 | ---D | C] -- C:\Users\Ellery\AppData\Roaming\Malwarebytes
[2011/11/17 21:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/17 21:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/17 21:26:45 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/17 21:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/16 21:25:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/14 12:52:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/14 12:52:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/14 12:52:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/14 12:52:17 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/14 12:39:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/08 19:12:46 | 000,584,192 | R--- | C] (OldTimer Tools) -- C:\Users\Ellery\Desktop\OTL.exe
[2011/11/06 21:56:54 | 000,000,000 | ---D | C] -- C:\Users\Ellery\AppData\Local\ElevatedDiagnostics
[2011/11/06 21:15:59 | 000,000,000 | ---D | C] -- C:\Users\Ellery\Desktop\RK_Quarantine
[2011/11/06 14:54:48 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/22 20:23:32 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/22 20:23:32 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/22 20:16:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/22 20:16:02 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/22 19:56:47 | 000,001,443 | ---- | M] () -- C:\Users\Ellery\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/22 19:55:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/22 19:55:43 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/11/21 12:20:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/21 12:04:21 | 004,303,424 | R--- | M] (Swearware) -- C:\Users\Ellery\Desktop\ComboFix.exe
[2011/11/17 21:26:48 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/08 19:12:46 | 000,584,192 | R--- | M] (OldTimer Tools) -- C:\Users\Ellery\Desktop\OTL.exe
[2011/10/30 19:02:08 | 087,293,952 | ---- | M] () -- C:\Users\Ellery\kavkis.msi
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/22 19:55:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/22 19:55:43 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/11/17 21:26:48 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 12:52:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/14 12:52:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/14 12:52:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/14 12:52:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/14 12:52:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/30 18:48:47 | 087,293,952 | ---- | C] () -- C:\Users\Ellery\kavkis.msi
[2011/01/08 17:01:56 | 000,000,022 | -H-- | C] () -- C:\Windows\exchng.ini
[2011/01/08 17:01:55 | 000,000,957 | -H-- | C] () -- C:\Windows\ODBCINST.INI
[2011/01/08 17:01:55 | 000,000,611 | -H-- | C] () -- C:\Windows\ODBC.INI
[2010/09/04 21:04:18 | 000,000,584 | -H-- | C] () -- C:\Windows\eReg.dat
[2010/01/02 13:42:32 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/31 18:27:33 | 000,009,216 | ---- | C] () -- C:\Users\Ellery\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/21 10:01:54 | 000,982,220 | -H-- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/12/21 10:01:52 | 000,134,592 | -H-- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/12/21 10:01:52 | 000,092,216 | -H-- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/12/21 10:01:51 | 000,433,024 | -H-- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/12/21 08:42:17 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1996/11/17 00:00:00 | 000,094,208 | -H-- | C] () -- C:\Windows\SysWow64\MSENCODE.DLL
[1996/11/17 00:00:00 | 000,047,104 | -H-- | C] () -- C:\Windows\SysWow64\WRKGADM.EXE
[1996/11/17 00:00:00 | 000,022,016 | -H-- | C] () -- C:\Windows\SysWow64\ODBCSTF.DLL
[1996/11/17 00:00:00 | 000,022,016 | -H-- | C] () -- C:\Windows\SysWow64\DOCOBJ.DLL
[1996/11/17 00:00:00 | 000,012,288 | -H-- | C] () -- C:\Windows\SysWow64\HLINKPRX.DLL

========== LOP Check ==========

[2010/01/02 00:31:02 | 000,000,000 | ---D | M] -- C:\Users\Ellery\AppData\Roaming\acccore
[2011/09/12 16:07:59 | 000,000,000 | ---D | M] -- C:\Users\Ellery\AppData\Roaming\PCDr
[2010/01/02 03:47:40 | 000,000,000 | ---D | M] -- C:\Users\Ellery\AppData\Roaming\WildTangent
[2011/11/16 21:28:19 | 000,032,532 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


I couldn't get Firefox download, kept saying download interrupted. I stopped after 3 tries. I tried sending this note twice and I have gotten the IE page cannot be found message, or something to that effect. I can't remember now that it's working and last time it did it I tried to copy and paste the wording but it won't paste.
Sorry

Edited by love2teach956, 22 November 2011 - 10:43 PM.

  • 0

Advertisements

#32
BlackOxide
Posted 23 November 2011 - 01:31 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts

I couldn't get Firefox download, kept saying download interrupted. I stopped after 3 tries. I tried sending this note twice and I have gotten the IE page cannot be found message, or something to that effect. I can't remember now that it's working and last time it did it I tried to copy and paste the wording but it won't paste.
Sorry

Ok, no worries, thanks for your patience in this. Hopefully we'll get it resolved soon. I have a suspicion that something is still lurking that is interfering with the web browsers.

Could you now do the following two steps for me please.



1)
Do the following:
  • Click on the Start button and then choose Control Panel.
  • Click on the System and Security link.

    Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
  • In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
  • In the Administrative Tools window, double-click on the Computer Management icon.
  • When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.

    After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.

    Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.
Take a screen Shot of the Disk Management Window and attach the screen shot to your reply.


To take a screenshot...
  • Press the Print Scrn key on the keyboard (usually located between the F12 and the Scroll Lock key)
  • After you have done this, Click Start, All Programs, Accessories, then click Paint
  • Once in Paint, click Edit at the top then Paste
  • Click File, then Save As and in the Save as type box, click JPEG and save it to the Desktop
Then attach the saved image to your next post...
  • Click Add Reply as you would do normally
  • Then within the 'Attachments' area, click Browse and select the file that you want to attach
  • Click the Attach This File button
  • Now click Add to Post on the right hand side, to insert the attachment into your post.




2)
Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.




In your next reply
Please post the contents of...
Screenshot of Disk Management
MBRCheck log
  • 0

#33
love2teach956
Posted 23 November 2011 - 10:47 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1750
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 181):
0x02E55000 \SystemRoot\system32\ntoskrnl.exe
0x02E0C000 \SystemRoot\system32\hal.dll
0x00BB1000 \SystemRoot\system32\kdcom.dll
0x00CD9000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D1D000 \SystemRoot\system32\PSHED.dll
0x00D31000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E8B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F2F000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F3E000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F95000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F9E000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00FA8000 \SystemRoot\system32\DRIVERS\pci.sys
0x00FDB000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00FE8000 \SystemRoot\System32\drivers\partmgr.sys
0x00E00000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E09000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E15000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00E2A000 \SystemRoot\System32\drivers\volmgrx.sys
0x00D8F000 \SystemRoot\System32\drivers\mountmgr.sys
0x010AB000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x011C7000 \SystemRoot\system32\drivers\amdxata.sys
0x01000000 \SystemRoot\system32\drivers\fltmgr.sys
0x0104C000 \SystemRoot\system32\drivers\fileinfo.sys
0x01060000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01217000 \SystemRoot\System32\Drivers\Ntfs.sys
0x014D3000 \SystemRoot\System32\Drivers\msrpc.sys
0x01531000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0154B000 \SystemRoot\System32\Drivers\cng.sys
0x015BE000 \SystemRoot\System32\drivers\pcw.sys
0x015CF000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016EF000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x0168B000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x016D7000 \SystemRoot\System32\Drivers\spldr.sys
0x01400000 \SystemRoot\System32\drivers\rdyboost.sys
0x017E1000 \SystemRoot\System32\Drivers\mup.sys
0x017F3000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0143A000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01474000 \SystemRoot\system32\DRIVERS\disk.sys
0x0148A000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02BA0000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02BCA000 \SystemRoot\System32\Drivers\Null.SYS
0x02BD3000 \SystemRoot\System32\Drivers\Beep.SYS
0x02BDA000 \SystemRoot\System32\drivers\vga.sys
0x02A00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02A25000 \SystemRoot\System32\drivers\watchdog.sys
0x02A35000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02A3E000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02A47000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02A50000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02A5B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03801000 \SystemRoot\System32\drivers\tcpip.sys
0x00DA9000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x015D9000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02BE8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x013B9000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03A40000 \SystemRoot\system32\drivers\afd.sys
0x03AC9000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03AD2000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03AF8000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03B0E000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03B1D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03B38000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03B4C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03B9D000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03BA9000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03BB4000 \SystemRoot\System32\drivers\discache.sys
0x03BC3000 \SystemRoot\System32\Drivers\dfsc.sys
0x03BE1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03A00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x07E89000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x03C1F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03D13000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03D59000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03D66000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03DBC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03DCD000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03EF5000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x0419D000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x03E00000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x03E64000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03E82000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x03ECB000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03ECD000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03EDC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x041AA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x041B7000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x041BC000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x041C5000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x041DB000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x03C00000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x08588000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x041EB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x085AC000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x085DB000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x07E00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x07E21000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x041F7000 \SystemRoot\system32\DRIVERS\swenum.sys
0x07E3B000 \SystemRoot\system32\DRIVERS\ks.sys
0x03A26000 \SystemRoot\system32\DRIVERS\umbus.sys
0x046C7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04721000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04736000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x047B1000 \SystemRoot\system32\DRIVERS\portcls.sys
0x04600000 \SystemRoot\system32\DRIVERS\drmk.sys
0x04622000 \SystemRoot\system32\drivers\ksthunk.sys
0x04628000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02A6C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x04636000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x04649000 \SystemRoot\System32\drivers\Dxapi.sys
0x04655000 \SystemRoot\System32\Drivers\RtsUStor.sys
0x0468F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0106C000 \SystemRoot\System32\Drivers\usbvideo.sys
0x011D2000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x046AC000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00550000 \SystemRoot\System32\TSDDD.dll
0x00760000 \SystemRoot\System32\cdd.dll
0x0205A000 \SystemRoot\system32\drivers\luafv.sys
0x0207D000 \SystemRoot\system32\drivers\WudfPf.sys
0x0209E000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x020B3000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02106000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02119000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02131000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x028F8000 \SystemRoot\system32\drivers\HTTP.sys
0x029C0000 \SystemRoot\system32\DRIVERS\bowser.sys
0x029DE000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02800000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0282D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0287B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0213B000 \SystemRoot\system32\drivers\peauth.sys
0x0289E000 \SystemRoot\System32\Drivers\secdrv.SYS
0x028A9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x028D6000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0440A000 \SystemRoot\System32\DRIVERS\srv2.sys
0x04471000 \SystemRoot\System32\DRIVERS\srv.sys
0x04506000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x0450F000 \SystemRoot\System32\Drivers\fastfat.SYS
0x04545000 \??\C:\Windows\system32\drivers\mbam.sys
0x77040000 \Windows\System32\ntdll.dll
0x47710000 \Windows\System32\smss.exe
0xFF360000 \Windows\System32\apisetschema.dll
0xFFB10000 \Windows\System32\autochk.exe
0xFF320000 \Windows\System32\imm32.dll
0x76F40000 \Windows\System32\user32.dll
0xFF110000 \Windows\System32\ole32.dll
0xFF0C0000 \Windows\System32\ws2_32.dll
0xFF070000 \Windows\System32\Wldap32.dll
0xFEFF0000 \Windows\System32\difxapi.dll
0xFEF80000 \Windows\System32\gdi32.dll
0xFEEA0000 \Windows\System32\oleaut32.dll
0x76D30000 \Windows\System32\iertutil.dll
0x76BE0000 \Windows\System32\urlmon.dll
0xFEDC0000 \Windows\System32\advapi32.dll
0xFE030000 \Windows\System32\shell32.dll
0xFE010000 \Windows\System32\sechost.dll
0xFDEE0000 \Windows\System32\rpcrt4.dll
0xFDE40000 \Windows\System32\comdlg32.dll
0x77210000 \Windows\System32\normaliz.dll
0xFDDA0000 \Windows\System32\msvcrt.dll
0x77200000 \Windows\System32\psapi.dll
0xFDD90000 \Windows\System32\nsi.dll
0xFDD80000 \Windows\System32\lpk.dll
0x76A80000 \Windows\System32\wininet.dll
0xFDD00000 \Windows\System32\shlwapi.dll
0xFDB20000 \Windows\System32\setupapi.dll
0xFDB00000 \Windows\System32\imagehlp.dll
0xFDA60000 \Windows\System32\clbcatq.dll
0xFD950000 \Windows\System32\msctf.dll
0x76960000 \Windows\System32\kernel32.dll
0xFD880000 \Windows\System32\usp10.dll
0xFD7E0000 \Windows\System32\comctl32.dll
0xFD670000 \Windows\System32\crypt32.dll
0xFD650000 \Windows\System32\devobj.dll
0xFD610000 \Windows\System32\cfgmgr32.dll
0xFD5A0000 \Windows\System32\KernelBase.dll
0xFD560000 \Windows\System32\wintrust.dll
0xFD550000 \Windows\System32\msasn1.dll

Processes (total 59):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
380 csrss.exe
448 C:\Windows\System32\wininit.exe
460 csrss.exe
524 C:\Windows\System32\winlogon.exe
536 C:\Windows\System32\services.exe
560 C:\Windows\System32\lsass.exe
572 C:\Windows\System32\lsm.exe
668 C:\Windows\System32\svchost.exe
736 C:\Windows\System32\svchost.exe
844 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
436 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\svchost.exe
1184 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
1192 C:\Windows\System32\wlanext.exe
1200 C:\Windows\System32\conhost.exe
1240 C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
1348 C:\Windows\System32\spoolsv.exe
1400 C:\Windows\System32\svchost.exe
1620 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
1740 C:\Windows\System32\svchost.exe
2056 C:\Windows\System32\dwm.exe
2080 C:\Windows\explorer.exe
2172 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2352 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
2476 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2512 C:\Program Files\IDT\WDM\sttray64.exe
2520 C:\Windows\System32\igfxtray.exe
2528 C:\Windows\System32\hkcmd.exe
2544 C:\Windows\System32\igfxpers.exe
2576 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
2608 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
2672 C:\Program Files\Dell\DellDock\DellDock.exe
2772 C:\Program Files (x86)\Java\jre6\bin\jusched.exe
2828 C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2852 C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
2868 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
2876 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2912 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3012 C:\Windows\System32\igfxsrvc.exe
2324 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3220 C:\Program Files\iPod\bin\iPodService.exe
4660 C:\Windows\System32\svchost.exe
4688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
4752 C:\Program Files\Windows Media Player\wmpnetwk.exe
1092 C:\Windows\System32\wuauclt.exe
1368 C:\Program Files (x86)\Internet Explorer\iexplore.exe
1824 C:\Program Files (x86)\Internet Explorer\iexplore.exe
3044 C:\Windows\System32\audiodg.exe
1616 C:\Program Files (x86)\Internet Explorer\iexplore.exe
2924 dllhost.exe
2968 dllhost.exe
1548 C:\Users\Ellery\Downloads\MBRCheck.exe
4936 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000BEVT-75ZAT0, Rev: 01.01A01

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Done!

I couldn't attach the print screen of the disk management as in my Accessories there is no Paint option. I looked around for something else to paste it into and couldn't.
  • 0

#34
BlackOxide
Posted 24 November 2011 - 02:07 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
That's ok, by the looks of your MBRCheck log, you don't have the infection I was looking for :)

Going back to the Firefox and IE problems. Did you try downloading the latest versions on a different PC, put them onto your disc and then transfer them onto the troubled PC? If you didn't, could you try that method please.

Apart from the Firefox and IE, are you experiencing any other strange problems that you didn't used to have?
  • 0

#35
love2teach956
Posted 24 November 2011 - 03:20 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
I was able to download Firefox to disk and transferred to her computer. That worked well and I checked numerous internet pages and stayed on some articles for a while with Firefox and all seems well. i did open up her computer to try to open this site with IE and got that page error that said IE cannot find or show home page. But Firefox seems to work well. No pop ups of any kind!
  • 0

#36
BlackOxide
Posted 24 November 2011 - 04:33 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
At least one of the browsers is working as it should do ;)

With IE, could you try resetting it for me. Once in IE, click the Tools button at the top right (cog icon), then click Internet Options. Click the Advanced tab along the top, then click the Reset button at the bottom and click Reset again on the window that pops up.

Also, clear the cache and cookies in IE. Click the Tools button again, click Internet Options, click Delete under the Browsing History section on the General tab. Make sure just Temporary Internet Files and Cookies are ticked, then click Delete.


I believe you've also not got Service Pack 1 for Windows 7 installed. Could you go to Windows Update, in your Start Menu and then click Check for Updates on the left hand side. Install any updates that are available. It should offer you Windows 7 Service Pack 1 at some point. Please install this if it is on the list of available updates.


Let me know how you get on with the above :)
  • 0

#37
love2teach956
Posted 24 November 2011 - 07:23 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
i cleaned up most of that that you asked. I tried to download the update of service pack 1 and it said update failed. two error msgs I got were 80070005 and 80073712. Also, just so you are aware, her dad has no idea where he put the installation disks or anything that came with her computer. :(
  • 0

#38
BlackOxide
Posted 25 November 2011 - 02:42 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts

Also, just so you are aware, her dad has no idea where he put the installation disks or anything that came with her computer.

Might not be a problem, as most Dell's have a recovery partition on the Hard Drive, so you can reinstall Windows 7 without any discs usually. What is the model of the Dell Laptop you have?


Windows Update/Service Pack errors can be tricky to sort out. We'll give it a go ;)

We need to run SFC (System File Checker), not just because the Service Pack failed to install, but also due to you previously having a file infector, some Windows files may have been modified and could need replacing.

If you could follow the instructions here for running SFC on Windows 7. Follow the instructions from "OPTION TWO". If it finds any unsigned or modified Windows files, it should replace them. Once SFC has completed, try installing the Service Pack again. If it still doesn't want to go in, click here and follow the instructions on running the System Update Readiness Tool.


How did the resetting IE and removing the Cache etc go. Has IE started to work properly, or are you still having problems with it?
  • 0

#39
love2teach956
Posted 27 November 2011 - 05:30 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
IE seems to be working well without giving me the error message of IE is not able to display this web page..
Her model of laptop is Dell Inspiron 1750, he bought it December 09 for her.

I couldn't not intall Service Pack 1 still, just says failed under Updates History. Windows Malicious Software Removal Tool was installed but I don't see the System Update Readiness Tool.
  • 0

#40
BlackOxide
Posted 28 November 2011 - 01:46 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Good to hear IE has started to work properly :)

With the Service Pack problem, you could try downloading the System Update Readiness Tool manually, then once you've ran it, try and install the Service Pack again.

To download the System Update Readiness Tool, just click here. Double click on the downloaded file and follow the onscreen instructions to run it. Once it has completed, click on Windows Update in the Start Menu and click Check for Updates on the left hand side. It should find that Service Pack 1 is still not installed. Then let it try and install it again. Let me know if you have any success with this.

How is the laptop running now overall? Any problems apart from the Service Pack?
  • 0

Advertisements

#41
love2teach956
Posted 28 November 2011 - 04:43 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
all seems ok but could not install the service pack, still reads failure.
  • 0

#42
BlackOxide
Posted 29 November 2011 - 01:41 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hmmm, frustrating. Update problems can be a pain in the backside ;)

Can you install an Anti Virus for me please, as we need to try and stop any infections returning whilst we're looking at this problem. I know you said you were getting McAfee, but in the meantime, could you install a Free Anti Virus, such as Microsoft Security Essentials. You can always uninstall this when you get McAfee sorted, but we need to have something on for now :)

Once you have done that, the other suggestion on trying to get this Service Pack to install, is to download the offline version of it and seeing if this will install, as it is a bit different to the one you get through Windows Update. It is a hefty download though at 900MB, so it may take a while to download, depending on your connection speed. The download can be found here

Let me know how you get on or if you have any problems doing either of these.
  • 0

#43
love2teach956
Posted 02 December 2011 - 09:47 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Her computer would not let me load the anti virus ware. I am trying to download the service pack now. I tried last night but it was over an hour and I needed to get to bed :(. Will let you know tomorrow how I do with this tonight.
  • 0

#44
BlackOxide
Posted 03 December 2011 - 02:44 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
I'm getting the feeling Windows has been quite damaged by the large amounts of malware which were present on it. If things are still buggy and not installing/working correctly we may need to go down the route of reinstalling Windows. At least that would ensure a fresh start and the issues you are currently having will almost certainly not occur after doing a reinstall. It just means all data will need to be backed up prior to reinstalling and any programs that you have installed yourself after purchasing it would need reinstalling again. It can be a bit of hassle, but sometimes it's the best way round certain types of problems. Let me know how you get on with the Service Pack anyway :)
  • 0

#45
love2teach956
Posted 03 December 2011 - 11:58 PM

love2teach956

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
i downloaded and went thru the whole install process about an hour or so, and when computer restarted,it said Failure Configuring Service Pack.
I don't think it's on the computer. If you want to have me reinstall Windows, remember, she doesn't have the disc that came with her laptop anymore :(
I'm not real worried about anything she may have installed but can look around and back up maybe pics and music? Like will all her music be lost? that's the biggest thing she's worried about losing. I'm so sorry this has taken so long and has taken up so much of your time. :(
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP