Hear random audio in background, now after trouble shooting, system s
Started by
Monvishi
, Jul 18 2013 11:53 AM
This topic is locked
#136
Posted 20 July 2013 - 11:31 PM
Monvishi
- Topic Starter
-
- Member
-
- 236 posts
Member
#137
Posted 20 July 2013 - 11:33 PM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
I have them both downloaded and open! 
Have a good night.
Have a good night.
#139
Posted 21 July 2013 - 09:44 AM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
Good Morning! Is the audio in the background still present after last night's scan?
#141
Posted 21 July 2013 - 10:55 AM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
Please download MBRCheck.exe to your Desktop. Run the application.
If no infection is found, it will produce a report on the desktop. Post that report in your next reply.
If an infection is found, you will be presented with the following dialog:
Enter Y and press Enter.
The following dialog will be presented:
Enter 1 and press Enter
The following dialog will be presented:
Enter >>0<< and press Enter
The program will ask for the file name to dump to, type dump.dat and Press Enter. You should see a Dumped successfully message. Type -1 and press Enter twice to exit the program. Save the dump.dat file to your desktop then attach it on your next reply.
If no infection is found, it will produce a report on the desktop. Post that report in your next reply.
If an infection is found, you will be presented with the following dialog:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Enter Y and press Enter.
The following dialog will be presented:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
Enter 1 and press Enter
The following dialog will be presented:
Enter the physical disk number to fix (0-99, -1 to cancel):
Enter >>0<< and press Enter
The program will ask for the file name to dump to, type dump.dat and Press Enter. You should see a Dumped successfully message. Type -1 and press Enter twice to exit the program. Save the dump.dat file to your desktop then attach it on your next reply.
#142
Posted 21 July 2013 - 02:03 PM
Monvishi
- Topic Starter
-
- Member
-
- 236 posts
Member
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VGC-JS130J
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 148):
0x07055000 \SystemRoot\system32\ntoskrnl.exe
0x0700F000 \SystemRoot\system32\hal.dll
0x00609000 \SystemRoot\system32\kdcom.dll
0x0060D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00648000 \SystemRoot\system32\PSHED.dll
0x0065C000 \SystemRoot\system32\CLFS.SYS
0x006B9000 \SystemRoot\system32\CI.dll
0x00800000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008DA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008E8000 \SystemRoot\system32\drivers\acpi.sys
0x0093E000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00947000 \SystemRoot\system32\drivers\msisadrv.sys
0x00951000 \SystemRoot\system32\drivers\pci.sys
0x00981000 \SystemRoot\System32\drivers\partmgr.sys
0x00996000 \SystemRoot\system32\drivers\volmgr.sys
0x0076B000 \SystemRoot\System32\drivers\volmgrx.sys
0x009AA000 \SystemRoot\system32\drivers\pciide.sys
0x009B1000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x009C1000 \SystemRoot\System32\drivers\mountmgr.sys
0x009D4000 \SystemRoot\system32\drivers\atapi.sys
0x009DC000 \SystemRoot\system32\drivers\ataport.SYS
0x00A02000 \SystemRoot\system32\drivers\fltmgr.sys
0x00A49000 \SystemRoot\system32\drivers\fileinfo.sys
0x00A5D000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x00A69000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00C0E000 \SystemRoot\system32\drivers\ndis.sys
0x00AF0000 \SystemRoot\system32\drivers\msrpc.sys
0x00B40000 \SystemRoot\system32\drivers\NETIO.SYS
0x00E0B000 \SystemRoot\System32\drivers\tcpip.sys
0x00F7F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0100E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0118E000 \SystemRoot\system32\drivers\volsnap.sys
0x011D2000 \SystemRoot\System32\Drivers\spldr.sys
0x011DA000 \SystemRoot\System32\Drivers\mup.sys
0x00FAB000 \SystemRoot\System32\drivers\ecache.sys
0x011EC000 \SystemRoot\system32\drivers\disk.sys
0x00DD1000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01000000 \SystemRoot\system32\drivers\crcdisk.sys
0x00C00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00E00000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x00B99000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0200E000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x0280B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x028EE000 \SystemRoot\System32\drivers\watchdog.sys
0x028FE000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x0290F000 \SystemRoot\system32\DRIVERS\e1y60x64.sys
0x0295F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x0296B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x029B1000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x02A03000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x02C0C000 \SystemRoot\system32\DRIVERS\athrx.sys
0x02D28000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x02D3A000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x02D4A000 \SystemRoot\system32\DRIVERS\risdsn64.sys
0x02D60000 \SystemRoot\system32\DRIVERS\rimssn64.sys
0x02D7E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02D9A000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x02DA1000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x02DA4000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x02AF0000 \SystemRoot\system32\DRIVERS\storport.sys
0x02DDD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02B4D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x02DEA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x02B70000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x02BA1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x02BB1000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x02BCF000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02BE7000 \SystemRoot\system32\DRIVERS\taphss6.sys
0x029C2000 \SystemRoot\system32\DRIVERS\termdd.sys
0x029D5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x02C00000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x02DF6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x02799000 \SystemRoot\system32\DRIVERS\ks.sys
0x02BF5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x029E3000 \SystemRoot\system32\DRIVERS\umbus.sys
0x00BAC000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x027CD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x03A0E000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x03B74000 \SystemRoot\system32\drivers\portcls.sys
0x03BAF000 \SystemRoot\system32\drivers\drmk.sys
0x03BD2000 \SystemRoot\system32\drivers\ksthunk.sys
0x03BD8000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x03BE2000 \SystemRoot\System32\Drivers\Null.SYS
0x03BF6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03A00000 \SystemRoot\System32\drivers\vga.sys
0x007D1000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03BEB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x029F3000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02800000 \SystemRoot\System32\Drivers\Msfs.SYS
0x027E1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x027F2000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x03C00000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03C1D000 \SystemRoot\system32\DRIVERS\smb.sys
0x03C38000 \SystemRoot\system32\drivers\afd.sys
0x03CA3000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03CE7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03D05000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03D14000 \SystemRoot\system32\DRIVERS\tmcomm.sys
0x03D42000 \SystemRoot\system32\DRIVERS\tmevtmgr.sys
0x03D59000 \SystemRoot\system32\DRIVERS\tmactmon.sys
0x03D7B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03D96000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x03DB2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02000000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03E09000 \SystemRoot\System32\Drivers\dfsc.sys
0x03E26000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x03E42000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03E44000 \SystemRoot\System32\Drivers\usbvideo.sys
0x03E6E000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x03E78000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x03E81000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x03E93000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x03E9E000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x03EA9000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x03EC5000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03ED3000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x03EDF000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x03EE7000 \SystemRoot\System32\drivers\Dxapi.sys
0x03EF3000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004A0000 \SystemRoot\System32\TSDDD.dll
0x00680000 \SystemRoot\System32\cdd.dll
0x00880000 \SystemRoot\System32\ATMFD.DLL
0x03F06000 \SystemRoot\system32\drivers\luafv.sys
0x03F28000 \SystemRoot\system32\drivers\spsys.sys
0x03FC2000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x15604000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x15638000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x15643000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x1565B000 \SystemRoot\system32\drivers\HTTP.sys
0x156FE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x15727000 \SystemRoot\system32\DRIVERS\bowser.sys
0x15745000 \SystemRoot\System32\drivers\mpsdrv.sys
0x1575F000 \SystemRoot\system32\drivers\mrxdav.sys
0x15786000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x157AF000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03FD6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x15A0E000 \SystemRoot\System32\DRIVERS\srv2.sys
0x15A40000 \SystemRoot\System32\DRIVERS\srv.sys
0x15AD3000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x15AEE000 \SystemRoot\system32\drivers\peauth.sys
0x15BA4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x15BAF000 \SystemRoot\System32\drivers\tcpipreg.sys
0x15BBF000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x15BDF000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0x19E0F000 \SystemRoot\system32\DRIVERS\9927740drv.sys
0x1A20D000 \SystemRoot\system32\DRIVERS\52552323.sys
0x774C0000 \Windows\System32\ntdll.dll
Processes (total 91):
0 System Idle Process
4 System
520 C:\Windows\System32\smss.exe
588 csrss.exe
624 C:\Windows\System32\wininit.exe
640 csrss.exe
680 C:\Windows\System32\services.exe
692 C:\Windows\System32\lsass.exe
700 C:\Windows\System32\lsm.exe
728 C:\Windows\System32\winlogon.exe
900 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
456 C:\Windows\System32\svchost.exe
576 C:\Windows\System32\svchost.exe
508 C:\Windows\System32\audiodg.exe
988 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\SLsvc.exe
1112 C:\Windows\System32\svchost.exe
1392 C:\Windows\System32\dwm.exe
1400 C:\Windows\explorer.exe
1476 C:\Windows\System32\svchost.exe
1660 C:\Windows\System32\spoolsv.exe
1732 C:\Windows\System32\svchost.exe
1988 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
1228 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
1412 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1424 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
1248 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
1332 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
744 C:\Program Files\Bonjour\mDNSResponder.exe
672 C:\Windows\System32\svchost.exe
1596 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
1164 C:\Windows\SysWOW64\svchost.exe
2060 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
2244 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
2528 C:\Windows\System32\svchost.exe
2552 C:\Windows\System32\svchost.exe
2576 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
2624 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
2648 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
2676 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
2704 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
2764 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
2776 dllhost.exe
2808 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2840 C:\Windows\System32\svchost.exe
2860 C:\Windows\System32\SearchIndexer.exe
3048 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
2516 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
3472 C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
3516 WUDFHost.exe
3632 VESGfxMgr.exe
3760 C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
3832 igfxext.exe
3860 C:\Program Files\Windows Sidebar\sidebar.exe
3912 C:\Windows\ehome\ehtray.exe
3936 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
3944 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3964 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
3980 C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
3996 C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe
4020 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
3732 igfxsrvc.exe
4040 C:\Windows\ehome\ehmsas.exe
2020 C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
3156 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
3336 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
3856 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4132 C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
4156 C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
4288 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4300 C:\Windows\System32\wbem\unsecapp.exe
4372 C:\Windows\System32\svchost.exe
4668 C:\Program Files\Trend Micro SafeSync\hrfscore.exe
4708 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
4800 C:\Program Files\iPod\bin\iPodService.exe
4820 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
4968 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
5424 C:\Windows\System32\mobsync.exe
9152 dllhost.exe
6472 C:\Users\Fry's Electronics\Desktop\Geekstogo\AVPTool.exe
4436 C:\Users\FRY'SE~1\AppData\Local\Temp\RarSFX0\9927740.exe
8572 C:\Users\FRY'SE~1\AppData\Local\Temp\1984885\9927740.exe
5244 C:\Program Files (x86)\Internet Explorer\iexplore.exe
6872 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
8052 C:\Program Files (x86)\Internet Explorer\iexplore.exe
6124 C:\Program Files (x86)\Internet Explorer\iexplore.exe
7876 C:\Windows\System32\svchost.exe
4308 C:\Windows\System32\SearchProtocolHost.exe
7016 C:\Windows\System32\SearchFilterHost.exe
8944 C:\Users\Fry's Electronics\Desktop\Geekstogo\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`75100000 (NTFS)
PhysicalDrive0 Model Number: WDCWD5000AAJS-55A8B0, Rev: 01.03B01
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 35CF44CF738E201DF69C3A7FFC4C5ECFC01A440F
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit): 0Dumping \\.\PhysicalDisk0...
Enter filename to dump to: dump.datDumped successfully!
Enter the physical disk number to dump (0-99, -1 to exit): -1
Done!
© 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VGC-JS130J
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 148):
0x07055000 \SystemRoot\system32\ntoskrnl.exe
0x0700F000 \SystemRoot\system32\hal.dll
0x00609000 \SystemRoot\system32\kdcom.dll
0x0060D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00648000 \SystemRoot\system32\PSHED.dll
0x0065C000 \SystemRoot\system32\CLFS.SYS
0x006B9000 \SystemRoot\system32\CI.dll
0x00800000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008DA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008E8000 \SystemRoot\system32\drivers\acpi.sys
0x0093E000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00947000 \SystemRoot\system32\drivers\msisadrv.sys
0x00951000 \SystemRoot\system32\drivers\pci.sys
0x00981000 \SystemRoot\System32\drivers\partmgr.sys
0x00996000 \SystemRoot\system32\drivers\volmgr.sys
0x0076B000 \SystemRoot\System32\drivers\volmgrx.sys
0x009AA000 \SystemRoot\system32\drivers\pciide.sys
0x009B1000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x009C1000 \SystemRoot\System32\drivers\mountmgr.sys
0x009D4000 \SystemRoot\system32\drivers\atapi.sys
0x009DC000 \SystemRoot\system32\drivers\ataport.SYS
0x00A02000 \SystemRoot\system32\drivers\fltmgr.sys
0x00A49000 \SystemRoot\system32\drivers\fileinfo.sys
0x00A5D000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x00A69000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00C0E000 \SystemRoot\system32\drivers\ndis.sys
0x00AF0000 \SystemRoot\system32\drivers\msrpc.sys
0x00B40000 \SystemRoot\system32\drivers\NETIO.SYS
0x00E0B000 \SystemRoot\System32\drivers\tcpip.sys
0x00F7F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0100E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0118E000 \SystemRoot\system32\drivers\volsnap.sys
0x011D2000 \SystemRoot\System32\Drivers\spldr.sys
0x011DA000 \SystemRoot\System32\Drivers\mup.sys
0x00FAB000 \SystemRoot\System32\drivers\ecache.sys
0x011EC000 \SystemRoot\system32\drivers\disk.sys
0x00DD1000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01000000 \SystemRoot\system32\drivers\crcdisk.sys
0x00C00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00E00000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x00B99000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0200E000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x0280B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x028EE000 \SystemRoot\System32\drivers\watchdog.sys
0x028FE000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x0290F000 \SystemRoot\system32\DRIVERS\e1y60x64.sys
0x0295F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x0296B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x029B1000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x02A03000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x02C0C000 \SystemRoot\system32\DRIVERS\athrx.sys
0x02D28000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x02D3A000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x02D4A000 \SystemRoot\system32\DRIVERS\risdsn64.sys
0x02D60000 \SystemRoot\system32\DRIVERS\rimssn64.sys
0x02D7E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02D9A000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x02DA1000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x02DA4000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x02AF0000 \SystemRoot\system32\DRIVERS\storport.sys
0x02DDD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02B4D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x02DEA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x02B70000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x02BA1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x02BB1000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x02BCF000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02BE7000 \SystemRoot\system32\DRIVERS\taphss6.sys
0x029C2000 \SystemRoot\system32\DRIVERS\termdd.sys
0x029D5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x02C00000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x02DF6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x02799000 \SystemRoot\system32\DRIVERS\ks.sys
0x02BF5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x029E3000 \SystemRoot\system32\DRIVERS\umbus.sys
0x00BAC000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x027CD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x03A0E000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x03B74000 \SystemRoot\system32\drivers\portcls.sys
0x03BAF000 \SystemRoot\system32\drivers\drmk.sys
0x03BD2000 \SystemRoot\system32\drivers\ksthunk.sys
0x03BD8000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x03BE2000 \SystemRoot\System32\Drivers\Null.SYS
0x03BF6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03A00000 \SystemRoot\System32\drivers\vga.sys
0x007D1000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03BEB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x029F3000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02800000 \SystemRoot\System32\Drivers\Msfs.SYS
0x027E1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x027F2000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x03C00000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03C1D000 \SystemRoot\system32\DRIVERS\smb.sys
0x03C38000 \SystemRoot\system32\drivers\afd.sys
0x03CA3000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03CE7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03D05000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03D14000 \SystemRoot\system32\DRIVERS\tmcomm.sys
0x03D42000 \SystemRoot\system32\DRIVERS\tmevtmgr.sys
0x03D59000 \SystemRoot\system32\DRIVERS\tmactmon.sys
0x03D7B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03D96000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x03DB2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02000000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03E09000 \SystemRoot\System32\Drivers\dfsc.sys
0x03E26000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x03E42000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03E44000 \SystemRoot\System32\Drivers\usbvideo.sys
0x03E6E000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x03E78000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x03E81000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x03E93000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x03E9E000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x03EA9000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x03EC5000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03ED3000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x03EDF000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x03EE7000 \SystemRoot\System32\drivers\Dxapi.sys
0x03EF3000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004A0000 \SystemRoot\System32\TSDDD.dll
0x00680000 \SystemRoot\System32\cdd.dll
0x00880000 \SystemRoot\System32\ATMFD.DLL
0x03F06000 \SystemRoot\system32\drivers\luafv.sys
0x03F28000 \SystemRoot\system32\drivers\spsys.sys
0x03FC2000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x15604000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x15638000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x15643000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x1565B000 \SystemRoot\system32\drivers\HTTP.sys
0x156FE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x15727000 \SystemRoot\system32\DRIVERS\bowser.sys
0x15745000 \SystemRoot\System32\drivers\mpsdrv.sys
0x1575F000 \SystemRoot\system32\drivers\mrxdav.sys
0x15786000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x157AF000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03FD6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x15A0E000 \SystemRoot\System32\DRIVERS\srv2.sys
0x15A40000 \SystemRoot\System32\DRIVERS\srv.sys
0x15AD3000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x15AEE000 \SystemRoot\system32\drivers\peauth.sys
0x15BA4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x15BAF000 \SystemRoot\System32\drivers\tcpipreg.sys
0x15BBF000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x15BDF000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0x19E0F000 \SystemRoot\system32\DRIVERS\9927740drv.sys
0x1A20D000 \SystemRoot\system32\DRIVERS\52552323.sys
0x774C0000 \Windows\System32\ntdll.dll
Processes (total 91):
0 System Idle Process
4 System
520 C:\Windows\System32\smss.exe
588 csrss.exe
624 C:\Windows\System32\wininit.exe
640 csrss.exe
680 C:\Windows\System32\services.exe
692 C:\Windows\System32\lsass.exe
700 C:\Windows\System32\lsm.exe
728 C:\Windows\System32\winlogon.exe
900 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
456 C:\Windows\System32\svchost.exe
576 C:\Windows\System32\svchost.exe
508 C:\Windows\System32\audiodg.exe
988 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\SLsvc.exe
1112 C:\Windows\System32\svchost.exe
1392 C:\Windows\System32\dwm.exe
1400 C:\Windows\explorer.exe
1476 C:\Windows\System32\svchost.exe
1660 C:\Windows\System32\spoolsv.exe
1732 C:\Windows\System32\svchost.exe
1988 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
1228 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
1412 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1424 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
1248 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
1332 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
744 C:\Program Files\Bonjour\mDNSResponder.exe
672 C:\Windows\System32\svchost.exe
1596 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
1164 C:\Windows\SysWOW64\svchost.exe
2060 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
2244 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
2528 C:\Windows\System32\svchost.exe
2552 C:\Windows\System32\svchost.exe
2576 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
2624 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
2648 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
2676 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
2704 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
2764 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
2776 dllhost.exe
2808 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2840 C:\Windows\System32\svchost.exe
2860 C:\Windows\System32\SearchIndexer.exe
3048 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
2516 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
3472 C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
3516 WUDFHost.exe
3632 VESGfxMgr.exe
3760 C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
3832 igfxext.exe
3860 C:\Program Files\Windows Sidebar\sidebar.exe
3912 C:\Windows\ehome\ehtray.exe
3936 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
3944 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3964 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
3980 C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
3996 C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe
4020 C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
3732 igfxsrvc.exe
4040 C:\Windows\ehome\ehmsas.exe
2020 C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
3156 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
3336 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
3856 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4132 C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
4156 C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
4288 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4300 C:\Windows\System32\wbem\unsecapp.exe
4372 C:\Windows\System32\svchost.exe
4668 C:\Program Files\Trend Micro SafeSync\hrfscore.exe
4708 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
4800 C:\Program Files\iPod\bin\iPodService.exe
4820 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
4968 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
5424 C:\Windows\System32\mobsync.exe
9152 dllhost.exe
6472 C:\Users\Fry's Electronics\Desktop\Geekstogo\AVPTool.exe
4436 C:\Users\FRY'SE~1\AppData\Local\Temp\RarSFX0\9927740.exe
8572 C:\Users\FRY'SE~1\AppData\Local\Temp\1984885\9927740.exe
5244 C:\Program Files (x86)\Internet Explorer\iexplore.exe
6872 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
8052 C:\Program Files (x86)\Internet Explorer\iexplore.exe
6124 C:\Program Files (x86)\Internet Explorer\iexplore.exe
7876 C:\Windows\System32\svchost.exe
4308 C:\Windows\System32\SearchProtocolHost.exe
7016 C:\Windows\System32\SearchFilterHost.exe
8944 C:\Users\Fry's Electronics\Desktop\Geekstogo\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`75100000 (NTFS)
PhysicalDrive0 Model Number: WDCWD5000AAJS-55A8B0, Rev: 01.03B01
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 35CF44CF738E201DF69C3A7FFC4C5ECFC01A440F
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit): 0Dumping \\.\PhysicalDisk0...
Enter filename to dump to: dump.datDumped successfully!
Enter the physical disk number to dump (0-99, -1 to exit): -1
Done!
#143
Posted 21 July 2013 - 02:07 PM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
Can you please upload the file dump.dat for me?
Thanks You!
Thanks You!
#144
Posted 21 July 2013 - 02:19 PM
Monvishi
- Topic Starter
-
- Member
-
- 236 posts
Member
This was the only file I could locate thru search for dump.dat
If this is not the one, can you guide me how to fetch that, please?
If this is not the one, can you guide me how to fetch that, please?
#145
Posted 21 July 2013 - 02:20 PM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
There wasn't a file attached to your last post.
#146
Posted 21 July 2013 - 02:21 PM
Monvishi
- Topic Starter
-
- Member
-
- 236 posts
Member
I did copy/paste only. No attachment.
#147
Posted 21 July 2013 - 02:23 PM
Monvishi
- Topic Starter
-
- Member
-
- 236 posts
Member
This is the file that got stored after the last step.Please find the same attached..
Attached Files
-
MBRCheck_07.21.13_12.59.53.txt 13.99KB
129 downloads
#148
Posted 21 July 2013 - 02:25 PM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
At the end of the MBR Check here:
You choose a save location and named a file dump.dat. This is the file I need you to upload.
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit): 0Dumping \\.\PhysicalDisk0...
Enter filename to dump to: dump.datDumped successfully!
Enter the physical disk number to dump (0-99, -1 to exit): -1
Done!
You choose a save location and named a file dump.dat. This is the file I need you to upload.
#149
Posted 21 July 2013 - 02:27 PM
Monvishi
- Topic Starter
-
- Member
-
- 236 posts
Member
I am sorry Jasmyne, I did exactly per those steps but I do not see dump.dat anywhere.. Not sure on what path can I find that file..
Do you want me to repeat that step again?
Do you want me to repeat that step again?
#150
Posted 21 July 2013 - 02:37 PM
Jasmyne
-
- Malware Removal
-
- 2,010 posts
Trusted Helper
It should be in the same folder/location as MBRCheck.exe is saved.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
