This topic is locked
In need of major assistance... I just recently updated my system from win 7 to win 8.1, and stupid me thought windows bit defender would have been more then enough security for my system as I used MSE exclusively on win 7 and never had any issues at all... Well, less then a day after upgrading, my system has been literally raped by viruses to the point, it didn't even get a reach around, I have already DL'd ASWMBR and ADWCleaner and ran both and cleaned/rebooted... however I can't seem to run this FRST64.exe file I downloaded every time I try it just keeps getting blocked by Windows and kind of stuck in a rut and don't know how to get out of it to finish up any and all the viruses removal... here is my aswMBR log file, any help would be greatly appreciated!
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-05-29 22:31:49
-----------------------------
22:31:49.786 OS Version: Windows x64 6.2.9200
22:31:49.786 Number of processors: 2 586 0x605
22:31:49.786 ComputerName: THENORWOODS UserName: Mike
22:31:52.832 Initialize success
22:31:53.749 VM: initialized successfully
22:31:53.753 VM: Intel CPU virtualization not supported
22:35:54.079 AVAST engine defs: 15052901
22:36:02.807 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000023
22:36:02.811 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
22:36:02.954 Disk 0 MBR read successfully
22:36:02.958 Disk 0 MBR scan
22:36:02.971 Disk 0 Windows 7 default MBR code
22:36:02.978 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
22:36:02.990 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476588 MB offset 718848
22:36:03.028 Disk 0 scanning C:\Windows\system32\drivers
22:36:13.850 Service scanning
22:36:16.554 Service BHDrvx64 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\BASHDefs\20150521.001\BHDrvx64.sys **LOCKED** 5
22:36:18.130 Service coealhu C:\ProgramData\boostwebapp\1.1.0.31\casasit.exe **INFECTED** Win32:Malware-gen
22:36:20.145 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
22:36:20.270 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
22:36:22.696 Service IDSVia64 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\IPSDefs\20150529.001\IDSvia64.sys **LOCKED** 5
22:36:25.232 Service NAVENG C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20150529.003\ENG64.SYS **LOCKED** 5
22:36:25.438 Service NAVEX15 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20150529.003\EX64.SYS **LOCKED** 5
22:36:28.666 Service pijwojmou C:\ProgramData\boostwebapp\1.1.0.31\caswsit.exe **INFECTED** Win32:Malware-gen
22:36:30.106 Service RejcaBanoki C:\ProgramData\boostwebapp\1.1.0.31\AnaeiTiye.exe **INFECTED** Win32:Adware-gen [Adw]
22:36:35.969 Service tammgR119 C:\Windows\system32\Drivers\tammgR119.sys **LOCKED**
22:36:43.771 Modules scanning
22:36:43.787 Disk 0 trace - called modules:
22:36:43.802 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys
22:36:43.818 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001078e4060]
22:36:43.834 3 CLASSPNP.SYS[fffff8012b07f170] -> nt!IofCallDriver -> [0xffffe00107345780]
22:36:43.834 5 ACPI.sys[fffff8012aa2bc21] -> nt!IofCallDriver -> \Device\00000023[0xffffe001072bc060]
22:36:45.265 AVAST engine scan C:\Windows
22:36:47.655 AVAST engine scan C:\Windows\system32
22:41:33.459 AVAST engine scan C:\Windows\system32\drivers
22:41:57.872 AVAST engine scan C:\Users\Mike
22:45:11.143 AVAST engine scan C:\ProgramData
22:55:23.513 File: C:\ProgramData\boostwebapp\1.1.0.31\AnaeiTiye.exe **INFECTED** Win32:Adware-gen [Adw]
22:55:23.528 File: C:\ProgramData\boostwebapp\1.1.0.31\AnaeiTiye.exe **HIDDEN**
22:55:23.857 File: C:\ProgramData\boostwebapp\1.1.0.31\bispumizopde.exe **INFECTED** Win32:Adware-gen [Adw]
22:55:23.872 File: C:\ProgramData\boostwebapp\1.1.0.31\bispumizopde.exe **HIDDEN**
22:55:24.247 File: C:\ProgramData\boostwebapp\1.1.0.31\bispumizopde64.exe **HIDDEN**
22:55:24.545 File: C:\ProgramData\boostwebapp\1.1.0.31\casasit.EXE **INFECTED** Win32:Malware-gen
22:55:24.561 File: C:\ProgramData\boostwebapp\1.1.0.31\casasit.EXE **HIDDEN**
22:55:24.782 File: C:\ProgramData\boostwebapp\1.1.0.31\casdsit.exe **INFECTED** Win32:Adware-gen [Adw]
22:55:24.860 File: C:\ProgramData\boostwebapp\1.1.0.31\casdsit.exe **HIDDEN**
22:55:25.079 File: C:\ProgramData\boostwebapp\1.1.0.31\casdsitu.dll **HIDDEN**
22:55:25.297 File: C:\ProgramData\boostwebapp\1.1.0.31\caswsit.EXE **INFECTED** Win32:Malware-gen
22:55:25.313 File: C:\ProgramData\boostwebapp\1.1.0.31\caswsit.EXE **HIDDEN**
22:55:26.620 File: C:\ProgramData\boostwebapp\1.1.0.31\freebl3.dll **HIDDEN**
22:55:26.936 File: C:\ProgramData\boostwebapp\1.1.0.31\libnspr4.dll **HIDDEN**
22:55:27.139 File: C:\ProgramData\boostwebapp\1.1.0.31\libplc4.dll **HIDDEN**
22:55:27.280 File: C:\ProgramData\boostwebapp\1.1.0.31\libplds4.dll **HIDDEN**
22:55:27.858 File: C:\ProgramData\boostwebapp\1.1.0.31\nss3.dll **HIDDEN**
22:55:28.139 File: C:\ProgramData\boostwebapp\1.1.0.31\nssckbi.dll **HIDDEN**
22:55:28.538 File: C:\ProgramData\boostwebapp\1.1.0.31\nssdbm3.dll **HIDDEN**
22:55:28.725 File: C:\ProgramData\boostwebapp\1.1.0.31\nssutil3.dll **HIDDEN**
22:55:29.569 File: C:\ProgramData\boostwebapp\1.1.0.31\smime3.dll **HIDDEN**
22:55:29.960 File: C:\ProgramData\boostwebapp\1.1.0.31\softokn3.dll **HIDDEN**
22:55:30.413 File: C:\ProgramData\boostwebapp\1.1.0.31\sqlite3.dll **HIDDEN**
22:55:30.858 File: C:\ProgramData\boostwebapp\1.1.0.31\ssl3.dll **HIDDEN**
22:55:31.030 File: C:\ProgramData\boostwebapp\1.1.0.31\tammg.sys **HIDDEN**
22:55:31.280 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgd.sys **HIDDEN**
22:55:31.483 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgF.sys **HIDDEN**
22:55:31.687 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgFd.sys **HIDDEN**
22:55:31.937 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgOd.sys **HIDDEN**
22:55:32.062 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgR.sys **HIDDEN**
22:55:32.296 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgRd.sys **HIDDEN**
22:55:32.695 File: C:\ProgramData\boostwebapp\1.1.0.31\Uninstaller.exe **INFECTED** Win32:Adware-gen [Adw]
22:55:32.710 File: C:\ProgramData\boostwebapp\1.1.0.31\Uninstaller.exe **HIDDEN**
22:55:33.007 File: C:\ProgramData\boostwebapp\1.1.0.31\utils.exe **HIDDEN**
22:55:33.293 File: C:\ProgramData\boostwebapp\1.1.0.31\Waiidjeb.dll **HIDDEN**
22:55:33.371 File: C:\ProgramData\boostwebapp\1.1.0.31\Waiidjeb.EXE **HIDDEN**
22:55:33.856 File: C:\ProgramData\boostwebapp\1.1.0.31\Waiidjeb64.dll **HIDDEN**
22:55:33.871 Disk 0 statistics 4401080/0/0 @ 3.18 MB/s
22:55:33.887 Scan finished successfully
22:57:46.943 Disk 0 MBR has been saved successfully to "C:\Users\Mike\Desktop\MBR.dat"
22:57:46.959 The log file has been saved successfully to "C:\Users\Mike\Desktop\aswMBR.txt"
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-05-29 23:28:50
-----------------------------
23:28:50.118 OS Version: Windows x64 6.2.9200
23:28:50.118 Number of processors: 2 586 0x605
23:28:50.118 ComputerName: THENORWOODS UserName: Mike
23:28:51.670 Initialize success
23:28:51.874 VM: initialized successfully
23:28:51.874 VM: Intel CPU virtualization not supported
23:29:43.845 AVAST engine defs: 15052901
23:30:01.244 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000023
23:30:01.260 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
23:30:01.385 Disk 0 MBR read successfully
23:30:01.385 Disk 0 MBR scan
23:30:01.400 Disk 0 Windows 7 default MBR code
23:30:01.416 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
23:30:01.432 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476588 MB offset 718848
23:30:01.463 Disk 0 scanning C:\Windows\system32\drivers
23:30:11.352 Disk 0 statistics 110060/0/0 @ 14.04 MB/s
23:30:11.352 Scan stopped
23:30:12.752 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000023
23:30:12.768 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
23:30:12.846 Disk 0 MBR read successfully
23:30:12.862 Disk 0 MBR scan
23:30:12.877 Disk 0 Windows 7 default MBR code
23:30:12.893 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
23:30:12.908 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476588 MB offset 718848
23:30:12.940 Disk 0 scanning C:\Windows\system32\drivers
23:30:23.233 Service scanning
23:30:25.575 Service BHDrvx64 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\BASHDefs\20150521.001\BHDrvx64.sys **LOCKED** 5
23:30:26.604 Service coealhu C:\ProgramData\boostwebapp\1.1.0.31\casasit.exe **INFECTED** Win32:Malware-gen
23:30:28.042 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
23:30:28.186 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
23:30:30.547 Service IDSVia64 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\IPSDefs\20150529.001\IDSvia64.sys **LOCKED** 5
23:30:33.179 Service NAVENG C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20150529.003\ENG64.SYS **LOCKED** 5
23:30:33.367 Service NAVEX15 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20150529.003\EX64.SYS **LOCKED** 5
23:30:36.648 Service pijwojmou C:\ProgramData\boostwebapp\1.1.0.31\caswsit.exe **INFECTED** Win32:Malware-gen
23:30:38.341 Service RejcaBanoki C:\ProgramData\boostwebapp\1.1.0.31\AnaeiTiye.exe **INFECTED** Win32:Adware-gen [Adw]
23:30:42.388 Service tammgR119 C:\Windows\system32\Drivers\tammgR119.sys **LOCKED**
23:30:50.406 Modules scanning
23:30:50.415 Disk 0 trace - called modules:
23:30:50.430
23:30:52.111 AVAST engine scan C:\Windows
23:30:55.196 AVAST engine scan C:\Windows\system32
23:36:22.565 AVAST engine scan C:\Windows\system32\drivers
23:36:47.954 AVAST engine scan C:\Users\Mike
23:41:10.192 AVAST engine scan C:\ProgramData
23:46:00.109 File: C:\ProgramData\boostwebapp\1.1.0.31\AnaeiTiye.exe **INFECTED** Win32:Adware-gen [Adw]
23:46:00.124 File: C:\ProgramData\boostwebapp\1.1.0.31\AnaeiTiye.exe **HIDDEN**
23:46:00.249 File: C:\ProgramData\boostwebapp\1.1.0.31\bispumizopde.exe **INFECTED** Win32:Adware-gen [Adw]
23:46:00.265 File: C:\ProgramData\boostwebapp\1.1.0.31\bispumizopde.exe **HIDDEN**
23:46:00.390 File: C:\ProgramData\boostwebapp\1.1.0.31\bispumizopde64.exe **HIDDEN**
23:46:00.600 File: C:\ProgramData\boostwebapp\1.1.0.31\casasit.EXE **INFECTED** Win32:Malware-gen
23:46:00.614 File: C:\ProgramData\boostwebapp\1.1.0.31\casasit.EXE **HIDDEN**
23:46:00.739 File: C:\ProgramData\boostwebapp\1.1.0.31\casdsit.exe **INFECTED** Win32:Adware-gen [Adw]
23:46:00.755 File: C:\ProgramData\boostwebapp\1.1.0.31\casdsit.exe **HIDDEN**
23:46:01.161 File: C:\ProgramData\boostwebapp\1.1.0.31\casdsitu.dll **HIDDEN**
23:46:01.317 File: C:\ProgramData\boostwebapp\1.1.0.31\caswsit.EXE **INFECTED** Win32:Malware-gen
23:46:01.333 File: C:\ProgramData\boostwebapp\1.1.0.31\caswsit.EXE **HIDDEN**
23:46:01.583 File: C:\ProgramData\boostwebapp\1.1.0.31\freebl3.dll **HIDDEN**
23:46:01.771 File: C:\ProgramData\boostwebapp\1.1.0.31\libnspr4.dll **HIDDEN**
23:46:01.846 File: C:\ProgramData\boostwebapp\1.1.0.31\libplc4.dll **HIDDEN**
23:46:01.966 File: C:\ProgramData\boostwebapp\1.1.0.31\libplds4.dll **HIDDEN**
23:46:02.273 File: C:\ProgramData\boostwebapp\1.1.0.31\nss3.dll **HIDDEN**
23:46:02.523 File: C:\ProgramData\boostwebapp\1.1.0.31\nssckbi.dll **HIDDEN**
23:46:02.711 File: C:\ProgramData\boostwebapp\1.1.0.31\nssdbm3.dll **HIDDEN**
23:46:02.838 File: C:\ProgramData\boostwebapp\1.1.0.31\nssutil3.dll **HIDDEN**
23:46:03.073 File: C:\ProgramData\boostwebapp\1.1.0.31\smime3.dll **HIDDEN**
23:46:03.244 File: C:\ProgramData\boostwebapp\1.1.0.31\softokn3.dll **HIDDEN**
23:46:03.466 File: C:\ProgramData\boostwebapp\1.1.0.31\sqlite3.dll **HIDDEN**
23:46:03.669 File: C:\ProgramData\boostwebapp\1.1.0.31\ssl3.dll **HIDDEN**
23:46:03.747 File: C:\ProgramData\boostwebapp\1.1.0.31\tammg.sys **HIDDEN**
23:46:03.827 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgd.sys **HIDDEN**
23:46:03.921 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgF.sys **HIDDEN**
23:46:04.030 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgFd.sys **HIDDEN**
23:46:04.140 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgOd.sys **HIDDEN**
23:46:04.233 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgR.sys **HIDDEN**
23:46:04.312 File: C:\ProgramData\boostwebapp\1.1.0.31\tammgRd.sys **HIDDEN**
23:46:04.501 File: C:\ProgramData\boostwebapp\1.1.0.31\Uninstaller.exe **INFECTED** Win32:Adware-gen [Adw]
23:46:04.516 File: C:\ProgramData\boostwebapp\1.1.0.31\Uninstaller.exe **HIDDEN**
23:46:04.688 File: C:\ProgramData\boostwebapp\1.1.0.31\utils.exe **HIDDEN**
23:46:04.798 File: C:\ProgramData\boostwebapp\1.1.0.31\Waiidjeb.dll **HIDDEN**
23:46:04.813 File: C:\ProgramData\boostwebapp\1.1.0.31\Waiidjeb.EXE **HIDDEN**
23:46:04.941 File: C:\ProgramData\boostwebapp\1.1.0.31\Waiidjeb64.dll **HIDDEN**
23:46:04.957 Disk 0 statistics 4594162/0/0 @ 3.99 MB/s
23:46:04.957 Scan finished successfully
23:46:17.088 Disk 0 MBR has been saved successfully to "C:\Users\Mike\Desktop\MBR.dat"
23:46:17.088 The log file has been saved successfully to "C:\Users\Mike\Desktop\aswMBR.txt"
Sign In
Create Account
