Jump to content

Recommended Posts

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:25:16, on 08/10/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

C:\Program Files (x86)\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.8.11.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Z Cinema.lnk = ?

O4 - Global Startup: RKLauncher.lnk = C:\Program Files (x86)\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\KYRIAKOS\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.8.11.dll/206 (file missing)

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O13 - Gopher Prefix:

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cs.ucy.ac.cy

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = cs.ucy.ac.cy

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cs.ucy.ac.cy

O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 11823 bytes

Link to post
Share on other sites

Hi,

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download DDS and save it to your desktop.

  • Disable any script blocking protection.
  • Double click dds.com to run the tool..
  • When done, DDS will open two logs (DDS.txt and Attach.txt).
  • Save both reports to your desktop.

Please include the contents of DDS.txt in your next reply.

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4788

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

10/10/2010 15:14:42

mbam-log-2010-10-10 (15-14-42).txt

Scan type: Quick scan

Objects scanned: 144255

Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Hi,

stake sent me his DDS log in a PM:

DDS (Ver_10-10-10.03) - NTFS_AMD64

Run by KYRIAKOS at 15:15:21,88 on 10/10/2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1253.30.1033.18.4087.2603 [GMT 3:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\vcsFPService.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\DigitalPersona\Bin\DpHostW.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

C:\Program Files (x86)\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe

C:\Program Files\Logitech\Z Cinema\Z Cinema.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files\DigitalPersona\Bin\DPAgent.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe

C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Users\KYRIAKOS\Desktop\dds.com

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll

mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll

mWinlogon: Userinit=userinit.exe

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.8.11.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO: Java

Link to post
Share on other sites

Hi,

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

Link to post
Share on other sites

2010/10/10 21:26:41.0528 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59

2010/10/10 21:26:41.0528 ================================================================================

2010/10/10 21:26:41.0528 SystemInfo:

2010/10/10 21:26:41.0528

2010/10/10 21:26:41.0528 OS Version: 6.1.7600 ServicePack: 0.0

2010/10/10 21:26:41.0528 Product type: Workstation

2010/10/10 21:26:41.0528 ComputerName: KYRIAKOS

2010/10/10 21:26:41.0528 UserName: KYRIAKOS

2010/10/10 21:26:41.0528 Windows directory: C:\Windows

2010/10/10 21:26:41.0528 System windows directory: C:\Windows

2010/10/10 21:26:41.0528 Running under WOW64

2010/10/10 21:26:41.0528 Processor architecture: Intel x64

2010/10/10 21:26:41.0528 Number of processors: 8

2010/10/10 21:26:41.0528 Page size: 0x1000

2010/10/10 21:26:41.0528 Boot type: Normal boot

2010/10/10 21:26:41.0528 ================================================================================

2010/10/10 21:26:41.0528 Utility is running under WOW64

2010/10/10 21:26:41.0871 Initialize success

2010/10/10 21:26:44.0960 ================================================================================

2010/10/10 21:26:44.0960 Scan started

2010/10/10 21:26:44.0960 Mode: Manual;

2010/10/10 21:26:44.0960 ================================================================================

2010/10/10 21:26:50.0046 ================================================================================

2010/10/10 21:26:50.0046 Scan finished

2010/10/10 21:26:50.0046 ================================================================================

MBRCheck, version 1.2.3

© 2010, AD

Command-line:

Windows Version: Windows 7 Home Premium Edition

Windows Information: (build 7600), 64-bit

Base Board Manufacturer: Hewlett-Packard

BIOS Manufacturer: Hewlett-Packard

System Manufacturer: Hewlett-Packard

System Product Name: HP Pavilion dv7 Notebook PC

Logical Drives Mask: 0x0000007c

Kernel Drivers (total 244):

0x03202000 \SystemRoot\system32\ntoskrnl.exe

0x037DE000 \SystemRoot\system32\hal.dll

0x00BAE000 \SystemRoot\system32\kdcom.dll

0x00C62000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x00CA6000 \SystemRoot\system32\PSHED.dll

0x00CBA000 \SystemRoot\system32\CLFS.SYS

0x00D18000 \SystemRoot\system32\CI.dll

0x00E45000 \SystemRoot\system32\drivers\Wdf01000.sys

0x00EE9000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x00EF8000 \SystemRoot\system32\DRIVERS\ACPI.sys

0x00F4F000 \SystemRoot\system32\DRIVERS\WMILIB.SYS

0x00F58000 \SystemRoot\system32\DRIVERS\msisadrv.sys

0x00F62000 \SystemRoot\system32\DRIVERS\pci.sys

0x00F95000 \SystemRoot\system32\DRIVERS\vdrvroot.sys

0x00FA2000 \SystemRoot\system32\DRIVERS\isapnp.sys

0x00FAB000 \SystemRoot\system32\DRIVERS\mpio.sys

0x00FD5000 \SystemRoot\System32\drivers\partmgr.sys

0x00FEA000 \SystemRoot\system32\DRIVERS\compbatt.sys

0x00FF3000 \SystemRoot\system32\DRIVERS\BATTC.SYS

0x00E00000 \SystemRoot\system32\DRIVERS\volmgr.sys

0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys

0x00E15000 \SystemRoot\system32\DRIVERS\intelide.sys

0x00E1D000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS

0x00E2D000 \SystemRoot\system32\DRIVERS\aliide.sys

0x00E34000 \SystemRoot\system32\DRIVERS\amdide.sys

0x00E3B000 \SystemRoot\system32\DRIVERS\cmdide.sys

0x00DD8000 \SystemRoot\System32\drivers\mountmgr.sys

0x0101E000 \SystemRoot\system32\DRIVERS\msdsm.sys

0x01044000 \SystemRoot\system32\DRIVERS\nvraid.sys

0x0106D000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

0x0109D000 \SystemRoot\system32\DRIVERS\pciide.sys

0x010A4000 \SystemRoot\system32\DRIVERS\viaide.sys

0x010AC000 \SystemRoot\system32\DRIVERS\iaStorV.sys

0x012D8000 \SystemRoot\system32\DRIVERS\iaStor.sys

0x013F4000 \SystemRoot\system32\DRIVERS\atapi.sys

0x01200000 \SystemRoot\system32\DRIVERS\ataport.SYS

0x0122A000 \SystemRoot\system32\DRIVERS\lsi_sas.sys

0x01247000 \SystemRoot\system32\DRIVERS\storport.sys

0x012A9000 \SystemRoot\system32\DRIVERS\msahci.sys

0x012B4000 \SystemRoot\system32\DRIVERS\HpSAMD.sys

0x01410000 \SystemRoot\system32\DRIVERS\adp94xx.sys

0x0148B000 \SystemRoot\system32\DRIVERS\adpahci.sys

0x014E1000 \SystemRoot\system32\DRIVERS\adpu320.sys

0x01510000 \SystemRoot\system32\DRIVERS\amdsata.sys

0x0152E000 \SystemRoot\system32\DRIVERS\amdsbs.sys

0x01575000 \SystemRoot\system32\DRIVERS\amdxata.sys

0x01580000 \SystemRoot\system32\DRIVERS\arc.sys

0x01599000 \SystemRoot\system32\DRIVERS\arcsas.sys

0x01696000 \SystemRoot\system32\DRIVERS\elxstor.sys

0x0171D000 \SystemRoot\system32\DRIVERS\iirsp.sys

0x0172E000 \SystemRoot\system32\DRIVERS\lsi_fc.sys

0x0174D000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys

0x01760000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys

0x0177F000 \SystemRoot\system32\DRIVERS\megasas.sys

0x0189E000 \SystemRoot\system32\DRIVERS\MegaSR.sys

0x01942000 \SystemRoot\system32\DRIVERS\nfrd960.sys

0x01952000 \SystemRoot\system32\DRIVERS\nvstor.sys

0x01A32000 \SystemRoot\system32\DRIVERS\ql2300.sys

0x0197D000 \SystemRoot\system32\DRIVERS\ql40xx.sys

0x01BD6000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys

0x01BE4000 \SystemRoot\system32\DRIVERS\sisraid4.sys

0x01A00000 \SystemRoot\system32\DRIVERS\stexstor.sys

0x01800000 \SystemRoot\system32\DRIVERS\vsmraid.sys

0x0182A000 \SystemRoot\system32\drivers\fltmgr.sys

0x01A0A000 \SystemRoot\system32\drivers\fileinfo.sys

0x01C2C000 \SystemRoot\System32\Drivers\Ntfs.sys

0x0178B000 \SystemRoot\System32\Drivers\msrpc.sys

0x01DCF000 \SystemRoot\System32\Drivers\ksecdd.sys

0x01600000 \SystemRoot\System32\Drivers\cng.sys

0x01DE9000 \SystemRoot\System32\drivers\pcw.sys

0x01C00000 \SystemRoot\System32\Drivers\Fs_Rec.sys

0x01EF5000 \SystemRoot\system32\drivers\ndis.sys

0x01E00000 \SystemRoot\system32\drivers\NETIO.SYS

0x01E60000 \SystemRoot\System32\Drivers\ksecpkg.sys

0x02002000 \SystemRoot\System32\drivers\tcpip.sys

0x01E8B000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x01ED5000 \SystemRoot\system32\DRIVERS\wd.sys

0x015B4000 \SystemRoot\system32\DRIVERS\volsnap.sys

0x01EDD000 \SystemRoot\System32\Drivers\spldr.sys

0x01C0A000 \SystemRoot\system32\DRIVERS\sbp2port.sys

0x0223D000 \SystemRoot\System32\drivers\rdyboost.sys

0x02277000 \SystemRoot\System32\Drivers\mup.sys

0x02416000 \SystemRoot\system32\DRIVERS\kl1.sys

0x02B75000 \SystemRoot\System32\drivers\hwpolicy.sys

0x02B7E000 \SystemRoot\system32\DRIVERS\hpdskflt.sys

0x02B88000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x02BC2000 \SystemRoot\system32\DRIVERS\disk.sys

0x023A5000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x03E07000 \SystemRoot\system32\DRIVERS\klif.sys

0x03E9D000 \SystemRoot\System32\Drivers\Null.SYS

0x03EA6000 \SystemRoot\System32\Drivers\Beep.SYS

0x03EAD000 \SystemRoot\System32\drivers\vga.sys

0x03EBB000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x03EE0000 \SystemRoot\System32\drivers\watchdog.sys

0x03EF0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x03EF9000 \SystemRoot\system32\drivers\rdpencdd.sys

0x03F02000 \SystemRoot\system32\drivers\rdprefmp.sys

0x03F0B000 \SystemRoot\System32\Drivers\Msfs.SYS

0x03F16000 \SystemRoot\System32\Drivers\Npfs.SYS

0x03F27000 \SystemRoot\system32\DRIVERS\tdx.sys

0x03F45000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x03F52000 \SystemRoot\system32\DRIVERS\kl2.sys

0x03F59000 \SystemRoot\system32\drivers\afd.sys

0x05223000 \SystemRoot\System32\DRIVERS\netbt.sys

0x05268000 \SystemRoot\system32\DRIVERS\wfplwf.sys

0x05271000 \SystemRoot\system32\DRIVERS\pacer.sys

0x05297000 \SystemRoot\system32\DRIVERS\vwififlt.sys

0x052AD000 \SystemRoot\system32\DRIVERS\klim6.sys

0x052B6000 \SystemRoot\system32\DRIVERS\netbios.sys

0x052E2000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x052FD000 \SystemRoot\system32\DRIVERS\termdd.sys

0x05311000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x05362000 \SystemRoot\system32\drivers\nsiproxy.sys

0x0536E000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x05379000 \SystemRoot\System32\drivers\discache.sys

0x05388000 \SystemRoot\System32\Drivers\dfsc.sys

0x053A6000 \SystemRoot\system32\DRIVERS\blbdrive.sys

0x053B7000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x053DD000 \SystemRoot\system32\DRIVERS\CmBatt.sys

0x1104E000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys

0x11CE0000 \SystemRoot\system32\DRIVERS\nvBridge.kmd

0x11CE2000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x11000000 \SystemRoot\System32\drivers\dxgmms1.sys

0x11DD6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x053E2000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x0542B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x05A29000 \SystemRoot\system32\DRIVERS\NETwNs64.sys

0x061AB000 \SystemRoot\System32\Drivers\fastfat.SYS

0x061E1000 \SystemRoot\system32\DRIVERS\vwifibus.sys

0x054C4000 \SystemRoot\system32\DRIVERS\1394ohci.sys

0x05502000 \SystemRoot\system32\DRIVERS\jmcr.sys

0x0552F000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS

0x05A00000 \SystemRoot\system32\DRIVERS\enecir.sys

0x0555E000 \SystemRoot\system32\DRIVERS\i8042prt.sys

0x05A1D000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys

0x061EE000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x06250000 \SystemRoot\system32\DRIVERS\SynTP.sys

0x063A7000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x063A9000 \SystemRoot\system32\DRIVERS\klmouflt.sys

0x063B3000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x063C2000 \SystemRoot\system32\DRIVERS\Accelerometer.sys

0x063CF000 \SystemRoot\system32\DRIVERS\wmiacpi.sys

0x063D8000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x063EE000 \SystemRoot\system32\DRIVERS\CompositeBus.sys

0x06200000 \SystemRoot\system32\DRIVERS\dne64x.sys

0x0622C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

0x0557C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x06242000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x055A0000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x055CF000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x05400000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x05200000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x0624E000 \SystemRoot\system32\DRIVERS\swenum.sys

0x06485000 \SystemRoot\system32\DRIVERS\ks.sys

0x064C8000 \SystemRoot\system32\DRIVERS\circlass.sys

0x064DA000 \SystemRoot\system32\DRIVERS\umbus.sys

0x064EC000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x06546000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x0655B000 \SystemRoot\system32\drivers\nvhda64v.sys

0x0657E000 \SystemRoot\system32\drivers\portcls.sys

0x065BB000 \SystemRoot\system32\drivers\drmk.sys

0x065DD000 \SystemRoot\system32\drivers\ksthunk.sys

0x06400000 \SystemRoot\system32\DRIVERS\stwrt64.sys

0x065E3000 \SystemRoot\system32\DRIVERS\hidir.sys

0x052C5000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

0x065F4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

0x055EA000 \SystemRoot\system32\DRIVERS\kbdhid.sys

0x053F3000 \SystemRoot\system32\DRIVERS\mouhid.sys

0x00030000 \SystemRoot\System32\win32k.sys

0x03FE3000 \SystemRoot\System32\drivers\Dxapi.sys

0x03FEF000 \SystemRoot\system32\DRIVERS\monitor.sys

0x02400000 \SystemRoot\system32\DRIVERS\hidusb.sys

0x005F0000 \SystemRoot\System32\TSDDD.dll

0x02BD8000 \SystemRoot\System32\Drivers\crashdmp.sys

0x02289000 \SystemRoot\System32\Drivers\dump_iaStor.sys

0x02BE6000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x00790000 \SystemRoot\System32\cdd.dll

0x00860000 \SystemRoot\System32\ATMFD.DLL

0x023CF000 \SystemRoot\system32\drivers\luafv.sys

0x02200000 \SystemRoot\system32\drivers\WudfPf.sys

0x01876000 \SystemRoot\system32\DRIVERS\usbccgp.sys

0x02221000 \SystemRoot\system32\DRIVERS\WinUSB.sys

0x019DC000 \SystemRoot\system32\drivers\usbaudio.sys

0x055F8000 \SystemRoot\system32\drivers\ZCinema_SRS_amd64.sys

0x011CA000 \SystemRoot\System32\Drivers\usbvideo.sys

0x05481000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x04E5A000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x04EAD000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x04EC0000 \SystemRoot\system32\DRIVERS\rspndr.sys

0x04ED8000 \SystemRoot\system32\DRIVERS\TurboB.sys

0x04EDF000 \SystemRoot\system32\drivers\HTTP.sys

0x04FA7000 \SystemRoot\system32\DRIVERS\bowser.sys

0x04FC5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x04E00000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x05496000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x07EE1000 \SystemRoot\system32\drivers\peauth.sys

0x07F87000 \SystemRoot\System32\Drivers\secdrv.SYS

0x07F92000 \SystemRoot\System32\DRIVERS\srvnet.sys

0x07FBF000 \SystemRoot\System32\drivers\tcpipreg.sys

0x07E00000 \SystemRoot\System32\DRIVERS\srv2.sys

0x09015000 \SystemRoot\System32\DRIVERS\srv.sys

0x090AD000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys

0x0913A000 \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys

0x09142000 \SystemRoot\system32\DRIVERS\DKRtWrt.sys

0x76E70000 \Windows\System32\ntdll.dll

0x47E70000 \Windows\System32\smss.exe

0xFF190000 \Windows\System32\apisetschema.dll

0xFFAC0000 \Windows\System32\autochk.exe

0xFF0A0000 \Windows\System32\oleaut32.dll

0x77040000 \Windows\System32\psapi.dll

0xFF020000 \Windows\System32\difxapi.dll

0xFEFD0000 \Windows\System32\ws2_32.dll

0xFEDF0000 \Windows\System32\setupapi.dll

0xFECE0000 \Windows\System32\msctf.dll

0xFECC0000 \Windows\System32\sechost.dll

0x77030000 \Windows\System32\normaliz.dll

0x76D70000 \Windows\System32\user32.dll

0xFEC70000 \Windows\System32\Wldap32.dll

0xFEC40000 \Windows\System32\imm32.dll

0xFEC30000 \Windows\System32\lpk.dll

0x76C50000 \Windows\System32\kernel32.dll

0xFEB90000 \Windows\System32\clbcatq.dll

0xFEB20000 \Windows\System32\gdi32.dll

0xFE9F0000 \Windows\System32\wininet.dll

0xFE790000 \Windows\System32\iertutil.dll

0xFE6F0000 \Windows\System32\comdlg32.dll

0xFE610000 \Windows\System32\advapi32.dll

0xFD880000 \Windows\System32\shell32.dll

0xFD870000 \Windows\System32\nsi.dll

0xFD740000 \Windows\System32\rpcrt4.dll

0xFD6C0000 \Windows\System32\shlwapi.dll

0xFD4B0000 \Windows\System32\ole32.dll

0xFD330000 \Windows\System32\urlmon.dll

0xFD290000 \Windows\System32\msvcrt.dll

0xFD1C0000 \Windows\System32\usp10.dll

0xFD1A0000 \Windows\System32\imagehlp.dll

0xFD160000 \Windows\System32\wintrust.dll

0xFCFF0000 \Windows\System32\crypt32.dll

0xFCF80000 \Windows\System32\KernelBase.dll

0xFCF40000 \Windows\System32\cfgmgr32.dll

0xFCEA0000 \Windows\System32\comctl32.dll

0xFCE80000 \Windows\System32\devobj.dll

0xFCE70000 \Windows\System32\msasn1.dll

0x75580000 \Windows\SysWOW64\normaliz.dll

Processes (total 60):

0 System Idle Process

4 System

444 C:\Windows\System32\smss.exe

596 csrss.exe

676 C:\Windows\System32\wininit.exe

696 csrss.exe

748 C:\Windows\System32\services.exe

768 C:\Windows\System32\lsass.exe

776 C:\Windows\System32\lsm.exe

896 C:\Windows\System32\svchost.exe

968 C:\Windows\System32\nvvsvc.exe

160 C:\Windows\System32\svchost.exe

508 C:\Windows\System32\svchost.exe

844 C:\Windows\System32\winlogon.exe

1032 C:\Windows\System32\svchost.exe

1072 C:\Windows\System32\svchost.exe

1112 C:\Program Files\IDT\WDM\stacsv64.exe

1308 C:\Windows\System32\svchost.exe

1372 C:\Windows\System32\hpservice.exe

1512 C:\Windows\System32\vcsFPService.exe

1584 C:\Windows\System32\svchost.exe

1728 C:\Windows\System32\spoolsv.exe

1780 C:\Program Files\DigitalPersona\Bin\DpHostW.exe

1796 C:\Windows\System32\nvvsvc.exe

1968 C:\Windows\System32\svchost.exe

1424 C:\Windows\System32\taskhost.exe

1432 C:\Program Files\IDT\WDM\AESTSr64.exe

1392 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

2080 C:\Windows\System32\dwm.exe

2144 C:\Windows\explorer.exe

2176 C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

2340 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

2388 C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

2444 C:\Windows\System32\svchost.exe

2480 C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE

2544 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

2684 C:\Windows\System32\svchost.exe

2828 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

2852 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

2908 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

2204 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

608 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe

1324 C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

1524 C:\Program Files (x86)\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe

3164 C:\Program Files\Logitech\Z Cinema\Z Cinema.exe

3260 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

3276 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

3444 C:\Program Files\DigitalPersona\Bin\DpAgent.exe

3944 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

2424 WmiPrvSE.exe

2836 C:\Windows\System32\svchost.exe

3152 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

2376 C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

3996 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe

4100 C:\Windows\System32\svchost.exe

4268 C:\Program Files (x86)\Mozilla Firefox\firefox.exe

4308 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe

1228 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

3824 C:\Users\KYRIAKOS\Desktop\MBRCheck.exe

4988 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)

\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000046`44800000 (NTFS)

\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000004a`7f500000 (FAT32)

\\.\G: --> \\.\PhysicalDrive0 at offset 0x00000020`c4800000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS725032A9A364, Rev: PC3OC72E

Size Device Name MBR Status

--------------------------------------------

298 GB \\.\PhysicalDrive0 Unknown MBR code

SHA1: 2A4562D85D0AA086E7F1FC175DA2A1ED16B13009

Found non-standard or infected MBR.

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

Link to post
Share on other sites

Hi,

Hiren's BootCD

  • *** Please print these instructions ***
  1. Download Hiren's BootCD to the desktop.
  2. Extract the zipped HirensBootCD.zip to your desktop.
  3. Open the extracted HirensBootCD folder and extract the zipped HirensBootCD.iso.
  4. Double click the BurnToCD.cmd bat file contained in the HirensBootCD folder. This will launch BurnCDCC.
  5. Insert a blank CD in your drive.
  6. Press Start. This will burn the image to disc. After it has completed...
  7. Restart your sick computer and boot from the HBCD you created.

    • If your PC is not booting from the CD, you need to change the boot order:
      • Restart your PC
      • As soon as you get an image, press the Setup key. This is usually F2, F10, F12 or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
      • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
      • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
      • The tab should now show your current boot order.
      • If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
      • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.

[*]Your PC should now boot from your CD.

[*]Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

[*]When the CD boots choose "DOS BootCD".

10.2_startup.gif

At the Hiren's BootCD main menu, select Next and hit Enter.

main_menu.gif

At the second menu select 1 MBR (Master Boot Record)Tools

menu2.gif

In the list of MBR Tools select 1 MBR Work 1.08

mbr_tool.gif

This screen will show the hard drive configuration.

mbr_tool_fix.gif

Type 5 to Install standard MBR code then hit Enter

Type 1 to select Standard then hit Enter

Type Y then hit Enter to confirm

Type E then hit Enter to exit

Press Ctrl+Alt+Del to restart the machine

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

After that, run MBRCheck again. A report will be produced on the desktop. Post that report in your next reply.

Link to post
Share on other sites

MBRCheck, version 1.2.3

© 2010, AD

Command-line:

Windows Version: Windows 7 Home Premium Edition

Windows Information: (build 7600), 64-bit

Base Board Manufacturer: Hewlett-Packard

BIOS Manufacturer: Hewlett-Packard

System Manufacturer: Hewlett-Packard

System Product Name: HP Pavilion dv7 Notebook PC

Logical Drives Mask: 0x0000007c

Kernel Drivers (total 244):

0x03266000 \SystemRoot\system32\ntoskrnl.exe

0x0321D000 \SystemRoot\system32\hal.dll

0x00B9F000 \SystemRoot\system32\kdcom.dll

0x00CB5000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x00CF9000 \SystemRoot\system32\PSHED.dll

0x00D0D000 \SystemRoot\system32\CLFS.SYS

0x00E4C000 \SystemRoot\system32\CI.dll

0x00F0C000 \SystemRoot\system32\drivers\Wdf01000.sys

0x00FB0000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x00D6B000 \SystemRoot\system32\DRIVERS\ACPI.sys

0x00FBF000 \SystemRoot\system32\DRIVERS\WMILIB.SYS

0x00FC8000 \SystemRoot\system32\DRIVERS\msisadrv.sys

0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys

0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys

0x00E40000 \SystemRoot\system32\DRIVERS\isapnp.sys

0x00FD2000 \SystemRoot\system32\DRIVERS\mpio.sys

0x00DC2000 \SystemRoot\System32\drivers\partmgr.sys

0x00DD7000 \SystemRoot\system32\DRIVERS\compbatt.sys

0x00DE0000 \SystemRoot\system32\DRIVERS\BATTC.SYS

0x00C00000 \SystemRoot\system32\DRIVERS\volmgr.sys

0x00C15000 \SystemRoot\System32\drivers\volmgrx.sys

0x00C71000 \SystemRoot\system32\DRIVERS\intelide.sys

0x00C79000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS

0x00C89000 \SystemRoot\system32\DRIVERS\aliide.sys

0x00C90000 \SystemRoot\system32\DRIVERS\amdide.sys

0x00C97000 \SystemRoot\system32\DRIVERS\cmdide.sys

0x010FF000 \SystemRoot\System32\drivers\mountmgr.sys

0x01119000 \SystemRoot\system32\DRIVERS\msdsm.sys

0x0113F000 \SystemRoot\system32\DRIVERS\nvraid.sys

0x01168000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

0x01198000 \SystemRoot\system32\DRIVERS\pciide.sys

0x0119F000 \SystemRoot\system32\DRIVERS\viaide.sys

0x0129F000 \SystemRoot\system32\DRIVERS\iaStorV.sys

0x01479000 \SystemRoot\system32\DRIVERS\iaStor.sys

0x01595000 \SystemRoot\system32\DRIVERS\atapi.sys

0x0159E000 \SystemRoot\system32\DRIVERS\ataport.SYS

0x015C8000 \SystemRoot\system32\DRIVERS\lsi_sas.sys

0x01400000 \SystemRoot\system32\DRIVERS\storport.sys

0x01462000 \SystemRoot\system32\DRIVERS\msahci.sys

0x015E5000 \SystemRoot\system32\DRIVERS\HpSAMD.sys

0x01200000 \SystemRoot\system32\DRIVERS\adp94xx.sys

0x011A7000 \SystemRoot\system32\DRIVERS\adpahci.sys

0x013BD000 \SystemRoot\system32\DRIVERS\adpu320.sys

0x0127B000 \SystemRoot\system32\DRIVERS\amdsata.sys

0x01000000 \SystemRoot\system32\DRIVERS\amdsbs.sys

0x0146D000 \SystemRoot\system32\DRIVERS\amdxata.sys

0x01047000 \SystemRoot\system32\DRIVERS\arc.sys

0x01060000 \SystemRoot\system32\DRIVERS\arcsas.sys

0x016EA000 \SystemRoot\system32\DRIVERS\elxstor.sys

0x01771000 \SystemRoot\system32\DRIVERS\iirsp.sys

0x01782000 \SystemRoot\system32\DRIVERS\lsi_fc.sys

0x017A1000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys

0x017B4000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys

0x017D3000 \SystemRoot\system32\DRIVERS\megasas.sys

0x01600000 \SystemRoot\system32\DRIVERS\MegaSR.sys

0x016A4000 \SystemRoot\system32\DRIVERS\nfrd960.sys

0x016B4000 \SystemRoot\system32\DRIVERS\nvstor.sys

0x01818000 \SystemRoot\system32\DRIVERS\ql2300.sys

0x0107B000 \SystemRoot\system32\DRIVERS\ql40xx.sys

0x019BC000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys

0x019CA000 \SystemRoot\system32\DRIVERS\sisraid4.sys

0x019E2000 \SystemRoot\system32\DRIVERS\stexstor.sys

0x01AF0000 \SystemRoot\system32\DRIVERS\vsmraid.sys

0x01B1A000 \SystemRoot\system32\drivers\fltmgr.sys

0x01B66000 \SystemRoot\system32\drivers\fileinfo.sys

0x01C53000 \SystemRoot\System32\Drivers\Ntfs.sys

0x01B7A000 \SystemRoot\System32\Drivers\msrpc.sys

0x01C00000 \SystemRoot\System32\Drivers\ksecdd.sys

0x01A00000 \SystemRoot\System32\Drivers\cng.sys

0x01C1A000 \SystemRoot\System32\drivers\pcw.sys

0x01C2B000 \SystemRoot\System32\Drivers\Fs_Rec.sys

0x01EC7000 \SystemRoot\system32\drivers\ndis.sys

0x01E00000 \SystemRoot\system32\drivers\NETIO.SYS

0x01E60000 \SystemRoot\System32\Drivers\ksecpkg.sys

0x02003000 \SystemRoot\System32\drivers\tcpip.sys

0x01A73000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x01E8B000 \SystemRoot\system32\DRIVERS\wd.sys

0x022A5000 \SystemRoot\system32\DRIVERS\volsnap.sys

0x022F1000 \SystemRoot\System32\Drivers\spldr.sys

0x022F9000 \SystemRoot\system32\DRIVERS\sbp2port.sys

0x02316000 \SystemRoot\System32\drivers\rdyboost.sys

0x02350000 \SystemRoot\System32\Drivers\mup.sys

0x0240B000 \SystemRoot\system32\DRIVERS\kl1.sys

0x02B6A000 \SystemRoot\System32\drivers\hwpolicy.sys

0x02B73000 \SystemRoot\system32\DRIVERS\hpdskflt.sys

0x02B7D000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x02BB7000 \SystemRoot\system32\DRIVERS\disk.sys

0x0539A000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x02362000 \SystemRoot\system32\DRIVERS\klif.sys

0x053C4000 \SystemRoot\System32\Drivers\Null.SYS

0x053CD000 \SystemRoot\System32\Drivers\Beep.SYS

0x053D4000 \SystemRoot\System32\drivers\vga.sys

0x05200000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x05225000 \SystemRoot\System32\drivers\watchdog.sys

0x05235000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x0523E000 \SystemRoot\system32\drivers\rdpencdd.sys

0x05247000 \SystemRoot\system32\drivers\rdprefmp.sys

0x05250000 \SystemRoot\System32\Drivers\Msfs.SYS

0x053E2000 \SystemRoot\System32\Drivers\Npfs.SYS

0x02BDB000 \SystemRoot\system32\DRIVERS\tdx.sys

0x053F3000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x0525B000 \SystemRoot\system32\DRIVERS\kl2.sys

0x02200000 \SystemRoot\system32\drivers\afd.sys

0x01FB9000 \SystemRoot\System32\DRIVERS\netbt.sys

0x05262000 \SystemRoot\system32\DRIVERS\wfplwf.sys

0x01E93000 \SystemRoot\system32\DRIVERS\pacer.sys

0x0228A000 \SystemRoot\system32\DRIVERS\vwififlt.sys

0x02400000 \SystemRoot\system32\DRIVERS\klim6.sys

0x01C35000 \SystemRoot\system32\DRIVERS\netbios.sys

0x01BD8000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x01ABD000 \SystemRoot\system32\DRIVERS\termdd.sys

0x05441000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x05492000 \SystemRoot\system32\drivers\nsiproxy.sys

0x0549E000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x054A9000 \SystemRoot\System32\drivers\discache.sys

0x054B8000 \SystemRoot\System32\Drivers\dfsc.sys

0x054D6000 \SystemRoot\system32\DRIVERS\blbdrive.sys

0x054E7000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x0550D000 \SystemRoot\system32\DRIVERS\CmBatt.sys

0x11001000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys

0x11C93000 \SystemRoot\system32\DRIVERS\nvBridge.kmd

0x11C95000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x11D89000 \SystemRoot\System32\drivers\dxgmms1.sys

0x11DCF000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x05512000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x05523000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x05A34000 \SystemRoot\system32\DRIVERS\NETwNs64.sys

0x061B6000 \SystemRoot\System32\Drivers\fastfat.SYS

0x061EC000 \SystemRoot\system32\DRIVERS\vwifibus.sys

0x055BC000 \SystemRoot\system32\DRIVERS\1394ohci.sys

0x05A00000 \SystemRoot\system32\DRIVERS\jmcr.sys

0x05400000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS

0x01AD1000 \SystemRoot\system32\DRIVERS\enecir.sys

0x017DF000 \SystemRoot\system32\DRIVERS\i8042prt.sys

0x11DF3000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys

0x0542F000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x06295000 \SystemRoot\system32\DRIVERS\SynTP.sys

0x063EC000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x063EE000 \SystemRoot\system32\DRIVERS\klmouflt.sys

0x06200000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x0620F000 \SystemRoot\system32\DRIVERS\Accelerometer.sys

0x0621C000 \SystemRoot\system32\DRIVERS\wmiacpi.sys

0x06225000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x0623B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys

0x0624B000 \SystemRoot\system32\DRIVERS\dne64x.sys

0x06277000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

0x010DA000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x01EB9000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x0641A000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x06449000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x06464000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x06485000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x0649F000 \SystemRoot\system32\DRIVERS\swenum.sys

0x064A1000 \SystemRoot\system32\DRIVERS\ks.sys

0x064E4000 \SystemRoot\system32\DRIVERS\circlass.sys

0x064F6000 \SystemRoot\system32\DRIVERS\umbus.sys

0x06508000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x06562000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x06577000 \SystemRoot\system32\drivers\nvhda64v.sys

0x0659A000 \SystemRoot\system32\drivers\portcls.sys

0x065D7000 \SystemRoot\system32\drivers\drmk.sys

0x065F9000 \SystemRoot\system32\drivers\ksthunk.sys

0x07C18000 \SystemRoot\system32\DRIVERS\stwrt64.sys

0x07C9A000 \SystemRoot\system32\DRIVERS\hidir.sys

0x07CAB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

0x07CC4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

0x07CCD000 \SystemRoot\system32\DRIVERS\kbdhid.sys

0x07CDB000 \SystemRoot\system32\DRIVERS\mouhid.sys

0x07CE8000 \SystemRoot\system32\DRIVERS\WinUSB.sys

0x07CF9000 \SystemRoot\system32\DRIVERS\hidusb.sys

0x07D07000 \SystemRoot\system32\DRIVERS\usbccgp.sys

0x000E0000 \SystemRoot\System32\win32k.sys

0x07D24000 \SystemRoot\System32\drivers\Dxapi.sys

0x07D30000 \SystemRoot\system32\drivers\usbaudio.sys

0x07D4B000 \SystemRoot\system32\drivers\ZCinema_SRS_amd64.sys

0x07D4F000 \SystemRoot\System32\Drivers\usbvideo.sys

0x07D7D000 \SystemRoot\System32\Drivers\crashdmp.sys

0x0526B000 \SystemRoot\System32\Drivers\dump_iaStor.sys

0x07D8B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x07D9E000 \SystemRoot\system32\DRIVERS\monitor.sys

0x00590000 \SystemRoot\System32\TSDDD.dll

0x00680000 \SystemRoot\System32\cdd.dll

0x00930000 \SystemRoot\System32\ATMFD.DLL

0x07DAC000 \SystemRoot\system32\drivers\luafv.sys

0x07DCF000 \SystemRoot\system32\drivers\WudfPf.sys

0x07C00000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x04A74000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x04AC7000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x04ADA000 \SystemRoot\system32\DRIVERS\rspndr.sys

0x04AF2000 \SystemRoot\system32\DRIVERS\TurboB.sys

0x04AF9000 \SystemRoot\system32\drivers\HTTP.sys

0x04BC1000 \SystemRoot\system32\DRIVERS\bowser.sys

0x04A00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x08EA9000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x08EF7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x08F1A000 \SystemRoot\system32\drivers\peauth.sys

0x08FC0000 \SystemRoot\System32\Drivers\secdrv.SYS

0x08FCB000 \SystemRoot\System32\DRIVERS\srvnet.sys

0x08E00000 \SystemRoot\System32\drivers\tcpipreg.sys

0x08E12000 \SystemRoot\System32\DRIVERS\srv2.sys

0x0A699000 \SystemRoot\System32\DRIVERS\srv.sys

0x0A72F000 \SystemRoot\system32\drivers\MSPQM.sys

0x0A731000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys

0x0A7BE000 \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys

0x77650000 \Windows\System32\ntdll.dll

0x48120000 \Windows\System32\smss.exe

0xFF970000 \Windows\System32\apisetschema.dll

0xFFB60000 \Windows\System32\autochk.exe

0xFF940000 \Windows\System32\imagehlp.dll

0x77530000 \Windows\System32\kernel32.dll

0x77430000 \Windows\System32\user32.dll

0xFF8F0000 \Windows\System32\Wldap32.dll

0xFEB60000 \Windows\System32\shell32.dll

0xFEA30000 \Windows\System32\wininet.dll

0xFEA10000 \Windows\System32\sechost.dll

0xFE970000 \Windows\System32\clbcatq.dll

0xFE7F0000 \Windows\System32\urlmon.dll

0xFE750000 \Windows\System32\msvcrt.dll

0x77820000 \Windows\System32\psapi.dll

0xFE680000 \Windows\System32\usp10.dll

0xFE600000 \Windows\System32\difxapi.dll

0xFE5F0000 \Windows\System32\nsi.dll

0xFE410000 \Windows\System32\setupapi.dll

0xFE3E0000 \Windows\System32\imm32.dll

0xFE300000 \Windows\System32\oleaut32.dll

0xFE1D0000 \Windows\System32\rpcrt4.dll

0xFE160000 \Windows\System32\gdi32.dll

0xFDF00000 \Windows\System32\iertutil.dll

0x77810000 \Windows\System32\normaliz.dll

0xFDCF0000 \Windows\System32\ole32.dll

0xFDBE0000 \Windows\System32\msctf.dll

0xFDB00000 \Windows\System32\advapi32.dll

0xFDA60000 \Windows\System32\comdlg32.dll

0xFDA10000 \Windows\System32\ws2_32.dll

0xFD990000 \Windows\System32\shlwapi.dll

0xFD980000 \Windows\System32\lpk.dll

0xFD940000 \Windows\System32\cfgmgr32.dll

0xFD8D0000 \Windows\System32\KernelBase.dll

0xFD760000 \Windows\System32\crypt32.dll

0xFD6C0000 \Windows\System32\comctl32.dll

0xFD6A0000 \Windows\System32\devobj.dll

0xFD660000 \Windows\System32\wintrust.dll

0xFD650000 \Windows\System32\msasn1.dll

0x755D0000 \Windows\SysWOW64\normaliz.dll

Processes (total 60):

0 System Idle Process

4 System

444 C:\Windows\System32\smss.exe

588 csrss.exe

672 C:\Windows\System32\wininit.exe

692 csrss.exe

744 C:\Windows\System32\services.exe

764 C:\Windows\System32\lsass.exe

772 C:\Windows\System32\lsm.exe

888 C:\Windows\System32\svchost.exe

956 C:\Windows\System32\nvvsvc.exe

1004 C:\Windows\System32\svchost.exe

420 C:\Windows\System32\svchost.exe

604 C:\Windows\System32\svchost.exe

832 C:\Windows\System32\svchost.exe

1052 C:\Program Files\IDT\WDM\stacsv64.exe

1148 C:\Windows\System32\audiodg.exe

1204 C:\Windows\System32\svchost.exe

1264 C:\Windows\System32\hpservice.exe

1324 C:\Windows\System32\vcsFPService.exe

1388 C:\Windows\System32\svchost.exe

1492 C:\Windows\System32\winlogon.exe

1620 C:\Windows\System32\spoolsv.exe

1672 C:\Program Files\DigitalPersona\Bin\DpHostW.exe

1780 C:\Windows\System32\nvvsvc.exe

1844 C:\Windows\System32\svchost.exe

1928 C:\Program Files\IDT\WDM\AESTSr64.exe

1956 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

1300 C:\Windows\System32\taskhost.exe

1996 C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

2040 C:\Windows\System32\dwm.exe

2100 C:\Windows\explorer.exe

2300 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

2340 C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

2416 C:\Windows\System32\svchost.exe

2452 C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE

2516 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

2580 C:\Windows\System32\svchost.exe

2788 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

2796 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

2868 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

2960 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

2972 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

2172 C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

3036 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

1908 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

2372 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

1244 C:\Program Files (x86)\RK Launcher\RK Launcher 0.41 Beta Nightly\RKLauncher.exe

460 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe

3004 C:\Program Files\Logitech\Z Cinema\Z Cinema.exe

2148 C:\Program Files\DigitalPersona\Bin\DpAgent.exe

3488 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

3608 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\wmi64.exe

3708 WmiPrvSE.exe

3912 C:\Windows\System32\svchost.exe

3956 C:\Windows\System32\svchost.exe

3544 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

4232 C:\Users\KYRIAKOS\Desktop\MBRCheck.exe

4256 C:\Windows\System32\conhost.exe

4332 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)

\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000046`44800000 (NTFS)

\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000004a`7f500000 (FAT32)

\\.\G: --> \\.\PhysicalDrive0 at offset 0x00000020`c4800000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS725032A9A364, Rev: PC3OC72E

Size Device Name MBR Status

--------------------------------------------

298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected

SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!

i use my windows 7 DVD ... what about the crashes during the pc is running ?

Link to post
Share on other sites

Hi,

I'm not sure if those crashes are malware related. I'd like you to do a final scan.

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.