Jump to content

Recommended Posts

Hi everyone,

I am having some troubling issues with my pc. It gets stuck on the splash screen when I am trying to boot it up, the only way I can boot it is to go through the actual boot menu. I am unable to use system restore, It says it's going to work but then it doesn't and says there is an unspecified error. And then there are the minor issues of my camera won't initialize and I keep getting a message that an unknown usb device is malfunctioning. The latter two have been hallmarks of infection in the past.

I have run malwarebytes and avira and both have come up clean. I have run defogger, dds, and gmer. GMER came up with "Hasn't found any system modification"

Here is the dds.txt And I will attach attach

Thanks!!!

.

DDS (Ver_11-03-05.01) - NTFS_AMD64

Run by Atani at 19:06:18.93 on Sun 04/03/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4059.2174 [GMT -5:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\windows\system32\conhost.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\ThpSrv.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\System32\rundll32.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\igfxpers.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\ltmoh\ltmoh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\TECO\TEco.exe

C:\Windows\System32\ThpSrv.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\windows\system32\conhost.exe

C:\windows\system32\igfxext.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\LSI SoftModem\agr64svc.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\TOSHIBA\rselect\RSelSvc.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\windows\system32\taskeng.exe

C:\windows\splwow64.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\Users\Atani\Desktop\dds.scr

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [backupNowEZtray] "C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe" -k

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

mRun-x64: [(Default)]

mRun-x64: [igfxTray] C:\windows\system32\igfxtray.exe

mRun-x64: [HotKeysCmds] C:\windows\system32\hkcmd.exe

mRun-x64: [Persistence] C:\windows\system32\igfxpers.exe

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

mRun-x64: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe

mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun-x64: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

mRun-x64: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun-x64: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe

mRun-x64: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r

mRun-x64: [ThpSrv] C:\windows\system32\thpsrv /logon

mRun-x64: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

mRun-x64: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Atani\AppData\Roaming\Mozilla\Firefox\Profiles\sdps91d4.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.mail.yahoo.com/

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-8-24 529000]

R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\Windows\System32\drivers\thpdrv.sys [2009-6-29 34880]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\System32\drivers\Thpevm.sys [2009-6-29 14784]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2010-7-8 482384]

R1 PMCF;PMCF;C:\Windows\System32\drivers\PMCF.sys [2010-7-8 16448]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-15 135336]

R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-15 269480]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2010-12-15 83120]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]

R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]

R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]

R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe [2010-2-22 45312]

R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2010-7-8 60416]

R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2010-7-8 81408]

R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2010-7-8 55808]

R2 RSELSVC;TOSHIBA Modem region select service;C:\Program Files\TOSHIBA\rselect\RSelSvc.exe [2009-7-7 65904]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-27 251760]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-8 215040]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-7-8 946688]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-7-8 54136]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-9-17 137560]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]

S2 0168891292591375mcinstcleanup;McAfee Application Installer Cleanup (0168891292591375);C:\Users\Atani\AppData\Local\Temp\016889~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Users\Atani\AppData\Local\Temp\016889~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-30 135664]

S2 McShield;McAfee Real-time Scanner;C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe --> C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [?]

S3 McSysmon;McAfee SystemGuards;C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe --> C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [?]

S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-9-30 102472]

S3 mferkdk;McAfee Inc. mferkdk;C:\Windows\System32\drivers\mferkdk.sys [2010-9-30 40904]

S3 mfesmfk;McAfee Inc. mfesmfk;C:\Windows\System32\drivers\mfesmfk.sys [2010-9-30 49480]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-7-8 35008]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-2 1255736]

.

=============== Created Last 30 ================

.

2011-04-03 03:37:36 -------- d-----w- C:\Program Files (x86)\ESET

2011-04-03 02:46:09 -------- d-----w- C:\Program Files (x86)\Ingram Media Manager

2011-04-03 02:43:12 -------- d-----w- C:\Users\Atani\AppData\Local\Apps

2011-04-01 08:57:30 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{202F48D6-1D54-485E-A980-3BEB648D25B6}\mpengine.dll

2011-03-30 15:40:32 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

2011-03-30 15:40:31 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll

2011-03-30 15:40:31 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll

2011-03-30 15:40:31 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll

2011-03-30 15:40:31 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll

2011-03-30 15:40:31 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2011-03-30 15:40:31 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll

2011-03-30 15:40:31 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll

2011-03-24 20:24:45 -------- d-----w- C:\PROGRA~3\NTIReg

2011-03-24 20:20:54 18432 ----a-w- C:\windows\System32\drivers\NTIDrvr.sys

2011-03-24 20:20:54 16896 ----a-w- C:\windows\System32\drivers\UBHelper.sys

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\Xp_x86

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\w2k_x86

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\Vista_x86

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\Vista_ia64

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\Vista_amd64

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\2003_x86

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\2003_ia64

2011-03-24 20:20:33 -------- d-----w- C:\windows\SysWow64\drivers\nti\2003_amd64

2011-03-24 20:20:20 -------- d-----w- C:\windows\SysWow64\drivers\nti

2011-03-24 20:20:20 -------- d-----w- C:\Program Files (x86)\NewTech Infosystems

2011-03-08 23:35:57 -------- d-----w- C:\Users\Atani\AppData\Local\Electronic Arts

2011-03-08 02:08:32 445504 ----a-r- C:\windows\SysWow64\vp6vfw.dll

.

==================== Find3M ====================

.

2011-02-19 06:37:44 1135104 ----a-w- C:\windows\System32\FntCache.dll

2011-02-19 06:37:10 1540608 ----a-w- C:\windows\System32\DWrite.dll

2011-02-19 06:36:49 902656 ----a-w- C:\windows\System32\d2d1.dll

2011-02-19 05:32:48 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll

2011-02-19 05:32:35 739840 ----a-w- C:\windows\SysWow64\d2d1.dll

2011-02-02 23:11:20 270720 ------w- C:\windows\System32\MpSigStub.exe

2011-01-26 06:53:10 982912 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys

2011-01-26 06:53:10 265088 ----a-w- C:\windows\System32\drivers\dxgmms1.sys

2011-01-26 06:31:20 144384 ----a-w- C:\windows\System32\cdd.dll

2011-01-07 08:07:24 662528 ----a-w- C:\windows\System32\XpsPrint.dll

2011-01-07 08:07:24 475648 ----a-w- C:\windows\System32\XpsGdiConverter.dll

2011-01-07 08:06:50 46080 ----a-w- C:\windows\System32\atmlib.dll

2011-01-07 07:31:10 442880 ----a-w- C:\windows\SysWow64\XpsPrint.dll

2011-01-07 07:31:10 288256 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll

2011-01-07 07:27:11 34304 ----a-w- C:\windows\SysWow64\atmlib.dll

2011-01-07 05:49:20 366080 ----a-w- C:\windows\System32\atmfd.dll

2011-01-07 05:33:11 294400 ----a-w- C:\windows\SysWow64\atmfd.dll

2011-01-05 06:20:30 612352 ----a-w- C:\windows\System32\vbscript.dll

2011-01-05 05:37:33 428032 ----a-w- C:\windows\SysWow64\vbscript.dll

2011-01-05 04:00:16 3127808 ----a-w- C:\windows\System32\win32k.sys

.

============= FINISH: 19:07:00.18 ===============

Attach.txt

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

This sounds a lot more like your hard drive beginning to fail than anything.

Click Start --> Run, and type in cmd.exe

Right-click cmd.exe and click Run as Admin...

In the black box that appears, enter this command exactly as shown:

chkdsk>"%userprofile%\desktop\chkdsk1.txt"

Press Enter. When it finishes, open chkdsk1.txt on your Desktop and post its contents here.

Link to post
Share on other sites

I have windows 7, I can't seem to get it to let me run as admin.

Thanks for helping me! :)

Hi and welcome to Malwarebytes.

This sounds a lot more like your hard drive beginning to fail than anything.

Click Start --> Run, and type in cmd.exe

Right-click cmd.exe and click Run as Admin...

In the black box that appears, enter this command exactly as shown:

chkdsk>"%userprofile%\desktop\chkdsk1.txt"

Press Enter. When it finishes, open chkdsk1.txt on your Desktop and post its contents here.

Link to post
Share on other sites

Never-mind, figured it out. Here is the result:

The type of the file system is NTFS.

Volume label is TI103289W0D.

WARNING! F parameter not specified.

Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...

0 percent complete. (0 of 125184 file records processed)

1 percent complete. (12519 of 125184 file records processed)

2 percent complete. (25037 of 125184 file records processed)

3 percent complete. (37556 of 125184 file records processed)

4 percent complete. (50074 of 125184 file records processed)

5 percent complete. (62592 of 125184 file records processed)

6 percent complete. (75111 of 125184 file records processed)

7 percent complete. (87629 of 125184 file records processed)

8 percent complete. (100148 of 125184 file records processed)

9 percent complete. (112666 of 125184 file records processed)

125184 file records processed.

File verification completed.

128 large file records processed.

0 bad file records processed.

0 EA records processed.

60 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...

11 percent complete. (2745 of 173236 index entries processed)

12 percent complete. (5552 of 173236 index entries processed)

13 percent complete. (8359 of 173236 index entries processed)

14 percent complete. (11166 of 173236 index entries processed)

15 percent complete. (13972 of 173236 index entries processed)

16 percent complete. (16779 of 173236 index entries processed)

17 percent complete. (19586 of 173236 index entries processed)

18 percent complete. (22393 of 173236 index entries processed)

19 percent complete. (25200 of 173236 index entries processed)

20 percent complete. (28007 of 173236 index entries processed)

21 percent complete. (30814 of 173236 index entries processed)

22 percent complete. (33621 of 173236 index entries processed)

23 percent complete. (36428 of 173236 index entries processed)

24 percent complete. (39235 of 173236 index entries processed)

25 percent complete. (42042 of 173236 index entries processed)

26 percent complete. (44849 of 173236 index entries processed)

27 percent complete. (47656 of 173236 index entries processed)

28 percent complete. (50463 of 173236 index entries processed)

29 percent complete. (53269 of 173236 index entries processed)

30 percent complete. (56076 of 173236 index entries processed)

31 percent complete. (58883 of 173236 index entries processed)

32 percent complete. (61690 of 173236 index entries processed)

33 percent complete. (64497 of 173236 index entries processed)

34 percent complete. (67304 of 173236 index entries processed)

35 percent complete. (70111 of 173236 index entries processed)

36 percent complete. (72918 of 173236 index entries processed)

37 percent complete. (75725 of 173236 index entries processed)

38 percent complete. (78532 of 173236 index entries processed)

39 percent complete. (81339 of 173236 index entries processed)

40 percent complete. (84146 of 173236 index entries processed)

41 percent complete. (86953 of 173236 index entries processed)

42 percent complete. (89760 of 173236 index entries processed)

43 percent complete. (92567 of 173236 index entries processed)

44 percent complete. (95373 of 173236 index entries processed)

45 percent complete. (98180 of 173236 index entries processed)

46 percent complete. (100987 of 173236 index entries processed)

47 percent complete. (103794 of 173236 index entries processed)

48 percent complete. (106601 of 173236 index entries processed)

49 percent complete. (109408 of 173236 index entries processed)

50 percent complete. (112215 of 173236 index entries processed)

51 percent complete. (115022 of 173236 index entries processed)

52 percent complete. (117829 of 173236 index entries processed)

53 percent complete. (120636 of 173236 index entries processed)

54 percent complete. (123443 of 173236 index entries processed)

54 percent complete. (125527 of 173236 index entries processed)

54 percent complete. (125778 of 173236 index entries processed)

54 percent complete. (126106 of 173236 index entries processed)

55 percent complete. (126250 of 173236 index entries processed)

55 percent complete. (126750 of 173236 index entries processed)

55 percent complete. (126849 of 173236 index entries processed)

55 percent complete. (127034 of 173236 index entries processed)

55 percent complete. (128071 of 173236 index entries processed)

55 percent complete. (128399 of 173236 index entries processed)

55 percent complete. (129051 of 173236 index entries processed)

56 percent complete. (129057 of 173236 index entries processed)

56 percent complete. (129557 of 173236 index entries processed)

56 percent complete. (129896 of 173236 index entries processed)

56 percent complete. (130523 of 173236 index entries processed)

56 percent complete. (131500 of 173236 index entries processed)

57 percent complete. (131864 of 173236 index entries processed)

57 percent complete. (132956 of 173236 index entries processed)

57 percent complete. (133496 of 173236 index entries processed)

57 percent complete. (134361 of 173236 index entries processed)

58 percent complete. (134670 of 173236 index entries processed)

58 percent complete. (135627 of 173236 index entries processed)

58 percent complete. (136108 of 173236 index entries processed)

58 percent complete. (137099 of 173236 index entries processed)

59 percent complete. (137477 of 173236 index entries processed)

59 percent complete. (139382 of 173236 index entries processed)

60 percent complete. (140284 of 173236 index entries processed)

60 percent complete. (140980 of 173236 index entries processed)

60 percent complete. (141418 of 173236 index entries processed)

60 percent complete. (142102 of 173236 index entries processed)

60 percent complete. (142399 of 173236 index entries processed)

60 percent complete. (142818 of 173236 index entries processed)

61 percent complete. (143091 of 173236 index entries processed)

61 percent complete. (143437 of 173236 index entries processed)

61 percent complete. (143662 of 173236 index entries processed)

61 percent complete. (144540 of 173236 index entries processed)

61 percent complete. (145401 of 173236 index entries processed)

62 percent complete. (145898 of 173236 index entries processed)

62 percent complete. (146781 of 173236 index entries processed)

62 percent complete. (147772 of 173236 index entries processed)

63 percent complete. (148705 of 173236 index entries processed)

173236 index entries processed.

Index verification completed.

0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...

72 percent complete. (2193 of 125184 file SDs/SIDs processed)

73 percent complete. (10614 of 125184 file SDs/SIDs processed)

74 percent complete. (19035 of 125184 file SDs/SIDs processed)

75 percent complete. (27456 of 125184 file SDs/SIDs processed)

76 percent complete. (35877 of 125184 file SDs/SIDs processed)

77 percent complete. (44297 of 125184 file SDs/SIDs processed)

78 percent complete. (52718 of 125184 file SDs/SIDs processed)

79 percent complete. (61139 of 125184 file SDs/SIDs processed)

80 percent complete. (69560 of 125184 file SDs/SIDs processed)

81 percent complete. (77981 of 125184 file SDs/SIDs processed)

82 percent complete. (86401 of 125184 file SDs/SIDs processed)

83 percent complete. (94822 of 125184 file SDs/SIDs processed)

84 percent complete. (103243 of 125184 file SDs/SIDs processed)

85 percent complete. (111664 of 125184 file SDs/SIDs processed)

86 percent complete. (120084 of 125184 file SDs/SIDs processed)

125184 file SDs/SIDs processed.

Security descriptor verification completed.

24027 data files processed.

CHKDSK is verifying Usn Journal...

99 percent complete. (0 of 35097624 USN bytes processed)

100 percent complete. (35094528 of 35097624 USN bytes processed)

35097624 USN bytes processed.

Usn Journal verification completed.

Windows has checked the file system and found no problems.

293887999 KB total disk space.

54500724 KB in 100826 files.

55540 KB in 24028 indexes.

0 KB in bad sectors.

235167 KB in use by the system.

65536 KB occupied by the log file.

239096568 KB available on disk.

4096 bytes in each allocation unit.

73471999 total allocation units on disk.

59774142 allocation units available on disk.

Link to post
Share on other sites

  • Staff

Hi,

Hmmm. Please update MBAM, run a Quick Scan, and post its log.

Next, download MBRCheck.exe by a_d_13 and save it to your Desktop.

Run it; when it completes, a log will be available on your Desktop (MBRCheck xxxxxx .txt) where xxxxxx is the time it ran.

Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Link to post
Share on other sites

Here is the MBAM log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6308

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

4/7/2011 11:20:27 PM

mbam-log-2011-04-07 (23-20-27).txt

Scan type: Quick scan

Objects scanned: 167752

Time elapsed: 3 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

The MBR Check log:

MBRCheck, version 1.2.3

© 2010, AD

Command-line:

Windows Version: Windows 7 Home Premium Edition

Windows Information: (build 7600), 64-bit

Base Board Manufacturer: TOSHIBA

BIOS Manufacturer: American Megatrends Inc.

System Manufacturer: TOSHIBA

System Product Name: Satellite U505

Logical Drives Mask: 0x0000000c

Kernel Drivers (total 196):

0x02C5F000 \SystemRoot\system32\ntoskrnl.exe

0x02C16000 \SystemRoot\system32\hal.dll

0x00BBE000 \SystemRoot\system32\kdcom.dll

0x00C85000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x00CC9000 \SystemRoot\system32\PSHED.dll

0x00CDD000 \SystemRoot\system32\CLFS.SYS

0x00D3B000 \SystemRoot\system32\CI.dll

0x00EC0000 \SystemRoot\system32\drivers\Wdf01000.sys

0x00F64000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x00F73000 \SystemRoot\system32\DRIVERS\ACPI.sys

0x00FCA000 \SystemRoot\system32\DRIVERS\WMILIB.SYS

0x00FD3000 \SystemRoot\system32\DRIVERS\msisadrv.sys

0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys

0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys

0x00E40000 \SystemRoot\System32\drivers\partmgr.sys

0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys

0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS

0x00E6A000 \SystemRoot\system32\DRIVERS\volmgr.sys

0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys

0x00E7F000 \SystemRoot\System32\drivers\mountmgr.sys

0x00E99000 \SystemRoot\system32\DRIVERS\pciide.sys

0x00EA0000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS

0x010BD000 \SystemRoot\system32\DRIVERS\iaStor.sys

0x011D9000 \SystemRoot\system32\DRIVERS\atapi.sys

0x01000000 \SystemRoot\system32\DRIVERS\ataport.SYS

0x0102A000 \SystemRoot\system32\DRIVERS\msahci.sys

0x01035000 \SystemRoot\system32\DRIVERS\amdxata.sys

0x01040000 \SystemRoot\system32\drivers\fltmgr.sys

0x0108C000 \SystemRoot\system32\drivers\fileinfo.sys

0x01224000 \SystemRoot\System32\Drivers\Ntfs.sys

0x014C2000 \SystemRoot\System32\Drivers\msrpc.sys

0x01520000 \SystemRoot\System32\Drivers\ksecdd.sys

0x0153A000 \SystemRoot\System32\Drivers\cng.sys

0x015AD000 \SystemRoot\System32\drivers\pcw.sys

0x015BE000 \SystemRoot\System32\Drivers\Fs_Rec.sys

0x016C8000 \SystemRoot\system32\drivers\ndis.sys

0x01600000 \SystemRoot\system32\drivers\NETIO.SYS

0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys

0x01400000 \SystemRoot\system32\DRIVERS\volsnap.sys

0x0168B000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS

0x0185D000 \SystemRoot\system32\DRIVERS\tos_sps64.sys

0x018D7000 \SystemRoot\system32\DRIVERS\Thpevm.SYS

0x018D9000 \SystemRoot\system32\DRIVERS\thpdrv.sys

0x018E5000 \SystemRoot\System32\Drivers\spldr.sys

0x018ED000 \SystemRoot\System32\drivers\rdyboost.sys

0x01927000 \SystemRoot\System32\Drivers\mup.sys

0x01939000 \SystemRoot\system32\drivers\mfehidk.sys

0x019B8000 \SystemRoot\System32\drivers\hwpolicy.sys

0x019C1000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x01800000 \SystemRoot\system32\DRIVERS\disk.sys

0x01816000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

0x02DC5000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x02DEF000 \SystemRoot\System32\Drivers\Null.SYS

0x02DF8000 \SystemRoot\System32\Drivers\Beep.SYS

0x02C00000 \SystemRoot\System32\drivers\vga.sys

0x02C0E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x02C33000 \SystemRoot\System32\drivers\watchdog.sys

0x02C43000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x02C4C000 \SystemRoot\system32\drivers\rdpencdd.sys

0x02C55000 \SystemRoot\system32\drivers\rdprefmp.sys

0x02C5E000 \SystemRoot\System32\Drivers\Msfs.SYS

0x02C69000 \SystemRoot\System32\Drivers\Npfs.SYS

0x03A03000 \SystemRoot\System32\drivers\tcpip.sys

0x0144C000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x01690000 \SystemRoot\system32\DRIVERS\tdx.sys

0x02C7A000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x03CA9000 \SystemRoot\system32\drivers\afd.sys

0x03D33000 \SystemRoot\System32\DRIVERS\netbt.sys

0x03D78000 \SystemRoot\system32\DRIVERS\wfplwf.sys

0x03D81000 \SystemRoot\system32\DRIVERS\pacer.sys

0x03DA7000 \SystemRoot\system32\DRIVERS\vwififlt.sys

0x03DBD000 \SystemRoot\system32\DRIVERS\netbios.sys

0x03DCC000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x03DE7000 \SystemRoot\system32\DRIVERS\termdd.sys

0x03C00000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x03C51000 \??\C:\windows\system32\drivers\PMCF.sys

0x03C59000 \SystemRoot\system32\drivers\nsiproxy.sys

0x03C65000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x03C70000 \SystemRoot\System32\drivers\discache.sys

0x03C7F000 \SystemRoot\System32\Drivers\dfsc.sys

0x016AE000 \SystemRoot\system32\DRIVERS\blbdrive.sys

0x017BA000 \SystemRoot\system32\DRIVERS\avipbb.sys

0x01496000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x017DC000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x03E27000 \SystemRoot\system32\DRIVERS\igdkmd64.sys

0x048F1000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x04800000 \SystemRoot\System32\drivers\dxgmms1.sys

0x04846000 \SystemRoot\system32\DRIVERS\usbuhci.sys

0x04853000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x048A9000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x048BA000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x049E5000 \SystemRoot\system32\DRIVERS\risdpe64.sys

0x0452F000 \SystemRoot\system32\DRIVERS\rimspe64.sys

0x04548000 \SystemRoot\system32\DRIVERS\rixdpe64.sys

0x04AC7000 \SystemRoot\system32\DRIVERS\rtl8192se.sys

0x04BCF000 \SystemRoot\system32\DRIVERS\vwifibus.sys

0x04A00000 \SystemRoot\system32\DRIVERS\Rt64win7.sys

0x04A39000 \SystemRoot\system32\DRIVERS\i8042prt.sys

0x04A57000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x04A66000 \SystemRoot\system32\DRIVERS\Apfiltr.sys

0x04AAA000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x04AB9000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys

0x04BDC000 \??\C:\windows\system32\drivers\UBHelper.sys

0x04BE4000 \??\C:\windows\system32\drivers\NTIDrvr.sys

0x04BEC000 \SystemRoot\system32\DRIVERS\CmBatt.sys

0x04BF1000 \SystemRoot\system32\DRIVERS\TVALZFL.sys

0x048DE000 \SystemRoot\system32\DRIVERS\CompositeBus.sys

0x0459E000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

0x045B4000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x045D8000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x015C8000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x045E4000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x03E00000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x013C7000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x04BF8000 \SystemRoot\system32\DRIVERS\swenum.sys

0x04C11000 \SystemRoot\system32\DRIVERS\ks.sys

0x04C54000 \SystemRoot\system32\DRIVERS\umbus.sys

0x04C66000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x04CC0000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x05E05000 \SystemRoot\system32\drivers\RTKVHD64.sys

0x04CD5000 \SystemRoot\system32\drivers\portcls.sys

0x04D12000 \SystemRoot\system32\drivers\drmk.sys

0x05FE4000 \SystemRoot\system32\drivers\ksthunk.sys

0x06089000 \SystemRoot\system32\DRIVERS\agrsm64.sys

0x061BA000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x061BC000 \SystemRoot\system32\drivers\modem.sys

0x00040000 \SystemRoot\System32\win32k.sys

0x061CB000 \SystemRoot\System32\drivers\Dxapi.sys

0x061D7000 \SystemRoot\System32\Drivers\crashdmp.sys

0x02C87000 \SystemRoot\System32\Drivers\dump_iaStor.sys

0x061E5000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x06000000 \SystemRoot\system32\DRIVERS\monitor.sys

0x00490000 \SystemRoot\System32\TSDDD.dll

0x06060000 \SystemRoot\system32\drivers\luafv.sys

0x04D34000 \SystemRoot\system32\DRIVERS\avgntflt.sys

0x04D51000 \SystemRoot\system32\drivers\WudfPf.sys

0x05FEA000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x04D72000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x04DC5000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x04DD8000 \SystemRoot\system32\DRIVERS\rspndr.sys

0x04DF0000 \SystemRoot\system32\DRIVERS\vwifimp.sys

0x054D0000 \SystemRoot\system32\drivers\HTTP.sys

0x05598000 \SystemRoot\system32\DRIVERS\bowser.sys

0x055B6000 \SystemRoot\System32\drivers\mpsdrv.sys

0x055CE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x05400000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x0544E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x06669000 \SystemRoot\system32\drivers\peauth.sys

0x0670F000 \SystemRoot\System32\Drivers\secdrv.SYS

0x0671A000 \SystemRoot\System32\DRIVERS\srvnet.sys

0x06747000 \SystemRoot\System32\drivers\tcpipreg.sys

0x06759000 \SystemRoot\System32\DRIVERS\srv2.sys

0x06CED000 \SystemRoot\System32\DRIVERS\srv.sys

0x00710000 \SystemRoot\System32\cdd.dll

0x06CB3000 \SystemRoot\system32\DRIVERS\asyncmac.sys

0x06CBE000 \SystemRoot\system32\DRIVERS\WSDPrint.sys

0x77450000 \Windows\System32\ntdll.dll

0x47650000 \Windows\System32\smss.exe

0xFF770000 \Windows\System32\apisetschema.dll

0xFFA70000 \Windows\System32\autochk.exe

0xFF750000 \Windows\System32\lpk.dll

0x77350000 \Windows\System32\user32.dll

0xFF6D0000 \Windows\System32\difxapi.dll

0xFF5A0000 \Windows\System32\rpcrt4.dll

0xFF4D0000 \Windows\System32\usp10.dll

0xFF4B0000 \Windows\System32\imagehlp.dll

0xFF3A0000 \Windows\System32\msctf.dll

0xFF300000 \Windows\System32\comdlg32.dll

0x77620000 \Windows\System32\normaliz.dll

0xFF2E0000 \Windows\System32\sechost.dll

0x77230000 \Windows\System32\kernel32.dll

0xFF240000 \Windows\System32\clbcatq.dll

0xFF160000 \Windows\System32\advapi32.dll

0xFF030000 \Windows\System32\wininet.dll

0xFEE50000 \Windows\System32\setupapi.dll

0xFEE20000 \Windows\System32\imm32.dll

0xFE090000 \Windows\System32\shell32.dll

0xFDE30000 \Windows\System32\iertutil.dll

0xFDC20000 \Windows\System32\ole32.dll

0xFDB80000 \Windows\System32\msvcrt.dll

0xFDB30000 \Windows\System32\ws2_32.dll

0xFDAC0000 \Windows\System32\gdi32.dll

0xFDAB0000 \Windows\System32\nsi.dll

0xFDA60000 \Windows\System32\Wldap32.dll

0xFD8E0000 \Windows\System32\urlmon.dll

0x77610000 \Windows\System32\psapi.dll

0xFD860000 \Windows\System32\shlwapi.dll

0xFD780000 \Windows\System32\oleaut32.dll

0xFD710000 \Windows\System32\KernelBase.dll

0xFD670000 \Windows\System32\comctl32.dll

0xFD630000 \Windows\System32\wintrust.dll

0xFD610000 \Windows\System32\devobj.dll

0xFD4A0000 \Windows\System32\crypt32.dll

0xFD460000 \Windows\System32\cfgmgr32.dll

0xFD450000 \Windows\System32\msasn1.dll

0x77600000 \Windows\SysWOW64\normaliz.dll

Processes (total 88):

0 System Idle Process

4 System

320 C:\Windows\System32\smss.exe

508 csrss.exe

584 C:\Windows\System32\wininit.exe

596 csrss.exe

636 C:\Windows\System32\services.exe

656 C:\Windows\System32\lsass.exe

664 C:\Windows\System32\lsm.exe

772 C:\Windows\System32\svchost.exe

824 C:\Windows\System32\winlogon.exe

920 C:\Windows\System32\svchost.exe

980 C:\Windows\System32\svchost.exe

360 C:\Windows\System32\svchost.exe

376 C:\Windows\System32\svchost.exe

1084 C:\Windows\System32\svchost.exe

1268 C:\Windows\System32\svchost.exe

1416 C:\Windows\System32\spoolsv.exe

1448 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

1472 C:\Windows\System32\svchost.exe

1564 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

1612 C:\Windows\System32\svchost.exe

1672 C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe

1752 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

1760 C:\Windows\System32\conhost.exe

1792 C:\Windows\System32\svchost.exe

1820 C:\Windows\System32\ThpSrv.exe

1868 C:\Windows\System32\TODDSrv.exe

1900 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

1940 C:\Program Files\TOSHIBA\TECO\TecoService.exe

2036 C:\Windows\System32\svchost.exe

1152 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

504 C:\Windows\System32\SearchIndexer.exe

2156 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

2568 C:\Windows\System32\taskhost.exe

2644 C:\Windows\System32\dwm.exe

2668 C:\Windows\explorer.exe

3068 C:\Windows\System32\rundll32.exe

2508 C:\Windows\System32\svchost.exe

3388 C:\Windows\System32\igfxtray.exe

3412 C:\Windows\System32\hkcmd.exe

3440 C:\Windows\System32\igfxpers.exe

3456 C:\Windows\System32\igfxsrvc.exe

3512 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

3552 C:\Program Files\Apoint2K\Apoint.exe

3572 C:\Program Files\ltmoh\ltmoh.exe

3604 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

3640 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

3704 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

3772 C:\Program Files\TOSHIBA\TECO\TEco.exe

3812 C:\Windows\System32\ThpSrv.exe

3892 C:\Program Files\Windows Sidebar\sidebar.exe

3980 C:\Program Files\Apoint2K\ApMsgFwd.exe

2844 C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

2180 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

3296 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

3312 C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe

3320 C:\Program Files\Apoint2K\hidfind.exe

3324 C:\Program Files\Apoint2K\ApntEx.exe

2528 C:\Windows\System32\conhost.exe

1236 C:\Windows\System32\igfxext.exe

3532 C:\Program Files\Windows Media Player\wmpnetwk.exe

4172 C:\Windows\System32\svchost.exe

5096 dllhost.exe

4588 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

1156 C:\Program Files\LSI SoftModem\agr64svc.exe

168 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

4444 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

708 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

5012 C:\Program Files\TOSHIBA\rselect\RSelSvc.exe

224 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

3488 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

2088 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

844 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

2360 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

4640 C:\Windows\System32\taskhost.exe

7080 C:\Program Files (x86)\Mozilla Firefox\firefox.exe

2596 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

6976 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

4612 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

7128 C:\Windows\splwow64.exe

6696 C:\Windows\System32\audiodg.exe

2500 C:\Windows\System32\SearchProtocolHost.exe

5448 C:\Windows\System32\SearchFilterHost.exe

4712 dllhost.exe

5776 dllhost.exe

2800 C:\Users\Atani\Desktop\MBRCheck.exe

4448 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: FUJITSUMJA2320BHG2, Rev: 00400018

Size Device Name MBR Status

--------------------------------------------

298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected

SHA1: BBAD517F7EAC529451E4B9586C847AE190574F61

Done!

Aaaand the PC Pitstop URL:

http://www.pcpitstop.com/betapit/sec.asp?conid=24299234

Thanks so much!

Hi,

Hmmm. Please update MBAM, run a Quick Scan, and post its log.

Next, download MBRCheck.exe by a_d_13 and save it to your Desktop.

Run it; when it completes, a log will be available on your Desktop (MBRCheck xxxxxx .txt) where xxxxxx is the time it ran.

Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Link to post
Share on other sites

  • Staff

Hi,

I see many remnants of a previous McAfee installation that may be the cause here.

Download the McAfee Removal Tool.

Double click on MCPR.exe to launch it, then Click Run. A window should appear and disappear, this is normal. A new window should popup and begin the uninstall. When prompted to reboot your computer type Y.

Let me know how things are running now.

Link to post
Share on other sites

It is still getting stuck on the boot up splash screen and I keep getting a message saying my camera device is non-functional. However, the message that some usb device is malfunctioning has stopped! So that is an improvement!

Hi,

I see many remnants of a previous McAfee installation that may be the cause here.

Download the McAfee Removal Tool.

Double click on MCPR.exe to launch it, then Click Run. A window should appear and disappear, this is normal. A new window should popup and begin the uninstall. When prompted to reboot your computer type Y.

Let me know how things are running now.

Link to post
Share on other sites

It is still getting stuck on the boot up splash screen and I keep getting a message saying my camera device is non-functional. However, the message that some usb device is malfunctioning has stopped! So that is an improvement!

And now I am back to getting the USB device error. So no improvement, however it hasn't gotten worse! That's good, right?

Link to post
Share on other sites

Thanks for your help, I was directed here from the PC help forum. I will link to this thread there.

Thanks Again!

Hi,

My apologies for the delay. This really doesn't look like a malware issue today. I would recommend posting in our PC Help forum where someone may be able to diagnose the hardware or software specific cause of your issues.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.