virus problem need help please,

View previous topic View next topic Go down

virus problem need help please,

Post by boifromda808 on Fri 06 Aug 2010, 6:01 pm

i am hearing ads in the background of my computer even when no windows are open i use malware bytes, IS360, and AVG free but it doesnt pick up anything that solves the problem. its been bugging me for a week now and im getting desperate can someone please help me? i have windows 7

boifromda808

Unborn
Unborn

Posts : 2
Joined : 2010-08-01
Operating System : 7

View user profile

Back to top Go down

Re: virus problem need help please,

Post by Sneakyone on Sat 07 Aug 2010, 6:15 am

Hi, Welcome to GeekPolice.net!

Download MBRCheck to your desktop.
  • Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
  • It will show a black screen with some data on it.
  • A report called MBRcheckxxxx.txt will be on your desktop
  • Open this report and post its content in your next reply.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: virus problem need help please,

Post by boifromda808 on Sun 08 Aug 2010, 10:47 am

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: TOSHIBA
BIOS Manufacturer: TOSHIBA
System Manufacturer: TOSHIBA
System Product Name: Satellite L455D
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 195):
0x82A46000 \SystemRoot\system32\ntkrnlpa.exe
0x82A0F000 \SystemRoot\system32\halmacpi.dll
0x80BC5000 \SystemRoot\system32\kdcom.dll
0x83420000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x8342B000 \SystemRoot\system32\PSHED.dll
0x8343C000 \SystemRoot\system32\BOOTVID.dll
0x83444000 \SystemRoot\system32\CLFS.SYS
0x83486000 \SystemRoot\system32\CI.dll
0x83531000 \SystemRoot\system32\drivers\Wdf01000.sys
0x835A2000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x835B0000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x83400000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x83409000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x83628000 \SystemRoot\system32\DRIVERS\pci.sys
0x83652000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8365D000 \SystemRoot\system32\DRIVERS\LPCFilter.sys
0x8366A000 \SystemRoot\System32\drivers\partmgr.sys
0x8367B000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x83683000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8368E000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8369E000 \SystemRoot\System32\drivers\volmgrx.sys
0x836E9000 \SystemRoot\system32\DRIVERS\pciide.sys
0x836F0000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x836FE000 \SystemRoot\System32\drivers\mountmgr.sys
0x83714000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8371D000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x83740000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8374A000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x83753000 \SystemRoot\system32\drivers\fltmgr.sys
0x83787000 \SystemRoot\system32\drivers\fileinfo.sys
0x88010000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8813F000 \SystemRoot\System32\Drivers\msrpc.sys
0x8816A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8817D000 \SystemRoot\System32\Drivers\cng.sys
0x881DA000 \SystemRoot\System32\drivers\pcw.sys
0x881E8000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x88212000 \SystemRoot\system32\drivers\ndis.sys
0x882C9000 \SystemRoot\system32\drivers\NETIO.SYS
0x88307000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x88438000 \SystemRoot\System32\drivers\tcpip.sys
0x88581000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x885B2000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x885F1000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x8832C000 \SystemRoot\system32\DRIVERS\tos_sps32.sys
0x885F6000 \SystemRoot\System32\Drivers\spldr.sys
0x88400000 \SystemRoot\System32\drivers\rdyboost.sys
0x88373000 \SystemRoot\System32\Drivers\mup.sys
0x8842D000 \SystemRoot\System32\drivers\hwpolicy.sys
0x88383000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x883B5000 \SystemRoot\system32\DRIVERS\disk.sys
0x883C6000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x883EB000 \SystemRoot\System32\Drivers\avgrkx86.sys
0x883F7000 \SystemRoot\System32\Drivers\AVGIDSwx.sys
0x88200000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x837A9000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x837C8000 \SystemRoot\System32\Drivers\Null.SYS
0x837CF000 \SystemRoot\System32\Drivers\Beep.SYS
0x837D6000 \SystemRoot\System32\drivers\vga.sys
0x83600000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x837E2000 \SystemRoot\System32\drivers\watchdog.sys
0x837EF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x837F7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x83411000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8D01C000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8D027000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8D035000 \SystemRoot\system32\DRIVERS\avgfwd6x.sys
0x8D03F000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D056000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8D061000 \SystemRoot\System32\Drivers\avgtdix.sys
0x8D09B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8D0CD000 \SystemRoot\system32\drivers\afd.sys
0x8D127000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8D12E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8D14D000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8D15E000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8D16C000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8D17F000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8D18F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8D1D0000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8D1DA000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8D1E4000 \SystemRoot\System32\drivers\discache.sys
0x8D000000 \SystemRoot\System32\Drivers\dfsc.sys
0x8D1F0000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x83621000 \SystemRoot\System32\Drivers\avgmfx86.sys
0x8CC15000 \SystemRoot\System32\Drivers\avgldx86.sys
0x8CC49000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8CC6A000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x8E42B000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x8E940000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8CC7B000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8CCB4000 \SystemRoot\system32\DRIVERS\RTL8187Se.sys
0x8E400000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8CD17000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x8E40A000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x8E414000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8E41A000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8CD43000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8CD8E000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8CD9D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8CDBC000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8CDD4000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x92E3E000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x92E71000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x92E73000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x92E80000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x92E84000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x92E91000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x92EA3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x92EBB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x92EC6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x92EE8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x92F00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x92F17000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x92F2E000 \SystemRoot\system32\DRIVERS\swenum.sys
0x92F30000 \SystemRoot\system32\DRIVERS\ks.sys
0x92F64000 \SystemRoot\system32\DRIVERS\umbus.sys
0x92F72000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x92FB6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8223C000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x824D8000 \SystemRoot\system32\drivers\portcls.sys
0x82507000 \SystemRoot\system32\drivers\drmk.sys
0x946E0000 \SystemRoot\System32\win32k.sys
0x82520000 \SystemRoot\System32\drivers\Dxapi.sys
0x8252A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x94940000 \SystemRoot\System32\TSDDD.dll
0x82535000 \SystemRoot\System32\Drivers\crashdmp.sys
0x82542000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8254D000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x82557000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x94970000 \SystemRoot\System32\cdd.dll
0x82568000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8257F000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8258A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8259D000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x825A4000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x825AF000 \SystemRoot\system32\drivers\luafv.sys
0x825CA000 \SystemRoot\system32\drivers\WudfPf.sys
0x825E4000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x95608000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9564E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9565E000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x95671000 \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
0x9567A000 \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
0x95684000 \SystemRoot\system32\drivers\HTTP.sys
0x95709000 \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
0x95731000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9574A000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9575C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9577F000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x957BA000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9A23C000 \SystemRoot\system32\drivers\peauth.sys
0x9A2D3000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9A2DD000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9A2FE000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9A30B000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9A35A000 \SystemRoot\System32\DRIVERS\srv.sys
0x770C0000 \Windows\System32\ntdll.dll
0x47850000 \Windows\System32\smss.exe
0x77300000 \Windows\System32\apisetschema.dll
0x00430000 \Windows\System32\autochk.exe
0x77260000 \Windows\System32\clbcatq.dll
0x77250000 \Windows\System32\lpk.dll
0x77230000 \Windows\System32\imm32.dll
0x77070000 \Windows\System32\Wldap32.dll
0x76ED0000 \Windows\System32\setupapi.dll
0x77200000 \Windows\System32\imagehlp.dll
0x76EC0000 \Windows\System32\normaliz.dll
0x76E10000 \Windows\System32\rpcrt4.dll
0x76E00000 \Windows\System32\nsi.dll
0x76D30000 \Windows\System32\msctf.dll
0x76C90000 \Windows\System32\advapi32.dll
0x76BE0000 \Windows\System32\msvcrt.dll
0x76B80000 \Windows\System32\shlwapi.dll
0x76AE0000 \Windows\System32\usp10.dll
0x76A60000 \Windows\System32\comdlg32.dll
0x76860000 \Windows\System32\iertutil.dll
0x76700000 \Windows\System32\ole32.dll
0x766E0000 \Windows\System32\sechost.dll
0x766A0000 \Windows\System32\ws2_32.dll
0x765A0000 \Windows\System32\wininet.dll
0x75950000 \Windows\System32\shell32.dll
0x75880000 \Windows\System32\user32.dll
0x757F0000 \Windows\System32\oleaut32.dll
0x756B0000 \Windows\System32\urlmon.dll
0x755D0000 \Windows\System32\kernel32.dll
0x75570000 \Windows\System32\difxapi.dll
0x75560000 \Windows\System32\psapi.dll
0x75510000 \Windows\System32\gdi32.dll
0x754C0000 \Windows\System32\KernelBase.dll
0x753A0000 \Windows\System32\crypt32.dll
0x75310000 \Windows\System32\comctl32.dll
0x752E0000 \Windows\System32\wintrust.dll
0x752C0000 \Windows\System32\devobj.dll
0x75290000 \Windows\System32\cfgmgr32.dll
0x75280000 \Windows\System32\msasn1.dll

Processes (total 74):
0 System Idle Process
4 System
268 C:\Windows\System32\smss.exe
408 C:\Windows\System32\csrss.exe
468 C:\Windows\System32\wininit.exe
480 C:\Windows\System32\csrss.exe
492 C:\Program Files\AVG\AVG9\avgchsvx.exe
500 C:\Program Files\AVG\AVG9\avgrsx.exe
544 C:\Windows\System32\winlogon.exe
584 C:\Windows\System32\services.exe
592 C:\Windows\System32\lsass.exe
600 C:\Windows\System32\lsm.exe
768 C:\Program Files\AVG\AVG9\avgcsrvx.exe
784 C:\Windows\System32\svchost.exe
848 C:\Windows\System32\svchost.exe
896 C:\Windows\System32\atiesrxx.exe
996 C:\Windows\System32\svchost.exe
1060 C:\Windows\System32\svchost.exe
1116 C:\Windows\System32\svchost.exe
1388 C:\Windows\System32\audiodg.exe
1428 C:\Windows\System32\svchost.exe
1588 C:\Windows\System32\svchost.exe
1700 C:\Windows\System32\atieclxx.exe
1744 C:\Windows\System32\spoolsv.exe
2008 C:\Windows\System32\svchost.exe
2020 C:\Windows\System32\svchost.exe
1268 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1516 C:\Program Files\AVG\AVG9\avgwdsvc.exe
1612 C:\Program Files\AVG\AVG9\avgfws9.exe
1808 C:\Program Files\Bonjour\mDNSResponder.exe
1640 C:\Program Files\IObit\IObit Security 360\is360srv.exe
2248 C:\Windows\System32\TODDSrv.exe
2292 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
2400 C:\Windows\System32\SearchIndexer.exe
2756 C:\Program Files\AVG\AVG9\avgemc.exe
2804 C:\Program Files\AVG\AVG9\avgnsx.exe
3036 C:\Program Files\AVG\AVG9\avgcsrvx.exe
3260 C:\Windows\System32\svchost.exe
3984 C:\Windows\System32\svchost.exe
288 C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
1836 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
3700 C:\Windows\System32\dwm.exe
1876 C:\Windows\explorer.exe
2000 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4000 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3608 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3852 C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
3224 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
1996 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
1792 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
2524 C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
3976 C:\Program Files\AVG\AVG9\avgtray.exe
2288 C:\Program Files\iTunes\iTunesHelper.exe
2952 C:\Program Files\IObit\IObit Security 360\is360tray.exe
4016 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3508 C:\Users\Gary Canite\AppData\Local\Google\Update\GoogleUpdate.exe
2088 C:\Users\Gary Canite\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
3516 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4112 C:\Program Files\Windows Media Player\wmpnetwk.exe
4284 C:\Program Files\iPod\bin\iPodService.exe
4460 C:\Windows\System32\wuauclt.exe
4616 C:\Windows\System32\taskeng.exe
4648 C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
4736 C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
4908 C:\Program Files\Mozilla Firefox\firefox.exe
5040 C:\Windows\System32\SndVol.exe
5348 C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
3592 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
476 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
5572 C:\Windows\System32\SearchProtocolHost.exe
276 C:\Windows\System32\SearchFilterHost.exe
1476 C:\Users\Gary Canite\Downloads\MBRCheck.exe
5468 C:\Windows\System32\conhost.exe
1500 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545025B9A300, Rev: PB2OC64G

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!
SHA1: D87A6A0B1E8D270294AE7126E5A3E517B3C0D51B


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

boifromda808

Unborn
Unborn

Posts : 2
Joined : 2010-08-01
Operating System : 7

View user profile

Back to top Go down

Re: virus problem need help please,

Post by Sneakyone on Sun 08 Aug 2010, 2:00 pm

Hi.

It would be a good idea to backup irreplaceable data because your computer is infected with a bootkit which can be troublesome to remove.

Run MBRCheck.exe
  • Run MBRCheck.exe
  • Wait until you see the following line: Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  • Please push the 'Y' key and then press Enter
  • When program ask you Enter your choice: enter 2 and press the Enter key
  • Now the program will ask you "Enter the physical disk number to fix (0-99, -1 to cancel):"
  • Enter 0 and press the Enter key.
  • The program will show Available MBR codes:, followed by a list of operating systems. Please enter 1 for Windows XP, and then press Enter.
  • When asked Do you want to fix the MBR code? type in YES and press enter
  • Restart your PC.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: virus problem need help please,

Post by Sponsored content Today at 7:59 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum