Failed OTL Scan

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Failed OTL Scan

Post by Nightspawn on Mon 31 Oct 2011, 8:13 am

First topic message reminder :

I downloaded OTL, copy and pasted the scan information into the custom scan, and hit "run scan." It begins and then immediately stops and the program terminates. I've been having the same problem with my antivirus software as well, they don't seem to be scanning. Before my antivirus stuff stopped working, I did discover that my computer is infected with a rootkit, and ADWARE/Gen. Any help would be appreciated.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down


Re: Failed OTL Scan

Post by Nightspawn on Tue 22 Nov 2011, 4:14 pm

Bump.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Thu 24 Nov 2011, 8:00 am

Bump.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Belahzur on Fri 25 Nov 2011, 5:19 am

Sorry for the delay, been busy.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Fri 25 Nov 2011, 2:56 pm

First of all, Happy Thanksgiving. Secondly, no worries, I understand the busy thing, and I still appreciate all your help. Just want you to know that. Had to run RKill again: Here's the log:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 11/24/2011 at 22:53:51.
Operating System: Windows Vista (TM) Home Premium


Processes terminated by Rkill or while it was running:

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Users\NightSpawn\Desktop\eXplorer.exe


--- ATTENTION ---

Windows was configured to use a proxy! Proxy settings have been removed.

The Proxy Server that was configured is: http=127.0.0.1:55778

If this was a valid setting, please double-click on the rk-proxy.reg file on your desktop and allow the data to be merged to restore your proxy settings.


Rkill completed on 11/24/2011 at 22:55:06.


I will complete the Eset scan and post the log shortly.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Fri 25 Nov 2011, 5:05 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=8d7ce07f8896d246a98b4e6e5797e011
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-11-25 05:45:59
# local_time=2011-11-25 12:45:59 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5121 16776574 100 96 1315356 135977840 0 0
# compatibility_mode=5892 16776638 100 95 1315320 158803466 0 0
# compatibility_mode=8192 67108863 100 0 1504039 1504039 0 0
# scanned=138211
# found=37
# cleaned=35
# scan_time=4021
C:\Program Files\A1939\lvvm.exe a variant of Win32/Kryptik.VZB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\LP\4CE1\47DA.tmp a variant of Win32/Kryptik.VZB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\LP\4CE1\FE1.exe Win32/Cycbot.AK trojan (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\LP\4CE1\FE1.exe.vir Win32/Cycbot.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\ProgramData\dYIajiwXVoeuA.exe.vir a variant of Win32/Kryptik.VNX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\ProgramData\oVGuSZrJARtdIO.exe.vir a variant of Win32/Kryptik.VNX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Users\NightSpawn\AppData\Roaming\iexplore.exe.vir Win32/Cycbot.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Users\NightSpawn\AppData\Roaming\106A1\DE94C.exe.vir a variant of Win32/Kryptik.VJK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Users\NightSpawn\AppData\Roaming\A1939\lvvm.exe.vir a variant of Win32/Kryptik.VJK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Users\NightSpawn\AppData\Roaming\Microsoft\4CE1\FE1.exe.vir Win32/Cycbot.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Windows\System32\config\systemprofile\AppData\Local\6Nxsyk.com.vir a variant of Win32/Kryptik.UYJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Windows\System32\config\systemprofile\AppData\Local\3beeaf5f\X.vir Win32/Sirefef.DD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\0.6396809879420475.exe a variant of Win32/Kryptik.VTC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\51C1.tmp a variant of Win32/Kryptik.VQQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\6D60.tmp a variant of Win32/Kryptik.VTC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\76B4.tmp a variant of Win32/Kryptik.VTC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\BB47.tmp a variant of Win32/Kryptik.VTC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\dwme.exe Win32/Cycbot.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Local\temp\NOD29D4.tmp Win32/Cycbot.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\1964f251-7e3fd774 Java/Agent.DW trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\7e8a6802-2b58c59a a variant of Win32/Kryptik.UOE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\6555fc58-2d70cb0a a variant of Win32/Kryptik.VRM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\1589f399-2bfe2e94 a variant of Win32/Kryptik.UOE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\2dc8efef-4bd781c5 a variant of Java/TrojanDownloader.OpenStream.NCM trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\6EB7.tmp a variant of Win32/Kryptik.VQQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\BBA5.tmp a variant of Win32/Kryptik.VTC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\dwme.exe Win32/Cycbot.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\iexplore.exe Win32/Cycbot.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\java.exe Win32/Cycbot.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\106A1\DE94C.exe a variant of Win32/Kryptik.VZB trojan (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\Microsoft\4CE1\437E.tmp Win32/PSW.Agent.NTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\AppData\Roaming\Microsoft\4CE1\FE1.exe Win32/Cycbot.AK trojan (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Users\NightSpawn\Desktop\sname probably a variant of Win32/Lukicsel.T trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\AV Protection 2011v121.exe a variant of Win32/Kryptik.VRM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\drivers\i8042prt.sys a variant of Win32/Rootkit.Kryptik.FF trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\drivers\etc\hosts Win32/Qhost trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
${Memory} a variant of Win32/Sirefef.DN trojan 00000000000000000000000000000000 I

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Fri 25 Nov 2011, 5:06 pm

After completing the Eset scan, I had to reboot, and run Rkill again to be able to access the internet. Don't know if they information is relevant, but thought I would included it in my latest post. Thanks much.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Mon 28 Nov 2011, 4:51 am

Bump.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Mon 28 Nov 2011, 12:01 pm

Well, my comp rebooted itself, and when it loaded up again, my screen is jet black, and I can't access anything. The only thing that was visable was this Vista Antivirus 2012 thing, which is claiming everything I have is infected. It's not letting me access or even view my desktop. I can open task manager, but it is a struggle to get it to remain open so I can do anything. Any suggestions? Because at this rate, I may have to post and work from another computer if it continues like this.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Mon 28 Nov 2011, 4:43 pm

Ok, I'm mananged to access IE through the task manager, although my desktop is still black and I cannot fix that. Not sure what the problem is, but at least I can still post here, and (fingers crossed) still download anything you need me to from here. The Vista Antivirus 2012 doesn't appear to be popping up, but I don't know if it is or isn't because I have no desktop and nothing that normally loads at the start is appearing. I've tried rebooting in safe mode, but I get the same problem. Suggestions or recommendation are welcome. Whatever you think the next logically course of action may be. I did manage to run rkill and an eset scan, but nothing is coming up, and rkill kills a few processes but nothing that I necessarily can see as threatening. I can't access my notepads to link the logs, but if I find a way, I'll post them here ASAP. Thanks again in advance.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Tue 29 Nov 2011, 3:56 am

Ok, I managed to do a little bit a of reading and research. Apparently, I am suffering from KSOD (Black Screen of Death). Now, I can access things on this computer via the Task Manager. I've tried launching the explorer.exe from task manager, but Task Manager says that the specific path doesn't exist. I've looked at my registry key for this by opening "regedit.exe" with task manager. No, I'm not 100% that everything was right, but it appeared that "shell = explorer". So I assume that that key is correct. So, at present, the KSOD has dropped a interesting challenge in my lap that I cannot yet solve. I would mess around with the registry keys more, but I don't feel comfortable doing that, as most explanations I've read from users, seem to suggest more than a basic knowledge of computers and systems, and in short, I really don't want to mess anything up worse than it already is. Hope this info helps. I'll keep you posted if I find a solution for KSOD before you get a chance to post again.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Tue 29 Nov 2011, 3:37 pm

Bump.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Wed 30 Nov 2011, 5:59 am

Bump.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Belahzur on Thu 01 Dec 2011, 11:45 am

Hello.
I want to check the MBR.

Download MBRCheck to your desktop.

  • Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
  • It will show a black screen with some data on it.
  • A report called MBRcheckxxxx.txt will be on your desktop
  • Open this report and post its content in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Thu 01 Dec 2011, 5:35 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1720
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 166):
0x8224E000 \SystemRoot\system32\ntkrnlpa.exe
0x8221B000 \SystemRoot\system32\hal.dll
0x8040E000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80480000 \SystemRoot\system32\PSHED.dll
0x80491000 \SystemRoot\system32\BOOTVID.dll
0x80499000 \SystemRoot\system32\CLFS.SYS
0x804DA000 \SystemRoot\system32\CI.dll
0x8060B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80687000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80694000 \SystemRoot\system32\drivers\acpi.sys
0x806DA000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806E3000 \SystemRoot\system32\drivers\msisadrv.sys
0x806EB000 \SystemRoot\system32\drivers\pci.sys
0x80712000 \SystemRoot\System32\drivers\partmgr.sys
0x80721000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80724000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8072E000 \SystemRoot\system32\drivers\volmgr.sys
0x8073D000 \SystemRoot\System32\drivers\volmgrx.sys
0x80787000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8078E000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8079C000 \SystemRoot\system32\drivers\pciide.sys
0x807A3000 \SystemRoot\System32\drivers\mountmgr.sys
0x8280E000 \SystemRoot\system32\drivers\iastorv.sys
0x828AF000 \SystemRoot\system32\drivers\iastor.sys
0x8296D000 \SystemRoot\system32\drivers\atapi.sys
0x82975000 \SystemRoot\system32\drivers\ataport.SYS
0x82993000 \SystemRoot\system32\drivers\fltmgr.sys
0x829C5000 \SystemRoot\system32\drivers\fileinfo.sys
0x829D5000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x82A06000 \SystemRoot\System32\Drivers\ksecdd.sys
0x82A77000 \SystemRoot\system32\drivers\ndis.sys
0x82B82000 \SystemRoot\system32\drivers\msrpc.sys
0x82BAD000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BA02000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BB12000 \SystemRoot\system32\drivers\volsnap.sys
0x8BB4B000 \SystemRoot\System32\Drivers\spldr.sys
0x8BB53000 \SystemRoot\System32\Drivers\mup.sys
0x8BB62000 \SystemRoot\System32\drivers\ecache.sys
0x8BB89000 \SystemRoot\system32\drivers\disk.sys
0x8BB9A000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8BBBB000 \SystemRoot\system32\drivers\crcdisk.sys
0x8F0CD000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8F0D8000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8F0E1000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8F60D000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FCD6000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8FD76000 \SystemRoot\System32\drivers\watchdog.sys
0x8FD82000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8FD8D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8FDCB000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F0F0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8FE08000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8FF0A000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0x8FF1A000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8FF2A000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8FF38000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8FF52000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8FF60000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x8FF74000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8FFE6000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F17D000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8FDDA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8FDE5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F1A9000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8FFF9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8FE00000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8FDF0000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8F1C1000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x807B3000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F600000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8BBD1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F1F0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x805BA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F000000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8BBE8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x82BE8000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x829DE000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8FE04000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90405000 \SystemRoot\system32\DRIVERS\ks.sys
0x9042F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90439000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90446000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x9047B000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x9048C000 \SystemRoot\system32\drivers\stwrt.sys
0x904E1000 \SystemRoot\system32\drivers\portcls.sys
0x9050E000 \SystemRoot\system32\drivers\drmk.sys
0x90533000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x90602000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x90705000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x907B9000 \SystemRoot\system32\drivers\modem.sys
0x907C6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x907CF000 \SystemRoot\System32\Drivers\Null.SYS
0x907D6000 \SystemRoot\System32\Drivers\Beep.SYS
0x907E6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x907ED000 \SystemRoot\System32\drivers\vga.sys
0x90570000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x907DD000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x90591000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90599000 \SystemRoot\System32\Drivers\Msfs.SYS
0x905A4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x905B2000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9080D000 \SystemRoot\System32\drivers\tcpip.sys
0x908F7000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x90912000 \SystemRoot\System32\Drivers\Mpfp.sys
0x90939000 \SystemRoot\system32\DRIVERS\tdx.sys
0x9094F000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x90961000 \SystemRoot\system32\DRIVERS\smb.sys
0x90975000 \SystemRoot\system32\drivers\afd.sys
0x909BD000 \SystemRoot\System32\DRIVERS\netbt.sys
0x905BB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x909EF000 \SystemRoot\system32\DRIVERS\netbios.sys
0x905D1000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x90C06000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90C42000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90C4C000 \SystemRoot\system32\drivers\mfehidk.sys
0x90C7C000 \SystemRoot\System32\Drivers\dfsc.sys
0x90C93000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x90C9C000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90CAC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x90CAE000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0x90CB5000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x90CBD000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x90CD4000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0x90D0E000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0x90D10000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x90D19000 \SystemRoot\System32\Drivers\crashdmp.sys
0x90D26000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x98AE0000 \SystemRoot\System32\win32k.sys
0x90DF1000 \SystemRoot\System32\drivers\Dxapi.sys
0x9A0E6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x98D00000 \SystemRoot\System32\TSDDD.dll
0x98D20000 \SystemRoot\System32\cdd.dll
0x9A0F5000 \SystemRoot\system32\drivers\luafv.sys
0x9A110000 \SystemRoot\system32\drivers\spsys.sys
0x9A1C0000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9A1D0000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8F0B8000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x805DD000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA040E000 \SystemRoot\system32\drivers\HTTP.sys
0xA047B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA0498000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA04C6000 \SystemRoot\system32\drivers\mrxdav.sys
0xA04E7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA0506000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA053F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA0557000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA057F000 \SystemRoot\System32\DRIVERS\srv.sys
0xA05E6000 \SystemRoot\system32\DRIVERS\datunidr.sys
0xA1807000 \SystemRoot\System32\Drivers\fastfat.SYS
0xA182F000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA1833000 \SystemRoot\system32\drivers\peauth.sys
0xA1911000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA191B000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA1927000 \SystemRoot\system32\drivers\mfebopk.sys
0xA192E000 \SystemRoot\system32\drivers\mfeavfk.sys
0xA1940000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xA1948000 \SystemRoot\System32\Drivers\BTHUSB.sys
0xA1955000 \SystemRoot\System32\Drivers\bthport.sys
0xA19D5000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0xA0400000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x9A066000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x9A080000 \SystemRoot\system32\drivers\btwavdt.sys
0x8F00F000 \SystemRoot\system32\drivers\btwaudio.sys
0xA1800000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x77060000 \Windows\System32\ntdll.dll

Processes (total 64):
0 System Idle Process
4 System
468 C:\Windows\System32\smss.exe
604 csrss.exe
664 C:\Windows\System32\wininit.exe
676 csrss.exe
708 C:\Windows\System32\services.exe
724 C:\Windows\System32\lsass.exe
732 C:\Windows\System32\lsm.exe
864 C:\Windows\System32\svchost.exe
924 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1060 C:\Windows\System32\svchost.exe
1136 C:\Windows\System32\audiodg.exe
1156 C:\Windows\System32\svchost.exe
1172 C:\Windows\System32\SLsvc.exe
1208 C:\Windows\System32\svchost.exe
1320 C:\Windows\System32\winlogon.exe
1396 C:\Windows\System32\svchost.exe
1560 C:\Windows\System32\WLTRYSVC.EXE
1592 C:\Windows\System32\wlanext.exe
1712 C:\Windows\System32\spoolsv.exe
1736 C:\Windows\System32\svchost.exe
1936 C:\Windows\System32\AEstSrv.exe
1988 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2036 C:\Program Files\Bonjour\mDNSResponder.exe
308 C:\Windows\System32\svchost.exe
360 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
484 C:\Windows\System32\CTSVCCDA.EXE
752 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
820 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
1412 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
2072 C:\Program Files\McAfee\MPF\MpfSrv.exe
2152 C:\Program Files\McAfee\MSK\msksrver.exe
2192 C:\Windows\System32\svchost.exe
2224 C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
2332 C:\Windows\System32\stacsv.exe
2380 C:\Windows\System32\svchost.exe
2436 C:\Windows\System32\svchost.exe
2480 C:\Windows\System32\SearchIndexer.exe
2524 C:\Windows\System32\drivers\XAudio.exe
2724 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2696 C:\Windows\System32\taskeng.exe
2016 C:\Windows\System32\dwm.exe
2468 C:\Windows\System32\svchost.exe
3288 C:\Program Files\McAfee\MSC\mcmscsvc.exe
656 C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
3420 C:\Program Files\McAfee.com\Agent\mcagent.exe
3592 C:\Windows\System32\taskmgr.exe
3840 C:\Program Files\McAfee\MSC\mcuimgr.exe
1180 C:\Windows\System32\rundll32.exe
5636 C:\Windows\System32\taskeng.exe
3056 C:\Windows\System32\PING.EXE
3948 taskeng.exe
4000 C:\Windows\System32\SearchProtocolHost.exe
3568 C:\Windows\System32\SearchFilterHost.exe
2688 WmiPrvSE.exe
1976 C:\Windows\System32\SearchProtocolHost.exe
1956 C:\Program Files\Internet Explorer\iexplore.exe
764 C:\Windows\System32\BCMWLTRY.EXE
5452 dllhost.exe
4280 dllhost.exe
5804 C:\Users\NightSpawn\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`85700000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`05700000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-75ZCT0, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: D62E42E8B5C8E8E3C60B54F46CB8749D21B93E24


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Done!

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Belahzur on Fri 02 Dec 2011, 9:57 am

Hello.
Do you have your Vista Recovery disc?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Fri 02 Dec 2011, 1:27 pm

I did not receive one with my laptop.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Fri 02 Dec 2011, 1:30 pm

I just double checked, and I do not have a recovery disk.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Sun 04 Dec 2011, 9:25 pm

Bump.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Belahzur on Tue 06 Dec 2011, 5:07 am

Hello.
You'll need to get one somehow, we can't repair this without repairing the MBR and we need the disc to get into recovery mode.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Tue 06 Dec 2011, 3:26 pm

Ok, I'll look/ask/beg/plead/bargain around and see if I can get one. In the meantime, any suggestions as to a place where someone might acquire one?

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Nightspawn on Thu 08 Dec 2011, 3:07 pm

Nevermind, I have some friends who might be able to help me acquire one. I'll post as soon as I get it. Thanks in advance.

Nightspawn

Newbie Surfer
Newbie Surfer

Posts : 35
Joined : 2011-10-31
Operating System : Windows Vista Home Premium

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Belahzur on Sat 10 Dec 2011, 12:59 am

Okay, standing by.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Failed OTL Scan

Post by Sponsored content Today at 7:51 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum