Inactive Found Virus but cant delete it.

Chaosmachine420 · 2010/08/31

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Mini 110-1100
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 190):
0x81A0A000 \SystemRoot\system32\ntkrnlpa.exe
0x81E1A000 \SystemRoot\system32\halmacpi.dll
0x81800000 \SystemRoot\system32\kdcom.dll
0x85E11000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x85E89000 \SystemRoot\system32\PSHED.dll
0x85E9A000 \SystemRoot\system32\BOOTVID.dll
0x85EA2000 \SystemRoot\system32\CLFS.SYS
0x85EE4000 \SystemRoot\system32\CI.dll
0x85F8F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x85E00000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x86024000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8606C000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x86075000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8607D000 \SystemRoot\system32\DRIVERS\pci.sys
0x860A7000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x860B2000 \SystemRoot\System32\drivers\partmgr.sys
0x860C3000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x860CB000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x860D6000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x860E6000 \SystemRoot\System32\drivers\volmgrx.sys
0x86131000 \SystemRoot\System32\drivers\mountmgr.sys
0x86218000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x862F2000 \SystemRoot\system32\DRIVERS\atapi.sys
0x862FB000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8631E000 \SystemRoot\system32\DRIVERS\msahci.sys
0x86328000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x86336000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8633F000 \SystemRoot\system32\drivers\fltmgr.sys
0x86373000 \SystemRoot\system32\drivers\fileinfo.sys
0x86424000 \SystemRoot\System32\Drivers\Ntfs.sys
0x86553000 \SystemRoot\System32\Drivers\msrpc.sys
0x8657E000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86591000 \SystemRoot\System32\Drivers\cng.sys
0x865EE000 \SystemRoot\System32\drivers\pcw.sys
0x86400000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86147000 \SystemRoot\system32\drivers\ndis.sys
0x86384000 \SystemRoot\system32\drivers\NETIO.SYS
0x863C2000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86601000 \SystemRoot\System32\drivers\tcpip.sys
0x8674A000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8677B000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x867BA000 \SystemRoot\System32\Drivers\spldr.sys
0x867C2000 \SystemRoot\System32\drivers\rdyboost.sys
0x867EF000 \SystemRoot\System32\Drivers\mup.sys
0x86409000 \SystemRoot\System32\drivers\hwpolicy.sys
0x86834000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x86866000 \SystemRoot\system32\DRIVERS\disk.sys
0x86877000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x86994000 \SystemRoot\System32\Drivers\Null.SYS
0x8699B000 \SystemRoot\System32\Drivers\Beep.SYS
0x869A2000 \SystemRoot\System32\drivers\vga.sys
0x869AE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x869CF000 \SystemRoot\System32\drivers\watchdog.sys
0x869DC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x869E4000 \SystemRoot\system32\drivers\rdpencdd.sys
0x869EC000 \SystemRoot\system32\drivers\rdprefmp.sys
0x869F4000 \SystemRoot\System32\Drivers\Msfs.SYS
0x86800000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8680E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x86825000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x86411000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x8A615000 \SystemRoot\system32\drivers\afd.sys
0x8A66F000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8A674000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8A6A6000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8A6AD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8A6CC000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8A6DD000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8A6EB000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8A6FE000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8A70E000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8A74F000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8A759000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8A763000 \??\C:\SPLASH.SYS\config\dvmio.sys
0x8A76A000 \SystemRoot\System32\drivers\discache.sys
0x8A776000 \SystemRoot\System32\Drivers\dfsc.sys
0x8A78E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8A79C000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8A7C3000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8A7E4000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8AA18000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8AF21000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8B228000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8B261000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8B425000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8B68C000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8B696000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8B6A8000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8B6B3000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B6FE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8B70D000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8B725000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8B732000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8B765000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8B767000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8B774000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8B778000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B781000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8B78E000 \SystemRoot\system32\DRIVERS\serscan.sys
0x8B796000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8B7A8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8B7C0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8B7CB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8B400000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8B280000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8B297000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8B418000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8B2AE000 \SystemRoot\system32\DRIVERS\ks.sys
0x8B7ED000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8B2E2000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8B326000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8B337000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x8B39F000 \SystemRoot\system32\DRIVERS\portcls.sys
0x8B3CE000 \SystemRoot\system32\DRIVERS\drmk.sys
0x8B3E7000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8689C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8B200000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x8D300000 \SystemRoot\System32\win32k.sys
0x8B41A000 \SystemRoot\System32\drivers\Dxapi.sys
0x8B211000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8AFD8000 \SystemRoot\System32\Drivers\usbvideo.sys
0x8B3F4000 \SystemRoot\system32\DRIVERS\monitor.sys
0x8D560000 \SystemRoot\System32\TSDDD.dll
0x8D590000 \SystemRoot\System32\cdd.dll
0x8AA00000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8A600000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8AA0B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x86976000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x86982000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8D5B0000 \SystemRoot\System32\ATMFD.DLL
0x86000000 \SystemRoot\system32\drivers\luafv.sys
0x863E7000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x8B7FB000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x8E02E000 \SystemRoot\system32\drivers\WudfPf.sys
0x8E048000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8E058000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8E09E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8E0AE000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x8E0C1000 \SystemRoot\system32\drivers\HTTP.sys
0x8E146000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8E15F000 \SystemRoot\System32\drivers\mpsdrv.sys
0x8E171000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8E194000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x8E1CF000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA5423000 \SystemRoot\system32\drivers\peauth.sys
0xA54BA000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA54C4000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA54E5000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA54F2000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA5541000 \SystemRoot\System32\DRIVERS\srv.sys
0xA5400000 \??\C:\Users\Krista\AppData\Local\Temp\uglcapob.sys
0x77150000 \Windows\System32\ntdll.dll
0x478E0000 \Windows\System32\smss.exe
0x77390000 \Windows\System32\apisetschema.dll
0x00F60000 \Windows\System32\autochk.exe
0x772D0000 \Windows\System32\rpcrt4.dll
0x772A0000 \Windows\System32\imagehlp.dll
0x770A0000 \Windows\System32\msvcrt.dll
0x77000000 \Windows\System32\usp10.dll
0x76F60000 \Windows\System32\advapi32.dll
0x76E20000 \Windows\System32\urlmon.dll
0x76DA0000 \Windows\System32\comdlg32.dll
0x76BA0000 \Windows\System32\iertutil.dll
0x76AA0000 \Windows\System32\wininet.dll
0x769D0000 \Windows\System32\user32.dll
0x76980000 \Windows\System32\gdi32.dll
0x77290000 \Windows\System32\nsi.dll
0x75D30000 \Windows\System32\shell32.dll
0x75D20000 \Windows\System32\normaliz.dll
0x75C50000 \Windows\System32\msctf.dll
0x75C40000 \Windows\System32\psapi.dll
0x75C20000 \Windows\System32\sechost.dll
0x75B90000 \Windows\System32\clbcatq.dll
0x75B00000 \Windows\System32\oleaut32.dll
0x75AE0000 \Windows\System32\imm32.dll
0x75AA0000 \Windows\System32\ws2_32.dll
0x75A90000 \Windows\System32\lpk.dll
0x75A30000 \Windows\System32\shlwapi.dll
0x759D0000 \Windows\System32\difxapi.dll
0x75980000 \Windows\System32\Wldap32.dll
0x757E0000 \Windows\System32\setupapi.dll
0x75700000 \Windows\System32\kernel32.dll
0x755A0000 \Windows\System32\ole32.dll
0x75580000 \Windows\System32\devobj.dll
0x75550000 \Windows\System32\wintrust.dll
0x75430000 \Windows\System32\crypt32.dll
0x753A0000 \Windows\System32\comctl32.dll
0x75370000 \Windows\System32\cfgmgr32.dll
0x75320000 \Windows\System32\KernelBase.dll
0x75310000 \Windows\System32\msasn1.dll

Processes (total 85):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
392 csrss.exe
448 csrss.exe
456 C:\Windows\System32\wininit.exe
524 C:\Windows\System32\services.exe
532 C:\Windows\System32\winlogon.exe
560 C:\Windows\System32\lsass.exe
568 C:\Windows\System32\lsm.exe
668 C:\Windows\System32\svchost.exe
764 C:\Windows\System32\svchost.exe
860 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
932 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\stacsv.exe
1160 C:\Windows\System32\svchost.exe
1288 C:\Windows\System32\svchost.exe
1368 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1376 C:\Windows\System32\wlanext.exe
1384 C:\Windows\System32\conhost.exe
1720 C:\Windows\System32\spoolsv.exe
1748 C:\Windows\System32\svchost.exe
1844 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\AEstSrv.exe
1872 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1892 C:\Program Files\Bonjour\mDNSResponder.exe
1936 C:\SPLASH.SYS\config\DVMExportService.exe
1972 C:\Windows\System32\svchost.exe
2008 C:\Windows\System32\svchost.exe
1244 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
1812 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2324 C:\Windows\System32\SearchIndexer.exe
2364 C:\Windows\System32\svchost.exe
3128 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3568 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
3664 C:\Windows\System32\svchost.exe
3716 C:\Program Files\Windows Media Player\wmpnetwk.exe
1760 C:\Windows\System32\taskhost.exe
3076 C:\Windows\System32\dwm.exe
3852 C:\Windows\explorer.exe
760 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2760 C:\Program Files\HP\HPBTWD.exe
3344 C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
1496 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
3052 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3184 C:\Program Files\IDT\WDM\sttray.exe
416 C:\Program Files\Java\jre6\bin\jusched.exe
3408 C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
780 C:\Windows\System32\igfxtray.exe
2996 C:\Windows\System32\hkcmd.exe
2144 C:\Windows\System32\igfxpers.exe
3412 igfxsrvc.exe
3596 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2872 C:\Program Files\Zune\ZuneLauncher.exe
3904 C:\Program Files\iTunes\iTunesHelper.exe
1880 C:\Program Files\Windows Sidebar\sidebar.exe
3276 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
2672 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1692 C:\Windows\System32\svchost.exe
4156 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
4272 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
4356 WmiPrvSE.exe
4412 C:\Windows\System32\svchost.exe
4468 C:\Program Files\iPod\bin\iPodService.exe
4476 hpqbam08.exe
4936 hpqgpc01.exe
5356 HpqToaster.exe
5488 C:\Windows\System32\svchost.exe
5528 dllhost.exe
6096 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5256 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5676 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5324 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
4180 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5016 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5280 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5012 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
4960 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
396 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5624 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
5652 C:\Users\Dad\AppData\Local\Google\Chrome\Application\chrome.exe
2100 C:\Windows\System32\svchost.exe
5176 C:\Windows\System32\audiodg.exe
5864 C:\Users\Dad\Downloads\MBRCheck.exe
5396 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000022`5e200000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM160HI, Rev: HH100-15

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: CBF09354B94728A993073CEF9F3E2FD2E4809561

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

broni · 2010/08/31

OK, your MBR seems to be infected.

Run MBRCheck again.

When it's done you'll see the following line:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Press the Y key and then press Enter

When the program asks you to Enter your choice, enter 2 and press the Enter key.

Next the program will ask you to Enter the physical disk number to fix (0-99, -1 to cancel):
Enter 0 (zero) and press the Enter key.

Next the program will show Available MBR codes:, followed by a list of operating systems.
Please enter 5 for Windows 7, and then press Enter.

Next the program will prompt for confirmation.
Type YES and hit Enter.

When it's done there should be a text file with the results on your desktop.
Please copy and paste it back here.

Then reboot, run MBRCheck again and post new log.

Chaosmachine420 · 2010/08/31

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Mini 110-1100
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 191):
0x81A1F000 \SystemRoot\system32\ntkrnlpa.exe
0x81E2F000 \SystemRoot\system32\halmacpi.dll
0x81800000 \SystemRoot\system32\kdcom.dll
0x85E0B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x85E83000 \SystemRoot\system32\PSHED.dll
0x85E94000 \SystemRoot\system32\BOOTVID.dll
0x85E9C000 \SystemRoot\system32\CLFS.SYS
0x85EDE000 \SystemRoot\system32\CI.dll
0x85F89000 \SystemRoot\system32\drivers\Wdf01000.sys
0x86033000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x86041000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x86089000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x86092000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8609A000 \SystemRoot\system32\DRIVERS\pci.sys
0x860C4000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x860CF000 \SystemRoot\System32\drivers\partmgr.sys
0x860E0000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x860E8000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x860F3000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x86103000 \SystemRoot\System32\drivers\volmgrx.sys
0x8614E000 \SystemRoot\System32\drivers\mountmgr.sys
0x8621C000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x862F6000 \SystemRoot\system32\DRIVERS\atapi.sys
0x862FF000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x86322000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8632C000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8633A000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x86343000 \SystemRoot\system32\drivers\fltmgr.sys
0x86377000 \SystemRoot\system32\drivers\fileinfo.sys
0x86417000 \SystemRoot\System32\Drivers\Ntfs.sys
0x86546000 \SystemRoot\System32\Drivers\msrpc.sys
0x86571000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86584000 \SystemRoot\System32\Drivers\cng.sys
0x865E1000 \SystemRoot\System32\drivers\pcw.sys
0x865EF000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86620000 \SystemRoot\system32\drivers\ndis.sys
0x866D7000 \SystemRoot\system32\drivers\NETIO.SYS
0x86715000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8681F000 \SystemRoot\System32\drivers\tcpip.sys
0x86968000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86999000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x869D8000 \SystemRoot\System32\Drivers\spldr.sys
0x8673A000 \SystemRoot\System32\drivers\rdyboost.sys
0x869E0000 \SystemRoot\System32\Drivers\mup.sys
0x869F0000 \SystemRoot\System32\drivers\hwpolicy.sys
0x86767000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x86800000 \SystemRoot\system32\DRIVERS\disk.sys
0x86799000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8990C000 \SystemRoot\System32\Drivers\Null.SYS
0x89913000 \SystemRoot\System32\Drivers\Beep.SYS
0x8991A000 \SystemRoot\System32\drivers\vga.sys
0x89926000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x89947000 \SystemRoot\System32\drivers\watchdog.sys
0x89954000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8995C000 \SystemRoot\system32\drivers\rdpencdd.sys
0x89964000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8996C000 \SystemRoot\System32\Drivers\Msfs.SYS
0x89977000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89985000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8999C000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x899A7000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x86388000 \SystemRoot\system32\drivers\afd.sys
0x899B1000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x899B6000 \SystemRoot\System32\DRIVERS\netbt.sys
0x899E8000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x89800000 \SystemRoot\system32\DRIVERS\pacer.sys
0x899EF000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x867BE000 \SystemRoot\system32\DRIVERS\netbios.sys
0x867CC000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x867DF000 \SystemRoot\system32\DRIVERS\termdd.sys
0x86164000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x867EF000 \SystemRoot\system32\drivers\nsiproxy.sys
0x86600000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x869F8000 \??\C:\SPLASH.SYS\config\dvmio.sys
0x8660A000 \SystemRoot\System32\drivers\discache.sys
0x863E2000 \SystemRoot\System32\Drivers\dfsc.sys
0x86400000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x861A5000 \SystemRoot\System32\Drivers\aswSP.SYS
0x861CC000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x86200000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8A039000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8A542000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8A000000 \SystemRoot\System32\drivers\dxgmms1.sys
0x86000000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8A80C000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8AA73000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8AA7D000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8AA8F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8AA9A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8AAE5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8AAF4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8AB0C000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8AB19000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8AB54000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8AB56000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8AB63000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8AB67000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8AB70000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8AB85000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8AB97000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8ABAF000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8ABBA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8ABDC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8B436000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8B44D000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8B464000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8B466000 \SystemRoot\system32\DRIVERS\ks.sys
0x8B49A000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8B4A8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8B4EC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8B4FD000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x8B565000 \SystemRoot\system32\DRIVERS\portcls.sys
0x8B594000 \SystemRoot\system32\DRIVERS\drmk.sys
0x8B5AD000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8981F000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8B5BA000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x80E20000 \SystemRoot\System32\win32k.sys
0x8B5CB000 \SystemRoot\System32\drivers\Dxapi.sys
0x8B5D5000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8B400000 \SystemRoot\System32\Drivers\usbvideo.sys
0x8B424000 \SystemRoot\system32\DRIVERS\dc3d.sys
0x8B42D000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8B5EC000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x898F9000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8ABF4000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8A800000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x86811000 \SystemRoot\system32\DRIVERS\monitor.sys
0x81080000 \SystemRoot\System32\TSDDD.dll
0x810D0000 \SystemRoot\System32\ATMFD.DLL
0xA222B000 \SystemRoot\system32\drivers\luafv.sys
0xA2246000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0xA225D000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xA2260000 \SystemRoot\system32\drivers\WudfPf.sys
0xA227A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA228A000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA22D0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA22E0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA22F3000 \SystemRoot\system32\drivers\HTTP.sys
0xA2378000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA2391000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA23A3000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA8800000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA883B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA886E000 \SystemRoot\system32\drivers\peauth.sys
0xA8905000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA890F000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA8930000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA893D000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA898C000 \SystemRoot\System32\DRIVERS\srv.sys
0xA89DD000 \SystemRoot\system32\DRIVERS\serscan.sys
0x81180000 \SystemRoot\System32\cdd.dll
0xB541D000 \SystemRoot\system32\drivers\spsys.sys
0x77480000 \Windows\System32\ntdll.dll
0x47D60000 \Windows\System32\smss.exe
0x776C0000 \Windows\System32\apisetschema.dll
0x00770000 \Windows\System32\autochk.exe
0x77600000 \Windows\System32\msvcrt.dll
0x772E0000 \Windows\System32\setupapi.dll
0x77180000 \Windows\System32\ole32.dll
0x76530000 \Windows\System32\shell32.dll
0x76430000 \Windows\System32\wininet.dll
0x76390000 \Windows\System32\usp10.dll
0x76330000 \Windows\System32\difxapi.dll
0x775F0000 \Windows\System32\nsi.dll
0x76260000 \Windows\System32\msctf.dll
0x76210000 \Windows\System32\Wldap32.dll
0x761B0000 \Windows\System32\shlwapi.dll
0x76070000 \Windows\System32\urlmon.dll
0x775E0000 \Windows\System32\lpk.dll
0x775D0000 \Windows\System32\psapi.dll
0x775C0000 \Windows\System32\normaliz.dll
0x76050000 \Windows\System32\imm32.dll
0x75FB0000 \Windows\System32\advapi32.dll
0x75F90000 \Windows\System32\sechost.dll
0x75F00000 \Windows\System32\oleaut32.dll
0x75E80000 \Windows\System32\comdlg32.dll
0x75E40000 \Windows\System32\ws2_32.dll
0x75DB0000 \Windows\System32\clbcatq.dll
0x75D60000 \Windows\System32\gdi32.dll
0x75C90000 \Windows\System32\user32.dll
0x75BE0000 \Windows\System32\rpcrt4.dll
0x759E0000 \Windows\System32\iertutil.dll
0x75900000 \Windows\System32\kernel32.dll
0x758D0000 \Windows\System32\imagehlp.dll
0x75840000 \Windows\System32\comctl32.dll
0x757F0000 \Windows\System32\KernelBase.dll
0x756D0000 \Windows\System32\crypt32.dll
0x756B0000 \Windows\System32\devobj.dll
0x75680000 \Windows\System32\wintrust.dll
0x75650000 \Windows\System32\cfgmgr32.dll
0x75640000 \Windows\System32\msasn1.dll

Processes (total 83):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
400 csrss.exe
456 C:\Windows\System32\wininit.exe
568 C:\Windows\System32\services.exe
588 C:\Windows\System32\lsass.exe
596 C:\Windows\System32\lsm.exe
716 C:\Windows\System32\svchost.exe
800 C:\Windows\System32\svchost.exe
856 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\svchost.exe
984 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\stacsv.exe
1164 C:\Windows\System32\svchost.exe
1284 C:\Windows\System32\svchost.exe
1360 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1368 C:\Windows\System32\wlanext.exe
1376 C:\Windows\System32\conhost.exe
1668 C:\Windows\System32\spoolsv.exe
1712 C:\Windows\System32\svchost.exe
1820 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\AEstSrv.exe
1848 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1868 C:\Program Files\Bonjour\mDNSResponder.exe
1912 C:\SPLASH.SYS\config\DVMExportService.exe
1948 C:\Windows\System32\svchost.exe
1976 C:\Windows\System32\svchost.exe
336 C:\Windows\System32\svchost.exe
548 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
1248 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2200 C:\Windows\System32\SearchIndexer.exe
2256 C:\Windows\System32\svchost.exe
3004 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3152 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
3380 WmiPrvSE.exe
4144 C:\Program Files\iPod\bin\iPodService.exe
4228 C:\Program Files\Windows Media Player\wmpnetwk.exe
4352 C:\Windows\System32\svchost.exe
5232 dllhost.exe
5548 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5636 C:\Windows\System32\svchost.exe
3956 C:\Windows\System32\svchost.exe
5328 C:\Windows\System32\svchost.exe
1200 C:\Windows\System32\audiodg.exe
1888 C:\Windows\System32\SearchProtocolHost.exe
4068 C:\Windows\System32\SearchFilterHost.exe
3696 csrss.exe
6016 C:\Windows\System32\winlogon.exe
3288 C:\Windows\System32\taskhost.exe
6056 C:\Windows\System32\dwm.exe
4284 C:\Windows\explorer.exe
3856 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1684 C:\Program Files\HP\HPBTWD.exe
1056 C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
4536 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
5336 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3160 C:\Program Files\IDT\WDM\sttray.exe
5176 C:\Program Files\Java\jre6\bin\jusched.exe
5840 C:\Windows\System32\igfxtray.exe
1856 C:\Windows\System32\hkcmd.exe
5720 C:\Windows\System32\igfxpers.exe
5520 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
3712 igfxsrvc.exe
5172 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2704 C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
5008 C:\Program Files\Zune\ZuneLauncher.exe
4704 C:\Program Files\iTunes\iTunesHelper.exe
1208 C:\Program Files\Windows Sidebar\sidebar.exe
5468 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
3984 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1732 C:\Windows\System32\sppsvc.exe
5832 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
5492 HpqToaster.exe
1028 hpqbam08.exe
2972 C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
2012 C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
5700 WmiPrvSE.exe
6124 hpqgpc01.exe
1304 C:\Users\Dad\Desktop\MBRCheck.exe
1132 hpqdstcp.exe
6048 C:\Windows\System32\conhost.exe
1044 DocProc.exe
3992 C:\Windows\System32\svchost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000022`5e200000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM160HI, Rev: HH100-15

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: CBF09354B94728A993073CEF9F3E2FD2E4809561

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.

Done!

Chaosmachine420 · 2010/08/31

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Mini 110-1100
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 190):
0x81A3F000 \SystemRoot\system32\ntkrnlpa.exe
0x81A08000 \SystemRoot\system32\halmacpi.dll
0x81826000 \SystemRoot\system32\kdcom.dll
0x86033000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x860AB000 \SystemRoot\system32\PSHED.dll
0x860BC000 \SystemRoot\system32\BOOTVID.dll
0x860C4000 \SystemRoot\system32\CLFS.SYS
0x86106000 \SystemRoot\system32\CI.dll
0x8621D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8628E000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8629C000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x862E4000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x862ED000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x862F5000 \SystemRoot\system32\DRIVERS\pci.sys
0x8631F000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8632A000 \SystemRoot\System32\drivers\partmgr.sys
0x8633B000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x86343000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8634E000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8635E000 \SystemRoot\System32\drivers\volmgrx.sys
0x863A9000 \SystemRoot\System32\drivers\mountmgr.sys
0x86426000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x86500000 \SystemRoot\system32\DRIVERS\atapi.sys
0x86509000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8652C000 \SystemRoot\system32\DRIVERS\msahci.sys
0x86536000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x86544000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8654D000 \SystemRoot\system32\drivers\fltmgr.sys
0x86581000 \SystemRoot\system32\drivers\fileinfo.sys
0x86624000 \SystemRoot\System32\Drivers\Ntfs.sys
0x86753000 \SystemRoot\System32\Drivers\msrpc.sys
0x8677E000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86791000 \SystemRoot\System32\Drivers\cng.sys
0x867EE000 \SystemRoot\System32\drivers\pcw.sys
0x86600000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86804000 \SystemRoot\system32\drivers\ndis.sys
0x868BB000 \SystemRoot\system32\drivers\NETIO.SYS
0x868F9000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86A14000 \SystemRoot\System32\drivers\tcpip.sys
0x86B5D000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86B8E000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x86BCD000 \SystemRoot\System32\Drivers\spldr.sys
0x8691E000 \SystemRoot\System32\drivers\rdyboost.sys
0x86BD5000 \SystemRoot\System32\Drivers\mup.sys
0x86BE5000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8694B000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x86BED000 \SystemRoot\system32\DRIVERS\disk.sys
0x8697D000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x89F12000 \SystemRoot\System32\Drivers\Null.SYS
0x89F19000 \SystemRoot\System32\Drivers\Beep.SYS
0x89F20000 \SystemRoot\System32\drivers\vga.sys
0x89F2C000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x89F4D000 \SystemRoot\System32\drivers\watchdog.sys
0x89F5A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x89F62000 \SystemRoot\system32\drivers\rdpencdd.sys
0x89F6A000 \SystemRoot\system32\drivers\rdprefmp.sys
0x89F72000 \SystemRoot\System32\Drivers\Msfs.SYS
0x89F7D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89F8B000 \SystemRoot\system32\DRIVERS\tdx.sys
0x89FA2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x89FAD000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x869A2000 \SystemRoot\system32\drivers\afd.sys
0x89FB7000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x89FBC000 \SystemRoot\System32\DRIVERS\netbt.sys
0x89FEE000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x89E00000 \SystemRoot\system32\DRIVERS\pacer.sys
0x86609000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x86592000 \SystemRoot\system32\DRIVERS\netbios.sys
0x865A0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x865B3000 \SystemRoot\system32\DRIVERS\termdd.sys
0x863BF000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x89FF5000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8661A000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x89E1F000 \??\C:\SPLASH.SYS\config\dvmio.sys
0x865C3000 \SystemRoot\System32\drivers\discache.sys
0x865CF000 \SystemRoot\System32\Drivers\dfsc.sys
0x865E7000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x861B1000 \SystemRoot\System32\Drivers\aswSP.SYS
0x86400000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x86200000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8A83E000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8AD47000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8A800000 \SystemRoot\System32\drivers\dxgmms1.sys
0x861D8000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8AE23000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8B08A000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8B094000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8B0A6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8B0B1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B0FC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8B10B000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8B123000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8B130000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8B16B000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8B16D000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8B17A000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8B17E000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B187000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8B194000 \SystemRoot\system32\DRIVERS\serscan.sys
0x8B19C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8B1AE000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8B1C6000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8B1D1000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8AE00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x86000000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x86017000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8AE18000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8BA05000 \SystemRoot\system32\DRIVERS\ks.sys
0x8BA39000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8BA47000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8BA8B000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8BA9C000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x8BB04000 \SystemRoot\system32\DRIVERS\portcls.sys
0x8BB33000 \SystemRoot\system32\DRIVERS\drmk.sys
0x8BB4C000 \SystemRoot\System32\Drivers\crashdmp.sys
0x89E26000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8BB59000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x80C90000 \SystemRoot\System32\win32k.sys
0x8BB6A000 \SystemRoot\System32\drivers\Dxapi.sys
0x8BB74000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8BB8B000 \SystemRoot\System32\Drivers\usbvideo.sys
0x8BBAF000 \SystemRoot\system32\DRIVERS\monitor.sys
0x80EF0000 \SystemRoot\System32\TSDDD.dll
0x80F20000 \SystemRoot\System32\cdd.dll
0x8BBBA000 \SystemRoot\system32\DRIVERS\dc3d.sys
0x8BBC3000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8BBCA000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8BBD5000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8BBE8000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8BBF4000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x80F40000 \SystemRoot\System32\ATMFD.DLL
0x8DE13000 \SystemRoot\system32\drivers\luafv.sys
0x8DE2E000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x8DE45000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x8DE48000 \SystemRoot\system32\drivers\WudfPf.sys
0x8DE62000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8DE72000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8DEB8000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8DEC8000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x8DEDB000 \SystemRoot\system32\drivers\HTTP.sys
0x8DF60000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8DF79000 \SystemRoot\System32\drivers\mpsdrv.sys
0x8DF8B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8DFAE000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA6C3B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA6C6E000 \SystemRoot\system32\drivers\peauth.sys
0xA6D05000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA6D0F000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA6D30000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA6D3D000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA6D8C000 \SystemRoot\System32\DRIVERS\srv.sys
0x777B0000 \Windows\System32\ntdll.dll
0x48480000 \Windows\System32\smss.exe
0x779F0000 \Windows\System32\apisetschema.dll
0x00C10000 \Windows\System32\autochk.exe
0x779A0000 \Windows\System32\ws2_32.dll
0x77980000 \Windows\System32\sechost.dll
0x77900000 \Windows\System32\comdlg32.dll
0x776E0000 \Windows\System32\user32.dll
0x77540000 \Windows\System32\setupapi.dll
0x77490000 \Windows\System32\msvcrt.dll
0x77350000 \Windows\System32\urlmon.dll
0x772F0000 \Windows\System32\shlwapi.dll
0x772A0000 \Windows\System32\Wldap32.dll
0x77280000 \Windows\System32\imm32.dll
0x771B0000 \Windows\System32\msctf.dll
0x770B0000 \Windows\System32\wininet.dll
0x778F0000 \Windows\System32\psapi.dll
0x76F50000 \Windows\System32\ole32.dll
0x76F40000 \Windows\System32\nsi.dll
0x76F30000 \Windows\System32\normaliz.dll
0x76F20000 \Windows\System32\lpk.dll
0x76EF0000 \Windows\System32\imagehlp.dll
0x762A0000 \Windows\System32\shell32.dll
0x76210000 \Windows\System32\clbcatq.dll
0x761B0000 \Windows\System32\difxapi.dll
0x76110000 \Windows\System32\usp10.dll
0x760C0000 \Windows\System32\gdi32.dll
0x76020000 \Windows\System32\advapi32.dll
0x75F70000 \Windows\System32\rpcrt4.dll
0x75E90000 \Windows\System32\kernel32.dll
0x75E00000 \Windows\System32\oleaut32.dll
0x75C00000 \Windows\System32\iertutil.dll
0x75AE0000 \Windows\System32\crypt32.dll
0x75AB0000 \Windows\System32\wintrust.dll
0x75A20000 \Windows\System32\comctl32.dll
0x75A00000 \Windows\System32\devobj.dll
0x759D0000 \Windows\System32\cfgmgr32.dll
0x75980000 \Windows\System32\KernelBase.dll
0x75970000 \Windows\System32\msasn1.dll

Processes (total 86):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
404 csrss.exe
460 csrss.exe
468 C:\Windows\System32\wininit.exe
516 C:\Windows\System32\services.exe
532 C:\Windows\System32\lsass.exe
540 C:\Windows\System32\lsm.exe
564 C:\Windows\System32\winlogon.exe
692 C:\Windows\System32\svchost.exe
780 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
924 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
1000 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\stacsv.exe
1116 C:\Windows\System32\audiodg.exe
1184 C:\Windows\System32\svchost.exe
1312 C:\Windows\System32\svchost.exe
1428 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1436 C:\Windows\System32\wlanext.exe
1444 C:\Windows\System32\conhost.exe
1772 C:\Windows\System32\spoolsv.exe
1808 C:\Windows\System32\svchost.exe
1916 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\AEstSrv.exe
1944 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1964 C:\Program Files\Bonjour\mDNSResponder.exe
2012 C:\SPLASH.SYS\config\DVMExportService.exe
116 C:\Windows\System32\svchost.exe
344 C:\Windows\System32\svchost.exe
12 C:\Windows\System32\svchost.exe
228 C:\Windows\System32\svchost.exe
852 C:\Windows\System32\svchost.exe
1236 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
1844 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2236 C:\Windows\System32\svchost.exe
2268 C:\Windows\System32\SearchIndexer.exe
2776 C:\Windows\System32\SearchProtocolHost.exe
2916 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3200 C:\Windows\System32\taskhost.exe
3288 C:\Windows\System32\dwm.exe
3312 C:\Windows\explorer.exe
3468 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3476 C:\Program Files\HP\HPBTWD.exe
3520 C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
3572 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
3584 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3616 C:\Program Files\IDT\WDM\sttray.exe
3636 C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
3664 C:\Program Files\Java\jre6\bin\jusched.exe
3676 C:\Windows\System32\igfxtray.exe
3712 C:\Windows\System32\hkcmd.exe
3720 C:\Windows\System32\igfxpers.exe
3788 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
3804 C:\Program Files\Zune\ZuneLauncher.exe
3856 C:\Program Files\iTunes\iTunesHelper.exe
3864 C:\Windows\System32\igfxsrvc.exe
4068 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3104 C:\Program Files\Windows Media Player\wmpnetwk.exe
3484 C:\Windows\System32\svchost.exe
3160 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
856 C:\Program Files\Windows Sidebar\sidebar.exe
3812 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
3744 WmiPrvSE.exe
3656 C:\Program Files\iPod\bin\iPodService.exe
4048 C:\Program Files\AIM\aim.exe
1924 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
4656 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
4736 C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
4844 WmiPrvSE.exe
4932 dllhost.exe
4988 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
5052 C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
5284 C:\Program Files\Internet Explorer\iexplore.exe
5524 C:\Program Files\Internet Explorer\iexplore.exe
6124 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5764 C:\Windows\System32\svchost.exe
4516 C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
4680 C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe
5588 C:\Windows\servicing\TrustedInstaller.exe
5972 C:\Program Files\Internet Explorer\iexplore.exe
4596 C:\Windows\System32\SearchFilterHost.exe
3244 dllhost.exe
5880 dllhost.exe
4532 C:\Users\Krista\Desktop\MBRCheck.exe
3556 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000022`5e200000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM160HI, Rev: HH100-15

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: CBF09354B94728A993073CEF9F3E2FD2E4809561

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

broni · 2010/09/01

Unfortunately, our fix didn't work.
We have to use different method....

Please download NTBR by noahdfear and save it to your Desktop.
File size: 2.44 MB (2,565,432 bytes)

Place a blank CD in your CD drive.

Double click on NTBR_CD.exe file and a folder of the same name will appear.

Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.

Follow the prompts to burn the CD.

Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)

If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.

Insert the newly created CD into your infected PC and reboot your computer.

Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!

Read the warning and then continue as prompted.

You first need to select your keyboard layout - press Enter for English.

Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK

On the following screen enter 5 to select Install Standard MBR code.

Enter 2 to overwrite the infected MBR Code with the Windows 7 MBR code.

When asked to confirm please do so.

Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.

Eject the disc and then press ctrl+alt+del to reboot the PC.

Once rebooted run MBRCheck one more time and let me have the log produced.

Chaosmachine420 · 2010/09/01

What if u dont have a dvd drive on the mini notebook and cant afford to get a external one.

broni · 2010/09/01

Here is how create bootable USB recovery disk for Windows 7: http://www.intowindows.com/how-to-r...h-drive-repair-without-installation-dvd-disc/

When you're done.....

Boot from created USB.
At first screen click on Repair your computer:

This will bring you to a new screen where the repair process will look for all Windows Vista installations on your computer. When done you will be presented with the System Recovery Options dialog box:

After this, it will present you with a list of options including startup repair, system restore and command prompt:

Select Command Prompt

Type in:
bootrec /FixMbr (<--- there is a "space" after "bootrec ")
and then press Enter

Once completed then type Exit, press Enter and restart computer.

Post fresh MBRCheck log.

Log in or Sign up

Inactive Found Virus but cant delete it.

Chaosmachine420 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Chaosmachine420 Well-Known Member Thread Starter

Chaosmachine420 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Chaosmachine420 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive Found Virus but cant delete it.

Chaosmachine420 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Chaosmachine420 Well-Known Member Thread Starter

Chaosmachine420 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Chaosmachine420 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches