Facebook   Twitter   Google+   YouTube Get FREE Online Help Free Download IObit Products  

Go Back   IObit.Com Forums > IObit Security Software > Spyware-Malware Removal Help!
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Spyware-Malware Removal Help! A separate area dedicated to virus, spyware, rootkit and all other forms of malware removal.

Reply
 
Thread Tools Display Modes
  #11  
Old Jun. 18th, 2012, 02:02
serenanicole serenanicole is offline
Junior Member
 
Join Date: 16 Jun 2012
Posts: 12
Default reply

It detected nothing it will not let me open it to copy and paste keeps not responding. will not even let me attach the log to this message.
Reply With Quote
  #12  
Old Jun. 18th, 2012, 20:25
serenanicole serenanicole is offline
Junior Member
 
Join Date: 16 Jun 2012
Posts: 12
Default reply

my computer is still redirecting even though its picking nothing up with the suggestions and when i play games it is still minimizing me and giving me messages like would you like to leave or stay on this page from internet explorer, are you shure? when i had nothing open which is a new one. with shure being spelled wrong. and message from webpage with a caution sign that says thanks. not sure what else to do.
Reply With Quote
  #13  
Old Jun. 18th, 2012, 22:21
Superdave's Avatar
Superdave Superdave is offline
Malware Fighter
 
Join Date: 07 Mar 2010
Posts: 808
Default

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*************************************************


Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
************************************************
Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.
Reply With Quote
  #14  
Old Jun. 19th, 2012, 11:02
serenanicole serenanicole is offline
Junior Member
 
Join Date: 16 Jun 2012
Posts: 12
Default logs

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/19/2012 at 06:27 AM

Application Version : 5.1.1002

Core Rules Database Version : 8759
Trace Rules Database Version: 6571

Scan type : Complete Scan
Total Scan Time : 00:21:24

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 547
Memory threats detected : 0
Registry items scanned : 65911
Registry threats detected : 0
File items scanned : 41422
File threats detected : 120

Adware.Tracking Cookie
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\serena@doubleclick[1].txt [ /doubleclick ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\serena@doubleclick[2].txt [ /doubleclick ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\0EUZP8TF.txt [ /media.adfrontiers.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\GXVLA4BC.txt [ /tag.2bluemedia.hiro.tv ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\DMKCTNML.txt [ /ads.us.e-planning.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\TQLOVHFY.txt [ /clicks.freesearchbuddy.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\EVAZS97H.txt [ /network.realmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\6YA250ZA.txt [ /findology.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\8TWJTD6D.txt [ /ads.driverdigital.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\Y0KN545W.txt [ /clicksor.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\2PA1QPMM.txt [ /click.primosearch.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\YYGD9LZ5.txt [ /myroitracking.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\VAS9X1SZ.txt [ /openx.overadmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\JK3SPL94.txt [ /steelhousemedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\B0EWMPDY.txt [ /doufind.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\ROYFG2WG.txt [ /ghmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\6JTR0VFJ.txt [ /miva.cinomedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\WC6XJ82H.txt [ /legolas-media.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\M5KFLM91.txt [ /invitemedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\Q86UM625.txt [ /yieldmanager.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\40HY74MX.txt [ /lucidmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\VK23S4P4.txt [ /adup.rotator.hadj7.adjuggler.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\2L3XQ0W9.txt [ /advertising.ezanga.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\7OU89242.txt [ /vidasco.rotator.hadj7.adjuggler.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\C0CXN525.txt [ /ox-d.fondnessmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\X5ZKI4C1.txt [ /ads.pubmatic.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\C5VPGZ95.txt [ /ad.allvoices.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\S5AJYW5M.txt [ /adxpose.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\XQ0FI6RU.txt [ /ad.yieldmanager.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\F5UMWF24.txt [ /click.expandsearchanswers.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\86DQT11W.txt [ /ads.undertone.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\4VPJMY4U.txt [ /ads.saymedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\8PA93WDI.txt [ /ads.gamersmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\DBL3DE01.txt [ /interclick.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\J36HLXNV.txt [ /s4.trafficno.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\3LA528O5.txt [ /ads.adk2.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\RJ8PBWL3.txt [ /adserving.ezanga.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\0RSLP6J5.txt [ /ox-d.mediaforge.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\M4Y7DLGQ.txt [ /intermundomedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\KTSG1HH9.txt [ /xml.trafficengine.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\1P55E1H3.txt [ /adfarm1.adition.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\NF2DIE7B.txt [ /ads.footar.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\NL32XJ51.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\Y11EMVX9.txt [ /ads.financialcontent.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\P44AE0PO.txt [ /media6degrees.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\5F10JE6U.txt [ /adjuggler.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\KJ4XHHXS.txt [ /adserver.adtechus.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\8FPNPHA0.txt [ /clicks.gossipcenter.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\SIWM0DTC.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\2M78H3IS.txt [ /collective-media.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\4L5246YS.txt [ /redirect.adservesystem.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\CEZ0CSAF.txt [ /thirdage.112.2o7.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\XS3ET8HH.txt [ /mtvn.112.2o7.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\UWNL6WPU.txt [ /a1.interclick.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\SX8GP041.txt [ /nextag.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\PVOPTM8I.txt [ /openofind.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\VTUUTOSF.txt [ /adinterax.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\S36G39PG.txt [ /adnetwork.net ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\WC6QD8IJ.txt [ /realmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\V0ZNT3UO.txt [ /lokyfind.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\0P3RAUSN.txt [ /tracking893.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\C2T163I3.txt [ /goclicker.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\S6R9LT9T.txt [ /gamersmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\RTKF8EC7.txt [ /findstops.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\NRP1LGFD.txt [ /incsfind.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\DY0AARKA.txt [ /gamersmedia.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\SIURVIDV.txt [ /insideentrepreneurs.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\O55WJT47.txt [ /cleangreenfind.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\6YT9MT1E.txt [ /traveladvertising.com ]
C:\Users\Serena\AppData\Roaming\Microsoft\Windows\ Cookies\3T66DMY1.txt [ /multimediadir.com ]
C:\USERS\SERENA\AppData\Roaming\Microsoft\Windows\ Cookies\ES378ZPG.txt [ Cookie:serena@greatestsearchengines.com/click/ ]
C:\USERS\SERENA\AppData\Roaming\Microsoft\Windows\ Cookies\E1482KT9.txt [ Cookie:serena@adsonar.com/adserving ]
C:\USERS\SERENA\Cookies\0EUZP8TF.txt [ Cookie:serena@media.adfrontiers.com/ ]
C:\USERS\SERENA\Cookies\GXVLA4BC.txt [ Cookie:serena@tag.2bluemedia.hiro.tv/ ]
C:\USERS\SERENA\Cookies\TQLOVHFY.txt [ Cookie:serena@clicks.freesearchbuddy.com/ ]
C:\USERS\SERENA\Cookies\EVAZS97H.txt [ Cookie:serena@network.realmedia.com/ ]
C:\USERS\SERENA\Cookies\6YA250ZA.txt [ Cookie:serena@findology.com/ ]
C:\USERS\SERENA\Cookies\Y0KN545W.txt [ Cookie:serena@clicksor.com/ ]
C:\USERS\SERENA\Cookies\2PA1QPMM.txt [ Cookie:serena@click.primosearch.com/ads-clicktrack/click/ ]
C:\USERS\SERENA\Cookies\YYGD9LZ5.txt [ Cookie:serena@myroitracking.com/ ]
C:\USERS\SERENA\Cookies\VAS9X1SZ.txt [ Cookie:serena@openx.overadmedia.com/ ]
C:\USERS\SERENA\Cookies\ES378ZPG.txt [ Cookie:serena@greatestsearchengines.com/click/ ]
C:\USERS\SERENA\Cookies\6JTR0VFJ.txt [ Cookie:serena@miva.cinomedia.com/ ]
C:\USERS\SERENA\Cookies\WC6XJ82H.txt [ Cookie:serena@legolas-media.com/ ]
C:\USERS\SERENA\Cookies\Q86UM625.txt [ Cookie:serena@yieldmanager.net/ ]
C:\USERS\SERENA\Cookies\40HY74MX.txt [ Cookie:serena@lucidmedia.com/ ]
C:\USERS\SERENA\Cookies\VK23S4P4.txt [ Cookie:serena@adup.rotator.hadj7.adjuggler.net/ ]
C:\USERS\SERENA\Cookies\2L3XQ0W9.txt [ Cookie:serena@advertising.ezanga.com/ ]
C:\USERS\SERENA\Cookies\7OU89242.txt [ Cookie:serena@vidasco.rotator.hadj7.adjuggler.net/ ]
C:\USERS\SERENA\Cookies\C0CXN525.txt [ Cookie:serena@ox-d.fondnessmedia.com/ ]
C:\USERS\SERENA\Cookies\E1482KT9.txt [ Cookie:serena@adsonar.com/adserving ]
C:\USERS\SERENA\Cookies\S5AJYW5M.txt [ Cookie:serena@adxpose.com/ ]
C:\USERS\SERENA\Cookies\8PA93WDI.txt [ Cookie:serena@ads.gamersmedia.com/ ]
C:\USERS\SERENA\Cookies\DBL3DE01.txt [ Cookie:serena@interclick.com/ ]
C:\USERS\SERENA\Cookies\J36HLXNV.txt [ Cookie:serena@s4.trafficno.com/ ]
C:\USERS\SERENA\Cookies\0RSLP6J5.txt [ Cookie:serena@ox-d.mediaforge.com/ ]
C:\USERS\SERENA\Cookies\KTSG1HH9.txt [ Cookie:serena@xml.trafficengine.net/ ]
C:\USERS\SERENA\Cookies\NL32XJ51.txt [ Cookie:serena@mediaservices-d.openxenterprise.com/ ]
C:\USERS\SERENA\Cookies\1P55E1H3.txt [ Cookie:serena@adfarm1.adition.com/ ]
C:\USERS\SERENA\Cookies\P44AE0PO.txt [ Cookie:serena@media6degrees.com/ ]
C:\USERS\SERENA\Cookies\KJ4XHHXS.txt [ Cookie:serena@adserver.adtechus.com/ ]
C:\USERS\SERENA\Cookies\8FPNPHA0.txt [ Cookie:serena@clicks.gossipcenter.com/ ]
C:\USERS\SERENA\Cookies\2M78H3IS.txt [ Cookie:serena@collective-media.net/ ]
C:\USERS\SERENA\Cookies\4L5246YS.txt [ Cookie:serena@redirect.adservesystem.com/ ]
C:\USERS\SERENA\Cookies\CEZ0CSAF.txt [ Cookie:serena@thirdage.112.2o7.net/ ]
C:\USERS\SERENA\Cookies\XS3ET8HH.txt [ Cookie:serena@mtvn.112.2o7.net/ ]
C:\USERS\SERENA\Cookies\UWNL6WPU.txt [ Cookie:serena@a1.interclick.com/ ]
C:\USERS\SERENA\Cookies\SX8GP041.txt [ Cookie:serena@nextag.com/ ]
C:\USERS\SERENA\Cookies\PVOPTM8I.txt [ Cookie:serena@openofind.com/ ]
C:\USERS\SERENA\Cookies\VTUUTOSF.txt [ Cookie:serena@adinterax.com/ ]
C:\USERS\SERENA\Cookies\WC6QD8IJ.txt [ Cookie:serena@realmedia.com/ ]
C:\USERS\SERENA\Cookies\V0ZNT3UO.txt [ Cookie:serena@lokyfind.com/ ]
C:\USERS\SERENA\Cookies\0P3RAUSN.txt [ Cookie:serena@tracking893.com/ ]
C:\USERS\SERENA\Cookies\C2T163I3.txt [ Cookie:serena@goclicker.com/ ]
C:\USERS\SERENA\Cookies\S6R9LT9T.txt [ Cookie:serena@gamersmedia.com/servlet/ajrotator/track/pt1231328 ]
C:\USERS\SERENA\Cookies\RTKF8EC7.txt [ Cookie:serena@findstops.com/ ]
C:\USERS\SERENA\Cookies\NRP1LGFD.txt [ Cookie:serena@incsfind.com/ ]
C:\USERS\SERENA\Cookies\DY0AARKA.txt [ Cookie:serena@gamersmedia.com/servlet/ajrotator/track/pt1220272 ]
C:\USERS\SERENA\Cookies\O55WJT47.txt [ Cookie:serena@cleangreenfind.com/click/ ]
C:\USERS\SERENA\Cookies\3T66DMY1.txt [ Cookie:serena@multimediadir.com/ ]







Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Serena :: SERENA-PC [administrator]

6/19/2012 6:38:35 AM
mbam-log-2012-06-19 (06-38-35).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 323874
Time elapsed: 19 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 560
Logical Drives Mask: 0x000101ec

Kernel Drivers (total 186):
0x03213000 \SystemRoot\system32\ntoskrnl.exe
0x037FB000 \SystemRoot\system32\hal.dll
0x00BB5000 \SystemRoot\system32\kdcom.dll
0x00CEE000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D3D000 \SystemRoot\system32\PSHED.dll
0x00D51000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00EFD000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00FA1000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E00000 \SystemRoot\system32\drivers\ACPI.sys
0x00E57000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00E60000 \SystemRoot\system32\drivers\msisadrv.sys
0x00E6A000 \SystemRoot\system32\drivers\pci.sys
0x00E9D000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00EAA000 \SystemRoot\System32\drivers\partmgr.sys
0x00EBF000 \SystemRoot\system32\drivers\volmgr.sys
0x01055000 \SystemRoot\System32\drivers\volmgrx.sys
0x010B1000 \SystemRoot\System32\drivers\mountmgr.sys
0x010CB000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x011E7000 \SystemRoot\system32\drivers\amdxata.sys
0x01000000 \SystemRoot\system32\drivers\fltmgr.sys
0x00ED4000 \SystemRoot\system32\drivers\fileinfo.sys
0x00FB0000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x011F2000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0122D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0148C000 \SystemRoot\System32\Drivers\msrpc.sys
0x014EA000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01505000 \SystemRoot\System32\Drivers\cng.sys
0x01577000 \SystemRoot\System32\drivers\pcw.sys
0x01588000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0164F000 \SystemRoot\system32\drivers\ndis.sys
0x01742000 \SystemRoot\system32\drivers\NETIO.SYS
0x017A2000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01883000 \SystemRoot\System32\drivers\tcpip.sys
0x01A86000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AD0000 \SystemRoot\system32\drivers\volsnap.sys
0x01B1C000 \SystemRoot\System32\Drivers\spldr.sys
0x01B24000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B5E000 \SystemRoot\System32\Drivers\mup.sys
0x01B70000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B79000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01BB3000 \SystemRoot\system32\DRIVERS\disk.sys
0x01BC9000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x03D8C000 \SystemRoot\system32\drivers\cdrom.sys
0x03DB6000 \SystemRoot\System32\Drivers\Null.SYS
0x03DBF000 \SystemRoot\System32\Drivers\Beep.SYS
0x03DC6000 \SystemRoot\System32\drivers\vga.sys
0x03DD4000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03C00000 \SystemRoot\System32\drivers\watchdog.sys
0x03C10000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x03C19000 \SystemRoot\system32\drivers\rdpencdd.sys
0x03C22000 \SystemRoot\system32\drivers\rdprefmp.sys
0x03C2B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03C36000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0180E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03C47000 \SystemRoot\System32\DRIVERS\TDI.SYS
0x01400000 \SystemRoot\system32\drivers\afd.sys
0x01853000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01875000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x03C54000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x017CD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01600000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x01616000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01625000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x01592000 \SystemRoot\system32\drivers\termdd.sys
0x01640000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x017F3000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x015A6000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x013D0000 \SystemRoot\system32\drivers\nsiproxy.sys
0x013DC000 \SystemRoot\system32\drivers\mssmbios.sys
0x013E7000 \SystemRoot\System32\drivers\discache.sys
0x01200000 \SystemRoot\System32\Drivers\dfsc.sys
0x00FE5000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x00CC0000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00DAF000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0F2DB000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0FFF9000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x03EB4000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03FA8000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03E00000 \SystemRoot\system32\drivers\HDAudBus.sys
0x03E24000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03E31000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03E87000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0F200000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x03E98000 \SystemRoot\system32\drivers\CompositeBus.sys
0x0F285000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0F29B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03EA8000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x00DC5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0F2BF000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04283000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x042A4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x042BE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x042CD000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x042DC000 \SystemRoot\system32\DRIVERS\serscan.sys
0x042E4000 \SystemRoot\system32\drivers\ksthunk.sys
0x042EA000 \SystemRoot\system32\drivers\ks.sys
0x0432D000 \SystemRoot\system32\drivers\swenum.sys
0x0432F000 \SystemRoot\system32\drivers\umbus.sys
0x04341000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0439B000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x043B0000 \SystemRoot\system32\drivers\nvhda64v.sys
0x04200000 \SystemRoot\system32\drivers\portcls.sys
0x0423D000 \SystemRoot\system32\drivers\drmk.sys
0x05210000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x000A0000 \SystemRoot\System32\win32k.sys
0x05200000 \SystemRoot\System32\drivers\Dxapi.sys
0x0425F000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03C5D000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x0426D000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x043C8000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x043D6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x043EF000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x0520C000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03FEE000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x028F2000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x0290D000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004C0000 \SystemRoot\System32\TSDDD.dll
0x00680000 \SystemRoot\System32\cdd.dll
0x0291B000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02938000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x02946000 \SystemRoot\system32\drivers\luafv.sys
0x02969000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x02974000 \SystemRoot\system32\drivers\WudfPf.sys
0x02995000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x029AA000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02800000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02813000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x04850000 \SystemRoot\system32\drivers\HTTP.sys
0x04919000 \SystemRoot\system32\DRIVERS\bowser.sys
0x04937000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0494F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0497C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x049CA000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0282B000 \SystemRoot\system32\drivers\peauth.sys
0x049EE000 \SystemRoot\System32\Drivers\secdrv.SYS
0x06E39000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x06EFA000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x06F47000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x06F78000 \SystemRoot\System32\drivers\tcpipreg.sys
0x06F8A000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07CC8000 \SystemRoot\System32\DRIVERS\srv.sys
0x07D60000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x07D6B000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x07D9C000 \SystemRoot\System32\Drivers\fastfat.SYS
0x07C00000 \SystemRoot\system32\drivers\spsys.sys
0x77B70000 \Windows\System32\ntdll.dll
0x475D0000 \Windows\System32\smss.exe
0xFFE90000 \Windows\System32\apisetschema.dll
0xFF5B0000 \Windows\System32\autochk.exe
0xFFE30000 \Windows\System32\ws2_32.dll
0x77A50000 \Windows\System32\kernel32.dll
0xFFDB0000 \Windows\System32\shlwapi.dll
0xFFDA0000 \Windows\System32\lpk.dll
0xFFD70000 \Windows\System32\imm32.dll
0x778F0000 \Windows\System32\wininet.dll
0x776E0000 \Windows\System32\iertutil.dll
0xFFB90000 \Windows\System32\setupapi.dll
0x77D40000 \Windows\System32\psapi.dll
0xFFB20000 \Windows\System32\gdi32.dll
0xFFA80000 \Windows\System32\clbcatq.dll
0xFFA00000 \Windows\System32\difxapi.dll
0xFF9E0000 \Windows\System32\imagehlp.dll
0xFF8B0000 \Windows\System32\rpcrt4.dll
0x77590000 \Windows\System32\urlmon.dll
0xFEB20000 \Windows\System32\shell32.dll
0xFEA80000 \Windows\System32\msvcrt.dll
0xFE9A0000 \Windows\System32\advapi32.dll
0xFE900000 \Windows\System32\comdlg32.dll
0xFE8A0000 \Windows\System32\Wldap32.dll
0x77490000 \Windows\System32\user32.dll
0xFE890000 \Windows\System32\nsi.dll
0xFE680000 \Windows\System32\ole32.dll
0xFE660000 \Windows\System32\sechost.dll
0xFE580000 \Windows\System32\oleaut32.dll
0xFE4B0000 \Windows\System32\usp10.dll
0x77D30000 \Windows\System32\normaliz.dll
0xFE3A0000 \Windows\System32\msctf.dll
0xFE300000 \Windows\System32\comctl32.dll
0xFE290000 \Windows\System32\KernelBase.dll
0xFE250000 \Windows\System32\wintrust.dll
0xFE210000 \Windows\System32\cfgmgr32.dll
0xFE0A0000 \Windows\System32\crypt32.dll
0xFE080000 \Windows\System32\devobj.dll
0xFE070000 \Windows\System32\msasn1.dll
0x75490000 \Windows\SysWOW64\normaliz.dll

Processes (total 62):
0 System Idle Process
4 System
304 C:\Windows\System32\smss.exe
460 csrss.exe
520 C:\Windows\System32\wininit.exe
536 csrss.exe
580 C:\Windows\System32\services.exe
588 C:\Windows\System32\lsass.exe
596 C:\Windows\System32\lsm.exe
648 C:\Windows\System32\winlogon.exe
748 C:\Windows\System32\svchost.exe
804 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
848 C:\Windows\System32\nvvsvc.exe
888 C:\Windows\System32\svchost.exe
940 C:\Program Files\Microsoft Security Client\MsMpEng.exe
316 C:\Windows\System32\svchost.exe
480 C:\Windows\System32\svchost.exe
712 C:\Windows\System32\svchost.exe
1048 C:\Windows\System32\audiodg.exe
1092 C:\Windows\System32\svchost.exe
1188 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1200 C:\Windows\System32\nvvsvc.exe
1248 C:\Windows\System32\svchost.exe
1556 C:\Windows\System32\spoolsv.exe
1604 C:\Windows\System32\svchost.exe
1700 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
1724 C:\Windows\System32\svchost.exe
2044 C:\Windows\System32\taskhost.exe
1424 C:\Windows\explorer.exe
1720 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
1336 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2092 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2584 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
2840 C:\Windows\System32\svchost.exe
2900 WUDFHost.exe
2180 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
1736 C:\Windows\System32\vds.exe
3112 WmiPrvSE.exe
3248 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3268 C:\Windows\System32\igfxtray.exe
3304 C:\Program Files\Microsoft Security Client\msseces.exe
3312 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
3516 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
3552 C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
3560 C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
3576 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
3604 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
4092 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3184 C:\Windows\System32\SearchIndexer.exe
3456 C:\Program Files\Windows Media Player\wmpnetwk.exe
972 C:\Windows\System32\svchost.exe
4164 WmiPrvSE.exe
4528 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4744 dllhost.exe
2400 C:\Windows\System32\sppsvc.exe
3620 C:\Windows\System32\svchost.exe
2956 C:\Windows\System32\SearchProtocolHost.exe
692 C:\Windows\System32\SearchFilterHost.exe
1220 dllhost.exe
2380 dllhost.exe
4948 C:\Users\Serena\Downloads\MBRCheck.exe
3700 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`04600000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: WDCWD5000AAKS-75V0A0, Rev: 05.01D05

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
Reply With Quote
  #15  
Old Jun. 19th, 2012, 22:18
Superdave's Avatar
Superdave Superdave is offline
Malware Fighter
 
Join Date: 07 Mar 2010
Posts: 808
Default

Please try running aswMBR.exe again as instructed in Reply # 8. We need to fix the MBR.
Reply With Quote
  #16  
Old Jun. 20th, 2012, 02:09
serenanicole serenanicole is offline
Junior Member
 
Join Date: 16 Jun 2012
Posts: 12
Default

The program downloads directly to my desktop like instructed but it will not open. It there and i can double click on it but nothing appears I tried numerous times. Even tried to troubleshoot, made sure I was running as administrator and everything nothing, I just double click and it acts like it is going to open it then nothing. Its like im just clicking on nothing.
Reply With Quote
  #17  
Old Jun. 20th, 2012, 03:24
Melvin_Deal's Avatar
Melvin_Deal Melvin_Deal is offline
Malware Advisor Moderator
 
Join Date: 06 Jul 2009
Posts: 2,937
Default Hi serenanicole

Have you re-booted your machine or left it running?

Only post I will make I think Dave.

Sincerely,
-Mel
live long and prosper!
__________________


Reply With Quote
  #18  
Old Jun. 20th, 2012, 07:06
serenanicole serenanicole is offline
Junior Member
 
Join Date: 16 Jun 2012
Posts: 12
Default

Im not sure how else to word it the program will not open, no errors no nothing. just double click and nothing happens. Yes I have rebooted but I can not leave it running because it will not open.. Ive even tried safe mode.
Reply With Quote
  #19  
Old Jun. 20th, 2012, 19:18
Superdave's Avatar
Superdave Superdave is offline
Malware Fighter
 
Join Date: 07 Mar 2010
Posts: 808
Default

Quote:
Originally Posted by serenanicole View Post
Im not sure how else to word it the program will not open, no errors no nothing. just double click and nothing happens. Yes I have rebooted but I can not leave it running because it will not open.. Ive even tried safe mode.
What happens when you right-click on the program?
Reply With Quote
  #20  
Old Jun. 20th, 2012, 20:38
serenanicole serenanicole is offline
Junior Member
 
Join Date: 16 Jun 2012
Posts: 12
Default

When I double click it makes an hour glass like it is going to load then dissapears and nothing opens. It gives me the option to open, run as administrator etc when I right click but none of that will work. It just acts like it is going to load then nothing ever comes up and the loading icon dissapears.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Get FREE Online Help



Free Download IObit Products




Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Deleted my frequently visited pages ngngokkiu Advanced SystemCare v5 1 Jun. 8th, 2012 09:36
I have close to 20 trojans, and several others aswell cmjf0013 Spyware-Malware Removal Help! 46 Jun. 3rd, 2012 20:04
SWF Injected on Pages from IOBit Toolbar? [Wrong interpretation] TheDude2012 IObit Free Tools General Discussions 7 Feb. 1st, 2012 02:49
Game Booster Stopping browser DustySniper GB & RGB General Discussions 1 Jun. 6th, 2011 17:02


All times are GMT +0. The time now is 01:15.


Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.