Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Infected With Malware??


  • Please log in to reply
8 replies to this topic

#1 Bubby48230

Bubby48230

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 09 January 2013 - 01:27 PM

Hello,

I hope you can help. I've been pulling my hair on this matter.

Yesterday something happened to my computer. It has been running fine forever. Not really sure what, or how, this happened.
Here are the symptoms: can no longer load malware programs, mouse (when double clicked) will no longer open programs and I have been getting some funny windows popping up as follows-

Run time error '372' failed to load 'web browser' from frame leframe.dll Your version of leframe.dll may be outdated.

Also,

Cocreateinstance failed class. Code 0x80040154 class not registered.

Hope you can help. Please let me know what I should do next. Not sure what happened but I suspect rough malware.

Thanks.

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:42 PM

Posted 09 January 2013 - 07:51 PM

Welcome aboard Posted Image

You can't open ANY programs?
Same in safe mode?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Bubby48230

Bubby48230
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 10 January 2013 - 07:45 AM

Hi,

No let me give you a better explanation.

First, I can no longer double click and open any program, I must open all programs, document, or any other items using the right mouse button and selecting the "open" command.
Also, I have been getting the following notices since this "thing" has started to happen:

CoCreateInstance Failed; Code 0x80040154 Class Not Recognized. This pops up when I try to install Malwarebytes, it also caused my browser window to close.

The other message I receive is:

Run time error '372' failed to load 'webbrowser' from frame leframe.dll Your version of leframe.dll may be outdated.

This computer has been running fine and all this started 2 days ago. I ran SUPERAntiSpyware which supposedly found a bunch of stuff. After cleaning I noticed that everything that should have been in the quarantine was gone. Not sure what happened to it.

Last night I left this computer on and window open to this site. This morning the window was closed??

Please let me know what you would like me to do.

Thanks.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:42 PM

Posted 10 January 2013 - 05:48 PM

You may have .lnk file association messed up.
We'll' get back to it in a moment but first...

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Ninamarie719

Ninamarie719

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 22 February 2013 - 09:43 AM

MiniToolBox by Farbar  Version:10-01-2013
Ran by NJ (administrator) on 22-02-2013 at 09:43:16
Running from "D:\Users\NJ\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : LASTXP

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : local



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : local

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-19-21-DF-F2-14

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.10.9

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.10.1

        DHCP Server . . . . . . . . . . . : 192.168.10.1

        DNS Servers . . . . . . . . . . . : 68.105.28.16

                                            68.105.29.16

        Lease Obtained. . . . . . . . . . : Friday, February 22, 2013 8:05:43 AM

        Lease Expires . . . . . . . . . . : Monday, March 04, 2013 8:05:43 AM

Server:  ip68-105-28-16.at.at.cox.net
Address:  68.105.28.16

Name:    google.com
Addresses:  74.125.239.0, 74.125.239.1, 74.125.239.2, 74.125.239.3
      74.125.239.4, 74.125.239.5, 74.125.239.6, 74.125.239.7, 74.125.239.8
      74.125.239.9, 74.125.239.14



Pinging google.com [74.125.224.169] with 32 bytes of data:



Reply from 74.125.224.169: bytes=32 time=91ms TTL=50

Reply from 74.125.224.169: bytes=32 time=91ms TTL=50



Ping statistics for 74.125.224.169:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 91ms, Maximum = 91ms, Average = 91ms

Server:  ip68-105-28-16.at.at.cox.net
Address:  68.105.28.16

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=441ms TTL=51

Reply from 206.190.36.45: bytes=32 time=718ms TTL=51



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 441ms, Maximum = 718ms, Average = 579ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 21 df f2 14 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.10.1    192.168.10.9      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0     192.168.10.9    192.168.10.9      20
     192.168.10.0    255.255.255.0     192.168.10.9    192.168.10.9      20
     192.168.10.9  255.255.255.255        127.0.0.1       127.0.0.1      20
   192.168.10.255  255.255.255.255     192.168.10.9    192.168.10.9      20
        224.0.0.0        240.0.0.0     192.168.10.9    192.168.10.9      20
  255.255.255.255  255.255.255.255     192.168.10.9    192.168.10.9      1
Default Gateway:      192.168.10.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 D:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 D:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 D:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 D:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 D:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 D:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/22/2013 08:46:28 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
MauiMain: IsIEPresent failed.  Exiting...

Error: (02/22/2013 08:46:24 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
RegOpenKeyEx(HKLM, "SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE", 0, KEY_READ) returned 0x00000002

Error: (02/22/2013 08:46:22 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (02/22/2013 08:46:22 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (02/22/2013 08:46:22 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (02/22/2013 08:06:00 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service Manager returned a fatal error (0x80004002). Will stop service

Error: (02/22/2013 07:57:55 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service Manager returned a fatal error (0x80004002). Will stop service

Error: (02/22/2013 07:46:16 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service Manager returned a fatal error (0x80004002). Will stop service

Error: (02/22/2013 03:00:33 AM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2756918, P2 1033, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (02/22/2013 03:00:25 AM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1601, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.


System errors:
=============
Error: (02/22/2013 08:07:22 AM) (Source: Service Control Manager) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/22/2013 08:07:22 AM) (Source: Service Control Manager) (User: )
Description: The QBIDPService service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/22/2013 08:07:21 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aspi32
eeCtrl

Error: (02/22/2013 08:07:20 AM) (Source: Service Control Manager) (User: )
Description: The HP LaserJet Service service hung on starting.

Error: (02/22/2013 08:05:58 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe.
Reference error message: The operation completed successfully.
.

Error: (02/22/2013 08:05:58 AM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.CRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (02/22/2013 08:05:58 AM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (02/22/2013 08:05:57 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the QBCFMonitorService service to connect.

Error: (02/22/2013 08:05:57 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%14001

Error: (02/22/2013 08:05:55 AM) (Source: 0) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (09/26/2011 04:01:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 0Microsoft Office Word12.0.4518.101412.0.4518.10141053960


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Reader X (10.1.2) (Version: 10.1.2)
AVG 2012 (Version: 12.0.2114)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 53.0.13.000)
CCleaner (Version: 3.24)
Coupon Printer for Windows (Version: 5.0.0.1)
CPL All-in-One
CustomerResearchQFolder (Version: 1.00.0000)
Destinations (Version: 53.0.13.000)
DeviceFunctionQFolder (Version: 1.00.0000)
DeviceManagementQFolder (Version: 1.00.0000)
eSupportQFolder (Version: 1.00.0000)
Foxit Reader (Version: 5.4.2.901)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
HP Extended Capabilities 5.0 (Version: 5.0)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.0 (Version: 5.0)
HP LaserJet Professional M1130-M1210 MFP Series
HP LaserJet Professional M1210 MFP Series Fax Installer (Version: 1.1.0)
HP LaserJet Toolbox (Version: 2.0.0)
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.0 (Version: 5.0)
hppLaserJetService (Version: 001.003.000145)
hppM1130M1210SeriesLaserJetService (Version: 001.003.00073)
hppusgM1130M1210Series (Version: 1.0.0.2)
HPSSupply (Version: 2.1.1.0000)
InstallIQ Updater (Version: 1.4.3.0)
Intel® Graphics Media Accelerator Driver
InternetHelper1.5 Toolbar (Version: 6.9.0.16)
JetMP3 (Version: 1.0517.1205)
K-Lite Codec Pack 7.0.0 (Standard) (Version: 7.0.0)
LibreOffice 3.6 (Version: 3.6.2.2)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
QuickBooks (Version: 21.0.4012.904)
QuickBooks Pro 2011 (Version: 21.0.4012.904)
QuickBooks Product Listing Service (Version: 2.0.126)
QuickBooks Remote Access (Version: 2.3)
Realtek High Definition Audio Driver
RegShot (Version: 1.7.2.5)
Scan To (Version: 2.0.1)
SolutionCenter (Version: 50.0.152.000)
Status (Version: 53.0.13.000)
SUPERAntiSpyware (Version: 5.5.1012)
SupportSoft Assisted Service (Version: 15)
TrayApp (Version: 53.0.13.000)
Universal Silent Switch Finder
Unlocker 1.8.5 (Version: 1.8.5)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
User Agent String Utility (Version: 2.1.0)
Visual Task Tips 2.1 (Version: 2.1)
WebEx
WebReg (Version: 53.0.13.000)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Vista Sounds Pack (Version: 1.0.0)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================

Name: SCSI/RAID Host Controller
Description: SCSI/RAID Host Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: ab3dm4pq
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 1271.3 MB
Available physical RAM: 427.78 MB
Total Pagefile: 3034.01 MB
Available Pagefile: 2355.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.23 MB

========================= Partitions: =====================================

1 Drive c: (Recovery) (Fixed) (Total:6.4 GB) (Free:1.06 GB) NTFS
2 Drive d: () (Fixed) (Total:68.12 GB) (Free:13.75 GB) NTFS
3 Drive e: (HPPP) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\LASTXP

Administrator            ASPNET                   Guest                    
HelpAssistant            Nina                     NJ                       
SUPPORT_388945a0         


**** End of log ****



#6 Ninamarie719

Ninamarie719

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 22 February 2013 - 10:01 AM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-22 09:46:58
-----------------------------
09:46:58.328    OS Version: Windows 5.1.2600 Service Pack 3
09:46:58.328    Number of processors: 1 586 0x605
09:46:58.343    ComputerName: LASTXP  UserName: NJ
09:46:58.906    Initialize success
09:48:28.750    AVAST engine defs: 13022200
09:48:39.406    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:48:39.406    Disk 0 Vendor: Hitachi_HDS721680PLA380 P21OA70A Size: 76319MB BusType: 3
09:48:39.421    Disk 0 MBR read successfully
09:48:39.421    Disk 0 MBR scan
09:48:39.437    Disk 0 Windows XP default MBR code
09:48:39.437    Disk 0 Partition - 00     0F Extended LBA             69750 MB offset 16065
09:48:39.468    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS         6557 MB offset 142866045
09:48:39.500    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        69750 MB offset 16128
09:48:39.500    Disk 0 scanning sectors +156296385
09:48:39.640    Disk 0 scanning D:\WINDOWS\system32\drivers
09:48:51.000    Service scanning
09:49:07.453    Service sptd D:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
09:49:12.906    Modules scanning
09:49:20.937    Disk 0 trace - called modules:
09:49:20.953    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x8a2a37b8]<<
09:49:20.953    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a1f0ab8]
09:49:20.953    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000063[0x8a22bf18]
09:49:20.953    5 ACPI.sys[f74bb620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a228940]
09:49:21.703    AVAST engine scan D:\WINDOWS
09:49:33.515    AVAST engine scan D:\WINDOWS\system32
09:52:07.718    AVAST engine scan D:\WINDOWS\system32\drivers
09:52:23.531    AVAST engine scan D:\Users\NJ
09:54:15.453    Disk 0 MBR has been saved successfully to "D:\Users\NJ\My Documents\Downloads\MBR.dat"
09:54:15.453    The log file has been saved successfully to "D:\Users\NJ\My Documents\Downloads\aswMBR.txt"
09:54:37.406    Disk 0 MBR has been saved successfully to "D:\Users\NJ\My Documents\MBR.dat"
09:54:37.406    The log file has been saved successfully to "D:\Users\NJ\My Documents\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-22 09:46:58
-----------------------------
09:46:58.328    OS Version: Windows 5.1.2600 Service Pack 3
09:46:58.328    Number of processors: 1 586 0x605
09:46:58.343    ComputerName: LASTXP  UserName: NJ
09:46:58.906    Initialize success
09:48:28.750    AVAST engine defs: 13022200
09:48:39.406    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:48:39.406    Disk 0 Vendor: Hitachi_HDS721680PLA380 P21OA70A Size: 76319MB BusType: 3
09:48:39.421    Disk 0 MBR read successfully
09:48:39.421    Disk 0 MBR scan
09:48:39.437    Disk 0 Windows XP default MBR code
09:48:39.437    Disk 0 Partition - 00     0F Extended LBA             69750 MB offset 16065
09:48:39.468    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS         6557 MB offset 142866045
09:48:39.500    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        69750 MB offset 16128
09:48:39.500    Disk 0 scanning sectors +156296385
09:48:39.640    Disk 0 scanning D:\WINDOWS\system32\drivers
09:48:51.000    Service scanning
09:49:07.453    Service sptd D:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
09:49:12.906    Modules scanning
09:49:20.937    Disk 0 trace - called modules:
09:49:20.953    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x8a2a37b8]<<
09:49:20.953    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a1f0ab8]
09:49:20.953    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000063[0x8a22bf18]
09:49:20.953    5 ACPI.sys[f74bb620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a228940]
09:49:21.703    AVAST engine scan D:\WINDOWS
09:49:33.515    AVAST engine scan D:\WINDOWS\system32
09:52:07.718    AVAST engine scan D:\WINDOWS\system32\drivers
09:52:23.531    AVAST engine scan D:\Users\NJ
09:54:15.453    Disk 0 MBR has been saved successfully to "D:\Users\NJ\My Documents\Downloads\MBR.dat"
09:54:15.453    The log file has been saved successfully to "D:\Users\NJ\My Documents\Downloads\aswMBR.txt"
09:54:37.406    Disk 0 MBR has been saved successfully to "D:\Users\NJ\My Documents\MBR.dat"
09:54:37.406    The log file has been saved successfully to "D:\Users\NJ\My Documents\aswMBR.txt"
09:58:17.828    AVAST engine scan D:\Users\All Users
09:59:18.046    Scan finished successfully
10:00:03.125    Disk 0 MBR has been saved successfully to "D:\Users\NJ\My Documents\MBR.dat"
10:00:03.125    The log file has been saved successfully to "D:\Users\NJ\My Documents\aswMBR.txt"
 



i can not download malwarebytes to my computer. Virus won't allow



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:42 PM

Posted 22 February 2013 - 07:28 PM

Can you use some other computer and USB flash drive to transfer the file to your computer?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 Ninamarie719

Ninamarie719

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 25 February 2013 - 03:41 PM

tried it will not finish download



#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:42 PM

Posted 25 February 2013 - 04:45 PM

Uploaded it for you here: http://www.filedropper.com/mbam-setup-17001100


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users