Hello

R

robbby

New member
TR/Crypt kept popping out in my computer. I tried to run a Malware bytes but for some reason the software didn't see any of it. I did try Norton Run/ Norton Power Eraser/ Rouge killer. They don't all work. I ran combofix and got my log but as tachi said I have to start fresh.

Could anyone help me out on this one? or yea sometimes I get a virus it says a TR/Dropper or something like that. It just annoys me. I just want these trojan's out of my computer. I lost the CD thats why I could format it :/
 
Hello robbby,

http://forums.spybot.info/showthread.php?69399-TR-Crypt-gen&p=445391
tashi said:
Hi robbby,

http://forums.spybot.info/showthrea...-this-Procedure-Before-Requesting-Assistance)
At this time threads may now be closed three days after last post in topic at the discretion of the volunteer. Please subscribe to your topic so you know when a reply has been posted. If the topic has been archived and you still require help start a new topic and include fresh DDS & aswMBR logs with a link to your previous thread. Please do not post any other logs, you'd be starting fresh. :)

It takes time to analyze logs and prepare a response. Volunteers help users at several sites, and take X number of new topics in order to give each member their attention and avoid burnout.

Thank you.
Click to expand...

Your last response to the original topic was Sept 9th, 2013 :lip:
http://forums.spybot.info/showthread.php?69287-TR-Crypt-XPACK-Gen3

Please go ahead and start a new topic providing fresh DDS & aswMBR logs with a link to your previous thread. :)
Click to expand...

Previous thread:
http://forums.spybot.info/showthread.php?69287-TR-Crypt-XPACK-Gen3

Instructions on how to provide the logs requested:
http://forums.spybot.info/showthrea...esting-Assistance)&p=1150&viewfull=1#post1150

Best regards.
 
Hello,
tashi said:
Instructions on how to provide the logs requested:
http://forums.spybot.info/showthrea...esting-Assistance)&p=1150&viewfull=1#post1150
Click to expand...

Then post them in a new topic here in the Malware Removal Forum. :)

Best regards.

---------------------------------
Edit

No need for more PMS. ;)

From the sticky FAQ,

Instruction for producing the DDS and aswMBR logs

DDS Log

Download to your desktop DDS from one of the links below:

Link 1
Link 2


  • Double click the tool to run it.
  • If a black Screen opens, just read the contents and do nothing.
  • When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
  • Copy/Paste the contents of 'DDS.txt' into your post. Please do not use code wrap.
  • 'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files)



aswMBR Log

Important! Please do not perform any fix options offered in aswMBR

Please download aswMBR to your desktop.



  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the Save Log button, save the logfile to your desktop and post its contents in your reply with the DDS logs.



If the infection prevents you from obtaining logs please start a topic and make note of the situation, provide details of the computer's current symptoms and wait for a response.
Do not post other logs or use "code wrap" unless requested in that format.
smile.png



Thank you. :)
 
I'm sorry if I kept messaging you.

DDS LOG

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18639
Run by Beep at 13:32:43 on 2013-09-25
Microsoft® Windows Vista™ Starter 6.0.6001.1.1252.63.1033.18.1976.647 [GMT -7:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SLsvc.exe
C:\Users\Beep\Desktop\New Folder (24)\SbieSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Garena Plus\ggdllhost.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\Windows\system32\vmnat.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Chikka Messenger\Chikka v.4\ChikkaLauncher.exe
C:\Users\Beep\Desktop\New Folder (24)\SbieCtrl.exe
C:\Program Files\Garena Plus\GarenaMessenger.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\21.0.1.3\ips\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - c:\program files\norton identity safe\engine\2014.5.0.67\CoIEPlg.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - c:\program files\utorrentbar\prxtbuTo0.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - c:\program files\norton identity safe\engine\2014.5.0.67\CoIEPlg.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [ChikkaDefault] c:\progra~1\chikka~1\chikka~1.4\ChikkaLauncher.exe
uRun: [SandboxieControl] "c:\users\Beep\desktop\new folder (24)\SbieCtrl.exe"
uRun: [Facebook Update] "c:\users\Beep\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [GarenaPlus] "c:\program files\garena plus\GarenaMessenger.exe" -autolaunch
uRun: [DAEMON Tools Lite] "c:\users\Beep\desktop\daemon\daemon tools lite\DTLite.exe" -autorun
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
uPolicies-Explorer: NoDFSTab = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDFSTab = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: %windir%\system32\vsocklib.dll
DPF: {0D8069C4-4C00-4FBD-AA88-954927AFD0B4} - hxxps://lifespeed.ebixexchange.com/LifeSpeed/Wizard/eSignatureCOM/SignitXFMS.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://203.160.179.106:8800/RtspVaPgDec.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D4C0E8A3-C5E4-44E1-ADF0-F7074194B4E4} : DHCPNameServer = 10.177.0.34 10.161.171.220
TCP: Interfaces\{E3F562F3-753E-4EF4-B08D-C4B5669E6EDB} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\Beep\appdata\roaming\mozilla\firefox\profiles\yat0h4yw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\garena plus\bbtalk\plugins\npplugin\npGarenaTalkPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\users\Beep\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-09-13 19:05; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_21.0.1.3\IPSFFPlgn
FF - ExtSQL: 2013-09-13 22:26; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; c:\programdata\norton\{92622aad-05e8-4459-b256-765ce1e929fb}\nst_2014.5.0.67\coFFPlgn
FF - ExtSQL: !HIDDEN! 2009-07-14 11:04; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1500010.003\SymDS.sys [2013-9-13 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1500010.003\SymEFA.sys [2013-9-13 935000]
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2013-8-15 71888]
R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-9-14 63824]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-7-8 11608]
R1 BHDrvx86;BHDrvx86;c:\program files\norton antivirus\nortondata\21.0.1.3\definitions\bashdefs\20130903.002\BHDrvx86.sys [2013-9-3 1097816]
R1 ccSet_NAV;NAV Settings Manager;c:\windows\system32\drivers\nav\1500010.003\ccSetx86.sys [2013-9-13 117336]
R1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\nst\7de05000.043\ccSetx86.sys [2013-9-13 117336]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-6-2 242240]
R1 IDSVix86;IDSVix86;c:\program files\norton antivirus\nortondata\21.0.1.3\definitions\ipsdefs\20130924.001\IDSvix86.sys [2013-9-24 392792]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1500010.003\Ironx86.sys [2013-9-13 206936]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nav\1500010.003\symtdiv.sys [2013-9-13 383064]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-7-8 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-7-8 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-7-8 56816]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\21.0.1.3\NAV.exe [2013-9-13 262288]
R2 NCO;Norton Identity Safe;c:\program files\norton identity safe\engine\2014.5.0.67\NST.exe [2013-9-13 129424]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2013-8-26 719416]
R2 Yonline;Yonline;c:\windows\system32\drivers\Yonline.ahc [2011-8-17 40832]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-9-13 108120]
R3 SbieDrv;SbieDrv;c:\users\Beep\desktop\new folder (24)\SbieDrv.sys [2011-10-12 131344]
R3 tmobile_mf691_dc_enum;T-Mobile MF691 DC Enumerator;c:\windows\system32\drivers\tmobile_mf691_dc_enum.sys [2010-4-9 80000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-17 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]
S3 tmobile_mf691_cdc_acm;T-Mobile MF691 CDC-ACM driver;c:\windows\system32\drivers\tmobile_mf691_cdc_acm.sys [2010-4-9 86016]
S3 tmobile_mf691_cdc_ecm;tmobile_mf691_cdc_ecm;c:\windows\system32\drivers\tmobile_mf691_cdc_ecm.sys [2010-4-9 50304]
S3 tmobile_mf691_cpo;T-Mobile webConnect CPO device;c:\windows\system32\drivers\tmobile_mf691_cpo.sys [2010-4-9 9728]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-17 753504]
.
=============== Created Last 30 ================
.
2013-09-25 05:04:52 -------- d-----w- c:\users\Beep\appdata\local\temp
2013-09-25 04:56:43 -------- d-sh--w- C:\$RECYCLE.BIN
2013-09-25 04:37:33 98816 ----a-w- c:\windows\sed.exe
2013-09-25 04:37:33 256000 ----a-w- c:\windows\PEV.exe
2013-09-25 04:37:33 208896 ----a-w- c:\windows\MBR.exe
2013-09-22 03:50:45 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2013-09-17 19:58:06 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c4bd545a-bfc0-434b-ae3b-5908b0148207}\mpengine.dll
2013-09-14 20:30:07 63568 ----a-w- c:\windows\system32\vsocklib.dll
2013-09-14 20:30:04 63824 ----a-w- c:\windows\system32\drivers\vsock.sys
2013-09-14 20:29:09 25808 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2013-09-14 20:27:01 358480 ----a-w- c:\windows\system32\vmnetdhcp.exe
2013-09-14 20:26:46 437328 ----a-w- c:\windows\system32\vmnat.exe
2013-09-14 20:26:43 26192 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2013-09-14 20:26:15 776272 ----a-w- c:\windows\system32\vnetlib.dll
2013-09-14 20:24:46 43192 ----a-w- c:\windows\system32\drivers\hcmon.sys
2013-09-14 20:24:04 31928 ----a-w- c:\windows\system32\drivers\vmusb.sys
2013-09-14 20:21:42 -------- d-----w- c:\program files\common files\VMware
2013-09-14 02:04:07 117336 ----a-r- c:\windows\system32\drivers\nst\7de05000.043\ccSetx86.sys
2013-09-14 02:04:02 -------- d-----w- c:\windows\system32\drivers\nst\7DE05000.043
2013-09-14 02:04:02 -------- d-----w- c:\windows\system32\drivers\NST
2013-09-14 02:04:01 -------- d-----w- c:\program files\Norton Identity Safe
2013-09-14 02:03:52 142936 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-09-14 02:03:52 -------- d-----w- c:\program files\common files\Symantec Shared
2013-09-14 02:03:23 935000 ----a-r- c:\windows\system32\drivers\nav\1500010.003\SymEFA.sys
2013-09-14 02:03:23 650840 ----a-r- c:\windows\system32\drivers\nav\1500010.003\srtsp.sys
2013-09-14 02:03:23 446552 ----a-r- c:\windows\system32\drivers\nav\1500010.003\symnets.sys
2013-09-14 02:03:23 383064 ----a-r- c:\windows\system32\drivers\nav\1500010.003\symtdiv.sys
2013-09-14 02:03:23 367704 ----a-r- c:\windows\system32\drivers\nav\1500010.003\SymDS.sys
2013-09-14 02:03:23 32344 ----a-r- c:\windows\system32\drivers\nav\1500010.003\srtspx.sys
2013-09-14 02:03:23 21520 ----a-r- c:\windows\system32\drivers\nav\1500010.003\SymELAM.sys
2013-09-14 02:03:23 206936 ----a-r- c:\windows\system32\drivers\nav\1500010.003\Ironx86.sys
2013-09-14 02:03:23 117336 ----a-r- c:\windows\system32\drivers\nav\1500010.003\ccSetx86.sys
2013-09-14 02:02:32 14818 ----a-r- c:\windows\system32\drivers\nav\1500010.003\SymVTcer.dat
2013-09-14 02:02:31 -------- d-----w- c:\windows\system32\drivers\nav\1500010.003
2013-09-14 02:02:31 -------- d-----w- c:\windows\system32\drivers\NAV
2013-09-14 02:02:29 -------- d-----w- c:\program files\Norton AntiVirus
2013-09-14 02:02:28 -------- d-----w- c:\programdata\Norton
2013-09-14 02:02:19 -------- d-----w- c:\programdata\NortonInstaller
2013-09-14 02:02:19 -------- d-----w- c:\program files\NortonInstaller
2013-09-10 20:38:09 -------- d-----w- c:\programdata\AVG2013
2013-09-10 20:31:10 -------- d-----w- c:\users\Beep\appdata\local\MFAData
2013-09-10 20:31:10 -------- d-----w- c:\users\Beep\appdata\local\Avg2013
2013-09-10 20:31:10 -------- d-----w- c:\programdata\MFAData
2013-09-10 19:02:13 -------- d-----w- c:\users\Beep\appdata\local\ElevatedDiagnostics
2013-09-10 18:59:45 -------- d-----w- c:\programdata\CheckPoint
2013-09-10 15:32:02 -------- d-----w- c:\users\Beep\appdata\local\Apple
2013-09-07 23:12:13 -------- d-----w- c:\program files\CCleaner
2013-08-29 08:06:58 133208 ----a-w- c:\windows\system32\drivers\30602754.sys
2013-08-27 19:43:02 65488 ----a-w- c:\windows\system32\drivers\vmx86.sys
2013-08-27 19:42:02 69712 ----a-w- c:\windows\system32\vmnetbridge.dll
2013-08-27 19:42:02 37456 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2013-08-27 19:42:00 50256 ----a-w- c:\windows\system32\vnetinst.dll
2013-08-27 19:42:00 20048 ----a-w- c:\windows\system32\drivers\vmnet.sys
2013-08-27 19:42:00 17104 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
.
==================== Find3M ====================
.
2013-09-20 02:38:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 02:38:38 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-16 01:24:54 71888 ----a-w- c:\windows\system32\drivers\vmci.sys
2013-08-07 11:22:04 238872 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 13:34:47.59 ===============


ATTACH Txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Starter
Boot Device: \Device\HarddiskVolume1
Install Date: 7/7/2009 5:20:03 AM
System Uptime: 9/25/2013 1:15:18 PM (0 hours ago)
.
Motherboard: emachines | | HM40
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | U2E1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 4.081 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 2.361 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: USB Video Device
Device ID: USB\VID_064E&PID_A103&MI_00\6&E51765B&0&0000
Manufacturer: Microsoft
Name: Video WebCam
PNP Device ID: USB\VID_064E&PID_A103&MI_00\6&E51765B&0&0000
Service: usbvideo
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
µTorrent
AAC Decoder
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9
ALPS Touch Pad Driver
Any Video Converter 3.2.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
Atheros for Acer Driver v7.6.1.162_Foxconn Installation Program
AutoHotkey 1.1.12.00
AutoUpdate
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Battle Realms WOTW Expansion
Bonjour
Canon MP Navigator EX 2.0
Canon MP240 series MP Drivers
Canon MP240 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner
Chikka Messenger V4
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant HD Audio
DAEMON Tools Lite
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
eMachines ScreenSaver
Facebook Video Calling 1.2.0.287
Garena Plus
Google Chrome
Google Update Helper
H.264 Decoder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
iTunes
Launch Manager
LightScribe 1.4.124.1
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MKV Splitter
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
NBA 2K11
Nero 7 Essentials
Norton AntiVirus
Norton Identity Safe
Python 2.7.1
QuickTime
Realtek USB 2.0 Card Reader
Sandboxie 3.60 (32-bit)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype™ 3.8
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
uTorrentBar Toolbar
VC80CRTRedist - 8.0.50727.762
Video Web Camera
VLC media player 0.9.4
VMware Player
Warcraft III
WinRAR archiver
Yahoo! Messenger
.
==== End Of File ===========================


aswMBR Log

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-25 13:57:44
-----------------------------
13:57:44.947 OS Version: Windows 6.0.6001 Service Pack 1
13:57:44.947 Number of processors: 2 586 0x170A
13:57:44.948 ComputerName: BEEP UserName:
13:57:47.034 Initialize success
13:58:39.938 AVAST engine defs: 13092501
13:59:09.323 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:59:09.328 Disk 0 Vendor: Hitachi_HTS543216L9A300 FB2OC40C Size: 152627MB BusType: 3
13:59:09.638 Disk 0 MBR read successfully
13:59:09.643 Disk 0 MBR scan
13:59:09.772 Disk 0 Windows VISTA default MBR code
13:59:09.802 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76315 MB offset 2048
13:59:09.856 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76308 MB offset 156296385
13:59:09.897 Disk 0 scanning sectors +312576705
13:59:10.540 Disk 0 scanning C:\Windows\system32\drivers
13:59:42.964 Service scanning
13:59:52.674 Service BHDrvx86 C:\Program Files\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130903.002\BHDrvx86.sys **LOCKED** 5
13:59:54.176 Service ccSet_NAV C:\Windows\system32\drivers\NAV\1500010.003\ccSetx86.sys **LOCKED** 5
13:59:58.883 Service eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys **LOCKED** 5
13:59:59.782 Service EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
14:00:07.233 Service IDSVix86 C:\Program Files\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130925.001\IDSvix86.sys **LOCKED** 5
14:00:18.949 Service NAVENG C:\Program Files\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20130925.003\NAVENG.SYS **LOCKED** 5
14:00:19.338 Service NAVEX15 C:\Program Files\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20130925.003\NAVEX15.SYS **LOCKED** 5
14:00:29.221 Service SRTSPX C:\Windows\system32\drivers\NAV\1500010.003\SRTSPX.SYS **LOCKED** 5
14:00:30.269 Service SymDS C:\Windows\system32\drivers\NAV\1500010.003\SYMDS.SYS **LOCKED** 5
14:00:30.903 Service SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS **LOCKED** 5
14:00:31.044 Service SymIRON C:\Windows\system32\drivers\NAV\1500010.003\Ironx86.SYS **LOCKED** 5
14:00:31.185 Service SYMTDIv C:\Windows\system32\drivers\NAV\1500010.003\SYMTDIV.SYS **LOCKED** 5
14:00:41.122 Modules scanning
14:01:48.613 Disk 0 trace - called modules:
14:01:48.654 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
14:01:48.664 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85657ac8]
14:01:48.674 3 CLASSPNP.SYS[87fa9745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84d918e0]
14:01:50.667 AVAST engine scan C:\Windows
14:02:07.999 AVAST engine scan C:\Windows\system32
14:06:49.682 AVAST engine scan C:\Windows\system32\drivers
14:07:17.460 AVAST engine scan C:\Users\beep
14:34:50.065 AVAST engine scan C:\ProgramData
15:04:19.066 Scan finished successfully
16:41:32.579 Disk 0 MBR has been saved successfully to "C:\Users\beep\Desktop\MBR.dat"
16:41:32.590 The log file has been saved successfully to "C:\Users\beep\Desktop\aswMBR.txt"
 
Update*
I found my CD I could reformat it but the problem is for some reason my pc won't read any CD/DVD.
I tried uninstalling it then rebooting it didn't work. Tried to delete it manually still didn't work. I tried Mr. Fix it and the software just kept giving me this. Media in CD/DVD drive is not readable ( Slimtype DVD A DS8A3S ATA Device)
I'm thinking that the virus that I got a while ago damaged it or something. I still can hear the noise when I put the CD in the CD medium.

I really hope you could help me fix it.
Thank you in advance.
 
You must log in or register to reply here.
Back
Top