Google redirect virus

  1. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    Hello,
    I believe that my computer has a case of the Google redirect virus. For the past 3-4 days, I have noticed that some of my Google results will redirect to a malicious site such as click.gethotresults.com. Not every search results gets redirected, however, it is enough to notice. My antivirus program (Avast) blocks any redirect attempt. I have run several anti-malware programs (Combifix, Malwarebytes, Gmer, Spybot), but the virus is still active. I was able to remove adware called CouponBar with these programs. During the same timeframe my Mozilla browser has requested that I update my Java and Adobe Flash players due to possible security violations, which I did over the weekend. I have attached the requested log files as per the "Prework" forum post.

    Any assistance is greatly appreciated. Thank you.

    Attached Files:

  2. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

    Please download TDSSKiller from here and save it to your Desktop.
    • Doubleclick TDSSKiller.exe to run the tool
    • Click the Start Scan button
    • After the scan has finished, click the Close button
    • Click the Report button and copy/paste the contents of it into your next reply
    Note:It will also create a log in the C:\ directory.
  3. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    I have attached the report to this reply, as the forum is stating that my reply is too long. I apologize for the inconvenience.

    Attached Files:

  4. chengb227

    chengb227 New Member

    Joined:
    Sep 11, 2012
    Posts:
    1
    Likes Received:
    0
    Local time:
    00:22
    My System
    Loading...

    Hi there -

    I have been following along and I have the EXACT same problem as cwfenn described. I have used FixTDSS, TDSSKiller, Trend Micro Housecall, and my AVG antivirus - all to no avail. I have attached the TDSSKiller log report from when I used it - perhaps you may find it helpful. Any help would be greatly appreciated. Thank you.


    B

    EDIT: I am unsure if I am allowed to post a reply here - I read that only staff can post in the security area. If this indeed is the security area I sincerely apologize in advance.

    Attached Files:

  5. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

    Hi Chengb227.

    Please create your own topic. :)
    driver_ian likes this.
  6. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

    Hello.

    Please download ComboFix [​IMG] from BleepingComputer.com

    Alternate link: GeeksToGo.com


    Rename ComboFix.exe to commy.exe before you save it to your Desktop
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
    • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
    • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
  7. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    I have attached the ComboFix report to this reply.

    Thanks.

    Attached Files:

  8. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

    Hello.
    Do you have your Win7 disc? we may need it to access recovery mode.
  9. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    I was not given a Win7 disc, as it was pre-installed in the computer. Would a backup disc be sufficient?
  10. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

  11. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    I will get on it tonight and burn the DVD.
  12. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    I have burned the DVD.
  13. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

    Okay good, now I just need to check your MBR and confirm that's where the infection is hiding.

    Download MBRCheck to your desktop.
    • Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    • It will show a black screen with some data on it.
    • A report called MBRcheckxxxx.txt will be on your desktop
    • Open this report and post its content in your next reply.
  14. cwfenn

    cwfenn New Member Bronze Member

    Joined:
    Sep 9, 2012
    Posts:
    21
    Likes Received:
    0
    Local time:
    03:22
    My System
    Loading...

    Here is the text of the report:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Home Premium Edition
    Windows Information: Service Pack 1 (build 7601), 64-bit
    Base Board Manufacturer: Gateway
    BIOS Manufacturer: Phoenix Technologies LTD
    System Manufacturer: Gateway
    System Product Name: NV73A
    Logical Drives Mask: 0x000003ec

    Kernel Drivers (total 203):
    0x02E1A000 \SystemRoot\system32\ntoskrnl.exe
    0x03402000 \SystemRoot\system32\hal.dll
    0x00BC4000 \SystemRoot\system32\kdcom.dll
    0x00CE1000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
    0x00CEE000 \SystemRoot\system32\PSHED.dll
    0x00D02000 \SystemRoot\system32\CLFS.SYS
    0x00C00000 \SystemRoot\system32\CI.dll
    0x00EB5000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00F59000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x00F68000 \SystemRoot\system32\drivers\ACPI.sys
    0x00FBF000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x00FC8000 \SystemRoot\system32\drivers\msisadrv.sys
    0x00E00000 \SystemRoot\system32\drivers\pci.sys
    0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
    0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
    0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys
    0x00D60000 \SystemRoot\System32\drivers\volmgrx.sys
    0x00E7F000 \SystemRoot\system32\drivers\pciide.sys
    0x00E86000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x00E96000 \SystemRoot\System32\drivers\mountmgr.sys
    0x00FD2000 \SystemRoot\system32\drivers\atapi.sys
    0x00DBC000 \SystemRoot\system32\drivers\ataport.SYS
    0x00FDB000 \SystemRoot\system32\drivers\msahci.sys
    0x00FE6000 \SystemRoot\system32\drivers\amdxata.sys
    0x0102D000 \SystemRoot\system32\drivers\fltmgr.sys
    0x01079000 \SystemRoot\system32\drivers\fileinfo.sys
    0x01256000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x0108D000 \SystemRoot\System32\Drivers\msrpc.sys
    0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x010EB000 \SystemRoot\System32\Drivers\cng.sys
    0x0121B000 \SystemRoot\System32\drivers\pcw.sys
    0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x01452000 \SystemRoot\system32\drivers\ndis.sys
    0x01544000 \SystemRoot\system32\drivers\NETIO.SYS
    0x015A4000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x01600000 \SystemRoot\System32\drivers\tcpip.sys
    0x01400000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x0115D000 \SystemRoot\system32\drivers\volsnap.sys
    0x0144A000 \SystemRoot\System32\Drivers\spldr.sys
    0x011A9000 \SystemRoot\System32\drivers\rdyboost.sys
    0x015CE000 \SystemRoot\System32\Drivers\mup.sys
    0x015E0000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x018B9000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x018F3000 \SystemRoot\system32\DRIVERS\disk.sys
    0x01909000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x01939000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
    0x01979000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x02CC3000 \SystemRoot\System32\Drivers\aswSnx.SYS
    0x02DB3000 \SystemRoot\System32\Drivers\Null.SYS
    0x02DBC000 \SystemRoot\System32\Drivers\Beep.SYS
    0x02DC3000 \SystemRoot\System32\drivers\vga.sys
    0x02DD1000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x02C00000 \SystemRoot\System32\drivers\watchdog.sys
    0x02C10000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x02C19000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x02C22000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x02C2B000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x02C36000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x02C47000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x02C69000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x02C76000 \SystemRoot\System32\Drivers\aswTdi.SYS
    0x019A3000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x01800000 \SystemRoot\system32\drivers\afd.sys
    0x02C88000 \SystemRoot\System32\Drivers\aswrdr2.sys
    0x02C98000 \SystemRoot\system32\drivers\ws2ifsl.sys
    0x02CA3000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x01889000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x02CAC000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x019E8000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x01236000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x015E9000 \SystemRoot\system32\drivers\termdd.sys
    0x03CFA000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x03D4B000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x03D57000 \SystemRoot\system32\drivers\mssmbios.sys
    0x03D62000 \SystemRoot\System32\drivers\discache.sys
    0x03D71000 \SystemRoot\System32\Drivers\dfsc.sys
    0x03D8F000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x03DA0000 \SystemRoot\System32\Drivers\aswSP.SYS
    0x03C00000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x03C26000 \SystemRoot\system32\DRIVERS\amdppm.sys
    0x03C3B000 \SystemRoot\system32\DRIVERS\atikmpag.sys
    0x0488F000 \SystemRoot\system32\DRIVERS\atipmdag.sys
    0x04EFE000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x04800000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x04846000 \SystemRoot\system32\drivers\HDAudBus.sys
    0x03C6F000 \SystemRoot\system32\DRIVERS\k57nd60a.sys
    0x04067000 \SystemRoot\system32\DRIVERS\athrx.sys
    0x0428C000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x04299000 \??\C:\Windows\system32\drivers\UBHelper.sys
    0x042A1000 \??\C:\Windows\system32\drivers\NTIDrvr.sys
    0x042A9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x042B6000 \SystemRoot\system32\DRIVERS\usbohci.sys
    0x042C1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x04317000 \SystemRoot\system32\DRIVERS\usbfilter.sys
    0x04324000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x04335000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x0433A000 \SystemRoot\system32\drivers\i8042prt.sys
    0x04358000 \SystemRoot\system32\drivers\kbdclass.sys
    0x04367000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x043B4000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x043B6000 \SystemRoot\system32\drivers\mouclass.sys
    0x043C5000 \SystemRoot\system32\drivers\wmiacpi.sys
    0x043CE000 \SystemRoot\system32\drivers\CompositeBus.sys
    0x043DE000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x04000000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x04024000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x04030000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x0486A000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x03CC0000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x011E3000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x0405F000 \SystemRoot\system32\drivers\swenum.sys
    0x044B5000 \SystemRoot\system32\drivers\ks.sys
    0x044F8000 \SystemRoot\system32\drivers\umbus.sys
    0x0450A000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x04564000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x04579000 \SystemRoot\system32\drivers\AtiHdmi.sys
    0x0459B000 \SystemRoot\system32\drivers\portcls.sys
    0x045D8000 \SystemRoot\system32\drivers\drmk.sys
    0x045FA000 \SystemRoot\system32\drivers\ksthunk.sys
    0x058E9000 \SystemRoot\system32\drivers\RTKVHD64.sys
    0x05B0B000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x05B19000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x05B25000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x05B30000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x00080000 \SystemRoot\System32\win32k.sys
    0x05B43000 \SystemRoot\System32\drivers\Dxapi.sys
    0x05B4F000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x004A0000 \SystemRoot\System32\TSDDD.dll
    0x006A0000 \SystemRoot\System32\cdd.dll
    0x05B5D000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x05B7A000 \SystemRoot\System32\Drivers\usbvideo.sys
    0x05BA8000 \SystemRoot\system32\DRIVERS\usbprint.sys
    0x05BB4000 \SystemRoot\system32\DRIVERS\dot4usb.sys
    0x05BC4000 \SystemRoot\system32\DRIVERS\Dot4.sys
    0x05BEC000 \SystemRoot\system32\drivers\Dot4Prt.sys
    0x05800000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    0x0581B000 \SystemRoot\system32\drivers\luafv.sys
    0x0583E000 \??\C:\windows\system32\drivers\aswMonFlt.sys
    0x05860000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
    0x05869000 \SystemRoot\system32\drivers\WudfPf.sys
    0x028E7000 \SystemRoot\system32\drivers\USBAVCap.sys
    0x029C4000 \SystemRoot\system32\drivers\BdaSup.SYS
    0x029C8000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x02800000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x02853000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x02866000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x04640000 \SystemRoot\system32\drivers\HTTP.sys
    0x04709000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x04727000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x0473F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x0476C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x047BA000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x04400000 \SystemRoot\system32\drivers\peauth.sys
    0x047DE000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x04600000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x047E9000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x0287E000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x06624000 \SystemRoot\System32\DRIVERS\srv.sys
    0x066BC000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
    0x0675E000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0x0677B000 \SystemRoot\system32\DRIVERS\udfs.sys
    0x77300000 \Windows\System32\ntdll.dll
    0x47D40000 \Windows\System32\smss.exe
    0xFF620000 \Windows\System32\apisetschema.dll
    0xFF5D0000 \Windows\System32\autochk.exe
    0xFF5F0000 \Windows\System32\imagehlp.dll
    0xFF4E0000 \Windows\System32\msctf.dll
    0xFF3B0000 \Windows\System32\rpcrt4.dll
    0xFF360000 \Windows\System32\ws2_32.dll
    0xFF2E0000 \Windows\System32\shlwapi.dll
    0x770F0000 \Windows\System32\iertutil.dll
    0xFF200000 \Windows\System32\oleaut32.dll
    0xFF160000 \Windows\System32\msvcrt.dll
    0xFF140000 \Windows\System32\sechost.dll
    0x76FF0000 \Windows\System32\user32.dll
    0xFF0A0000 \Windows\System32\clbcatq.dll
    0xFF040000 \Windows\System32\Wldap32.dll
    0xFF030000 \Windows\System32\nsi.dll
    0xFEFC0000 \Windows\System32\gdi32.dll
    0xFEF40000 \Windows\System32\difxapi.dll
    0x76EA0000 \Windows\System32\urlmon.dll
    0xFEEA0000 \Windows\System32\comdlg32.dll
    0xFEDD0000 \Windows\System32\usp10.dll
    0x774D0000 \Windows\System32\psapi.dll
    0xFEBC0000 \Windows\System32\ole32.dll
    0x76D40000 \Windows\System32\wininet.dll
    0xFEAE0000 \Windows\System32\advapi32.dll
    0x774C0000 \Windows\System32\normaliz.dll
    0xFEAD0000 \Windows\System32\lpk.dll
    0xFDD40000 \Windows\System32\shell32.dll
    0xFDB60000 \Windows\System32\setupapi.dll
    0x76C20000 \Windows\System32\kernel32.dll
    0xFDB30000 \Windows\System32\imm32.dll
    0xFDAF0000 \Windows\System32\cfgmgr32.dll
    0xFDAB0000 \Windows\System32\wintrust.dll
    0xFDA90000 \Windows\System32\devobj.dll
    0xFDA20000 \Windows\System32\KernelBase.dll
    0xFD8B0000 \Windows\System32\crypt32.dll
    0xFD810000 \Windows\System32\comctl32.dll
    0xFD800000 \Windows\System32\msasn1.dll
    0x75B50000 \Windows\SysWOW64\normaliz.dll

    Processes (total 73):
    0 System Idle Process
    4 System
    324 C:\Windows\System32\smss.exe
    464 csrss.exe
    528 C:\Windows\System32\wininit.exe
    552 csrss.exe
    584 C:\Windows\System32\services.exe
    608 C:\Windows\System32\lsass.exe
    620 C:\Windows\System32\lsm.exe
    652 C:\Windows\System32\winlogon.exe
    776 C:\Windows\System32\svchost.exe
    872 C:\Windows\System32\svchost.exe
    920 C:\Windows\System32\atiesrxx.exe
    992 C:\Windows\System32\svchost.exe
    340 C:\Windows\System32\svchost.exe
    468 C:\Windows\System32\svchost.exe
    1048 C:\Windows\System32\svchost.exe
    1144 C:\Windows\System32\atieclxx.exe
    1316 C:\Windows\System32\svchost.exe
    1380 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1512 C:\Windows\System32\spoolsv.exe
    1548 C:\Windows\System32\svchost.exe
    1676 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    1696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1984 C:\Program Files\Bonjour\mDNSResponder.exe
    1160 C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    1864 C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
    1916 C:\Windows\System32\svchost.exe
    208 C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
    2072 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    2108 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    2192 C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
    2260 C:\Windows\System32\svchost.exe
    2336 C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
    2364 C:\Windows\System32\svchost.exe
    2788 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    3048 WUDFHost.exe
    2672 C:\Windows\System32\taskhost.exe
    2968 C:\Windows\System32\dwm.exe
    744 C:\Windows\explorer.exe
    3124 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    3136 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    3200 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    3260 C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
    3348 C:\Windows\PLFSetI.exe
    3380 C:\Windows\System32\wbem\unsecapp.exe
    3416 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    3432 WmiPrvSE.exe
    3524 C:\Users\Craig\AppData\Local\Autobahn\nexdef.exe
    3620 C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
    3688 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    3704 C:\Windows\System32\SearchIndexer.exe
    3788 C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
    3840 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3948 C:\Program Files (x86)\Launch Manager\LManager.exe
    3980 C:\Program Files (x86)\Video Web Camera\traybar.exe
    4048 C:\Program Files (x86)\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
    4056 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    1904 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    2124 C:\Program Files (x86)\iTunes\iTunesHelper.exe
    1336 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    2668 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    3640 C:\Program Files\iPod\bin\iPodService.exe
    3940 C:\Program Files (x86)\Launch Manager\LMworker.exe
    3616 C:\Windows\System32\svchost.exe
    4680 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    4852 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    4320 C:\Windows\System32\audiodg.exe
    3460 C:\Windows\System32\SearchProtocolHost.exe
    3676 C:\Windows\System32\SearchFilterHost.exe
    4940 C:\Users\Craig\Desktop\MBRCheck.exe
    1224 C:\Windows\System32\conhost.exe
    480 C:\Windows\System32\dllhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`32d00000 (NTFS)
    \\.\F: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

    PhysicalDrive0 Model Number: WDCWD6400BEVT-22A0RT0, Rev: 01.01A01
    PhysicalDrive1 Model Number: ST316002:, Rev:

    Size Device Name MBR Status
    --------------------------------------------
    596 GB \\.\PhysicalDrive0 Unknown MBR code
    SHA1: 936178E9095844BC2C4B7A3AAEA102D86336BD24
    149 GB \\.\PhysicalDrive1 Legit MBR code detected
    SHA1: 317A49A9E93F077F2D004734D2A7B6CA7E7B9495


    Found non-standard or infected MBR.
    Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    Options:
    [1] Dump the MBR of a physical disk to file.
    [2] Restore the MBR of a physical disk with a standard boot code.
    [3] Exit.

    Enter your choice:
  15. Belahzur

    Belahzur Banned

    Joined:
    May 19, 2010
    Posts:
    1,867
    Likes Received:
    54
    Local time:
    08:22
    My System
    Loading...

    Booting into the Windows 7 WinRE Environment using Windows 7 disk

    Please insert your Windows 7 installation media into your CD-Rom/DVD drive and reboot your computer. During the reboot and at boot up you should see Press Any key to Boot from CD/DVD.... If you see that please press any key to continue and continue and follow the next set of instructions on "Using the 7 CD Disk to Access the 7 WinRE Environment". If not, please follow the next set of instructions on "How to Configure the System to Boot from CD/DVD" and then follow the steps to "Using the 7 CD Disk to Access the 7 WinRE Environment ".

    How to Configure the system to boot from CD/DVD

    Some machines will automatically attempt boot from the CD if a CD is inserted, if that is the case, please skip the instructions below...

    • Please reboot your machine or turn it on (Without the CD)
    • As soon as the BIOS is loaded begin tapping tapping the F2 or F12 or perhaps F9, F10 or F11 (try all of them if unsure, starting with F2)
    • Different Machines have different keys.
    • This will bring up the configuration options, please use your arrow keys to go to the Boot Tab.
    • In the Boot tab, there should be instructions on your right-hand side on how to move your CD/DVD as the top or First Priority

    • After you have moved CD/DVD at the top/first priority, please make sure you SAVE AND EXIT <- Important
    • It will now exit with Configuration settings saved.

    Using the 7 CD Disk to Access the 7 WinRE Environment

    • Insert the Windows 7 disk in your computer.
    • Restart your computer so you are booting off of the CD.
    • During the reboot and boot up you will get a message saying: "Press any key to boot from CD", press Enter on your keyboard.
    • Select your language options, Time and Keyboard and press Next
    • At the next prompt press [​IMG]
    • Select your Operating System (Windows 7; the main one) from the list, and then press Next
    • Now press the Command Prompt option.
    • Enter the following code line by line one at a time and pressing enter on your keyboard on each line.
    • Wait for each command to be completed before continuing with the next one.
    • Press the Restart button [​IMG] and remove your Windows 7 disk from the DVD drive. Windows should now begin to load.

    Booting into the Windows 7 WinRE Environment using Windows 7 disk

    Please insert your Windows 7 installation media into your CD-Rom/DVD drive and reboot your computer. During the reboot and at boot up you should see Press Any key to Boot from CD/DVD.... If you see that please press any key to continue and continue and follow the next set of instructions on "Using the 7 CD Disk to Access the 7 WinRE Environment". If not, please follow the next set of instructions on "How to Configure the System to Boot from CD/DVD" and then follow the steps to "Using the 7 CD Disk to Access the 7 WinRE Environment ".

    How to Configure the system to boot from CD/DVD

    Some machines will automatically attempt boot from the CD if a CD is inserted, if that is the case, please skip the instructions below...

    • Please reboot your machine or turn it on (Without the CD)
    • As soon as the BIOS is loaded begin tapping tapping the F2 or F12 or perhaps F9, F10 or F11 (try all of them if unsure, starting with F2)
    • Different Machines have different keys.
    • This will bring up the configuration options, please use your arrow keys to go to the Boot Tab.
    • In the Boot tab, there should be instructions on your right-hand side on how to move your CD/DVD as the top or First Priority

    • After you have moved CD/DVD at the top/first priority, please make sure you SAVE AND EXIT <- Important
    • It will now exit with Configuration settings saved.
Similar Threads
Forum Title Date
System Security Google redirect virus removal help Oct 16, 2013
System Security Youtube redirects me to google.dodo page Oct 1, 2013
System Security Google redirects again Apr 2, 2013
System Security Redirect Google Custom Search Dec 28, 2012