Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Drivers Disbled and possible infection

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Drivers Disbled and possible infection

Unread postby GeniusMagic » August 12th, 2014, 7:35 pm

Hi - I have windows vista installed on my dell laptop.
I recently tried installing WinRar software from a website( not sure if it was a bad site ) and while it was completing installation, my computer crashed and I got blue screen. After that it stopped coming up at all. There was no display.
Anyways, I somehow managed to re install windows and my computer is back up but I still fear that I have got some infection. I hear weird noises from the computer at times and some of the drivers in the device manager have yellow marks.

How can I ensure if my computer is healthy or there has been some damage done by the apparently rogue software that I tried to install.

Logs are below as requested:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18000
Run by genius at 19:49:30 on 2014-08-10
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3535.1318 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [Google Update] "c:\users\genius\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{47A16ACA-ED71-4F62-8268-F2AD2244A5C4} : DHCPNameServer = 192.168.1.1
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\36.0.1985.125\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-9 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-9 860472]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-9 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-9 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-8-9 51928]
R3 NETwNv32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwNv32.sys [2010-7-14 6680064]
.
=============== Created Last 30 ================
.
2014-08-10 14:24:22 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2014-08-10 14:12:24 97800 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-10 14:12:23 622080 ----a-w- c:\windows\system32\icardagt.exe
2014-08-10 14:12:23 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-08-10 14:12:23 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2014-08-10 14:12:23 11264 ----a-w- c:\windows\system32\icardres.dll
2014-08-10 14:12:23 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-10 14:12:22 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2014-08-10 14:12:21 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2014-08-10 14:04:21 96760 ----a-w- c:\windows\system32\dfshim.dll
2014-08-10 14:04:20 282112 ----a-w- c:\windows\system32\mscoree.dll
2014-08-10 14:04:19 41984 ----a-w- c:\windows\system32\netfxperf.dll
2014-08-10 14:04:07 158720 ----a-w- c:\windows\system32\mscorier.dll
2014-08-10 14:04:03 83968 ----a-w- c:\windows\system32\mscories.dll
2014-08-10 01:04:22 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-10 01:04:21 -------- d-----w- c:\programdata\RogueKiller
2014-08-09 23:33:41 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-09 23:33:22 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-09 23:33:22 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-09 23:33:22 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-09 23:33:22 -------- d-----w- c:\programdata\Malwarebytes
2014-08-09 23:33:22 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-09 19:01:08 -------- d-----w- c:\windows\Panther
2014-08-09 19:00:33 -------- d-----w- c:\windows\system32\OEM
2014-08-09 18:48:04 -------- d-----w- C:\Windows.old
2014-08-09 16:16:44 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2014-08-09 16:16:41 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2014-08-09 16:16:35 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2014-08-09 16:15:13 615992 ----a-w- c:\windows\system32\ci.dll
2014-08-09 16:15:13 19000 ----a-w- c:\windows\system32\kd1394.dll
2014-08-09 16:15:12 988216 ----a-w- c:\windows\system32\winload.exe
2014-08-09 16:15:12 927288 ----a-w- c:\windows\system32\winresume.exe
2014-08-09 16:15:11 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-08-09 16:15:11 40960 ----a-w- c:\windows\system32\srclient.dll
2014-08-09 16:15:11 378368 ----a-w- c:\windows\system32\srcore.dll
2014-08-09 16:15:11 318464 ----a-w- c:\windows\system32\rstrui.exe
2014-08-09 16:15:11 14848 ----a-w- c:\windows\system32\srdelayed.exe
2014-08-09 16:15:10 6656 ----a-w- c:\windows\system32\kbd106n.dll
2014-08-09 16:13:55 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-08-09 16:12:46 269312 ----a-w- c:\windows\system32\es.dll
2014-08-09 16:11:57 62464 ----a-w- c:\windows\system32\l3codeca.acm
2014-08-09 16:10:37 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2014-08-09 16:09:53 351232 ----a-w- c:\windows\system32\WSDApi.dll
2014-08-09 16:09:41 531968 ----a-w- c:\windows\system32\comctl32.dll
2014-08-09 16:09:11 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2014-08-09 16:08:55 8217224 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6b5f4b1f-12b5-4aa1-82e5-494f7c6b4ebe}\mpengine.dll
2014-08-09 16:08:53 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-08-09 16:07:30 91136 ----a-w- c:\windows\system32\avifil32.dll
2014-08-09 16:07:30 82944 ----a-w- c:\windows\system32\mciavi32.dll
2014-08-09 16:07:30 65024 ----a-w- c:\windows\system32\avicap32.dll
2014-08-09 16:07:30 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2014-08-09 16:07:30 31744 ----a-w- c:\windows\system32\msvidc32.dll
2014-08-09 16:07:30 22528 ----a-w- c:\windows\system32\msyuv.dll
2014-08-09 16:07:30 13312 ----a-w- c:\windows\system32\msrle32.dll
2014-08-09 16:07:30 123904 ----a-w- c:\windows\system32\msvfw32.dll
2014-08-09 16:07:30 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2014-08-09 16:07:28 171520 ----a-w- c:\windows\system32\wintrust.dll
2014-08-09 16:07:02 98304 ----a-w- c:\windows\system32\cabview.dll
2014-08-09 16:06:43 1334272 ----a-w- c:\windows\system32\msxml6.dll
2014-08-09 15:45:58 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2014-08-09 15:45:49 276992 ----a-w- c:\windows\system32\schannel.dll
2014-08-09 15:43:09 -------- d-----w- c:\users\genius\appdata\local\Google
2014-08-09 15:42:55 -------- d-----w- c:\users\genius\appdata\local\Deployment
2014-08-09 15:42:55 -------- d-----w- c:\users\genius\appdata\local\Apps
2014-08-09 15:38:45 -------- d-----w- c:\users\genius\appdata\roaming\Intel
2014-08-09 15:37:28 -------- d-----w- c:\program files\Cisco
2014-08-09 15:37:26 -------- d-----w- c:\program files\common files\Intel
2014-08-09 15:36:41 -------- d-sh--w- c:\windows\Installer
2014-08-09 15:35:04 -------- d-----w- C:\Drivers
2014-08-09 15:27:26 -------- d-----w- C:\Vista Driver for Atheros Network
2014-08-09 15:22:18 -------- d-----w- c:\users\genius\appdata\local\VirtualStore
2014-08-06 00:05:24 -------- d-----w- C:\SYSTEM.SAV
2014-08-05 00:55:02 -------- d-----w- C:\Dell
2014-07-26 14:11:25 -------- d-----w- C:\Movies
.
==================== Find3M ====================
.
.
============= FINISH: 19:50:02.95 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 8/9/2014 2:17:30 PM
System Uptime: 8/10/2014 6:30:07 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0D201R
Processor: Intel(R) Core(TM)2 Duo CPU P9400 @ 2.40GHz | Microprocessor | 2400/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 14.673 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}
Description: Standard VGA Graphics Adapter
Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&10
Manufacturer: (Standard display types)
Name: Standard VGA Graphics Adapter
PNP Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&10
Service: vga
.
Class GUID:
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&11
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&11
Service:
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_10F5&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&C8
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_10F5&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&C8
Service:
.
Class GUID:
Description: Broadcom USH
Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000
Manufacturer:
Name: Broadcom USH
PNP Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_024D1028&REV_12\4&51D9BE7&0&0AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_024D1028&REV_12\4&51D9BE7&0&0AF0
Service:
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&FB
Service:
.
==== System Restore Points ===================
.
RP7: 8/9/2014 11:36:59 AM - Installed Intel(R) PROSet/Wireless WiFi Software.
RP8: 8/9/2014 12:08:06 PM - Windows Update
RP9: 8/10/2014 10:01:09 AM - Windows Update
.
==== Installed Programs ======================
.
Google Chrome
Google Talk Plugin
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi Software
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 3.5 SP1
.
==== Event Viewer Messages From Past Week ========
.
8/9/2014 6:42:28 PM, Error: EventLog [6008] - The previous system shutdown at 1:33:41 PM on 8/9/2014 was unexpected.
8/9/2014 2:01:47 PM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
8/10/2014 9:57:35 AM, Error: EventLog [6008] - The previous system shutdown at 2:14:01 AM on 8/10/2014 was unexpected.
.
==== End Of File ===========================
GeniusMagic
Regular Member
 
Posts: 77
Joined: June 20th, 2005, 11:28 pm
Advertisement
Register to Remove

Re: Drivers Disbled and possible infection

Unread postby Cypher » August 13th, 2014, 7:55 am

Operating Systems no longer supported by Microsoft
It appears you are using a computer with an unsupported Operating System.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware