Solved MBR code (unknown)

[scott82]

I've got a feeling that there might be a sly virus located on the computer. I did a check with MBRCheck which I once used a couple of years back to rid myself of another virus. This time I noticed it show up "unknown" in yellow suggesting that the proper MRB code isn't in place. In addition, I have also very recently within the last week or so noticed that IE doesn't let me connect. I rarely use this and stick with Firefox, but that works fine. After checking the addons, I noticed that Avast was set to disable in regards to running protection, so I'm wondering if this is why something might have gotten through. Usually in FF, any site that has suspect viruses trying to get through, it will flag up automatically.

I have tried TDSkiller but it isn't showing anything either, and as I mentioned already, MBR Check gives me options to reset the MBR to a legit code but returns as unknown when repeating the process.

Below is the readout I get from MBRCheck. I'll run tests through anything else if necessary.

Thanks

 

[scott82]

Sorry this is the readout I didn't add it first time.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: ASUSTeK COMPUTER INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK COMPUTER INC.
System Product Name: K55A
Logical Drives Mask: 0x0000007c

Kernel Drivers (total 171):
0x0380E000 \SystemRoot\system32\ntoskrnl.exe
0x03DF5000 \SystemRoot\system32\hal.dll
0x00BF5000 \SystemRoot\system32\kdcom.dll
0x00C72000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CC1000 \SystemRoot\system32\PSHED.dll
0x00CD5000 \SystemRoot\system32\CLFS.SYS
0x00D33000 \SystemRoot\system32\CI.dll
0x00E39000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EFB000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F0B000 \SystemRoot\system32\drivers\ACPI.sys
0x00F62000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F6B000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F75000 \SystemRoot\system32\drivers\pci.sys
0x00FA8000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FB5000 \SystemRoot\system32\DRIVERS\iusb3hcs.sys
0x00FBE000 \SystemRoot\System32\drivers\partmgr.sys
0x00FD3000 \SystemRoot\system32\drivers\compbatt.sys
0x00FDC000 \SystemRoot\system32\drivers\BATTC.SYS
0x00FE8000 \SystemRoot\system32\drivers\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E00000 \SystemRoot\system32\drivers\pciide.sys
0x00E07000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00E17000 \SystemRoot\System32\drivers\mountmgr.sys
0x0103F000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x013E3000 \SystemRoot\system32\drivers\atapi.sys
0x01000000 \SystemRoot\system32\drivers\ataport.SYS
0x0102A000 \SystemRoot\system32\drivers\msahci.sys
0x013EC000 \SystemRoot\system32\drivers\amdxata.sys
0x00DA8000 \SystemRoot\system32\drivers\fltmgr.sys
0x00C5C000 \SystemRoot\system32\drivers\fileinfo.sys
0x0143C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01646000 \SystemRoot\System32\Drivers\msrpc.sys
0x016A4000 \SystemRoot\System32\Drivers\ksecdd.sys
0x016BF000 \SystemRoot\System32\Drivers\cng.sys
0x01731000 \SystemRoot\System32\drivers\pcw.sys
0x01742000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x018F1000 \SystemRoot\system32\drivers\ndis.sys
0x01800000 \SystemRoot\system32\drivers\NETIO.SYS
0x01860000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01A00000 \SystemRoot\System32\drivers\tcpip.sys
0x0188C000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0174C000 \SystemRoot\system32\drivers\volsnap.sys
0x018D5000 \SystemRoot\System32\Drivers\spldr.sys
0x018DD000 \SystemRoot\SysWOW64\speedfan.sys
0x01798000 \SystemRoot\System32\drivers\rdyboost.sys
0x019E3000 \SystemRoot\System32\Drivers\mup.sys
0x019F5000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01600000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x017D2000 \SystemRoot\system32\drivers\disk.sys
0x01400000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01C56000 \SystemRoot\System32\Drivers\aswVmm.sys
0x01C9A000 \SystemRoot\System32\Drivers\aswRvrt.sys
0x04FB8000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x01CBB000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01CE5000 \SystemRoot\system32\drivers\aswSnx.sys
0x076C3000 \SystemRoot\system32\drivers\aswSP.sys
0x07736000 \SystemRoot\System32\Drivers\Null.SYS
0x0773F000 \SystemRoot\System32\Drivers\Beep.SYS
0x07746000 \SystemRoot\System32\drivers\vga.sys
0x07754000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x07779000 \SystemRoot\System32\drivers\watchdog.sys
0x07789000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x07792000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0779B000 \SystemRoot\system32\drivers\rdprefmp.sys
0x077A4000 \SystemRoot\System32\Drivers\Msfs.SYS
0x077AF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x077C0000 \SystemRoot\system32\DRIVERS\tdx.sys
0x077E2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x07600000 \SystemRoot\System32\DRIVERS\netbt.sys
0x07849000 \SystemRoot\system32\drivers\afd.sys
0x078D2000 \SystemRoot\system32\drivers\aswRdr2.sys
0x078EC000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x078F5000 \SystemRoot\system32\DRIVERS\pacer.sys
0x0791B000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x07931000 \SystemRoot\system32\DRIVERS\netbios.sys
0x07940000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0795B000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0796F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x079C0000 \SystemRoot\system32\drivers\nsiproxy.sys
0x079CC000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x079D7000 \SystemRoot\System32\drivers\discache.sys
0x07800000 \SystemRoot\System32\Drivers\dfsc.sys
0x0781E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0782F000 \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
0x07645000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0F48A000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x1028D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x10382000 \SystemRoot\System32\drivers\dxgmms1.sys
0x103C8000 \SystemRoot\system32\DRIVERS\AiCharger.sys
0x03052000 \SystemRoot\system32\DRIVERS\iusb3xhc.sys
0x03116000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03118000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x03129000 \SystemRoot\system32\drivers\usbehci.sys
0x0313B000 \SystemRoot\system32\drivers\USBPORT.SYS
0x03191000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x07C56000 \SystemRoot\system32\DRIVERS\athrx.sys
0x07F00000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x07F0D000 \SystemRoot\system32\DRIVERS\RtsBaStor.sys
0x07F59000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x07C00000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x07C1E000 \SystemRoot\system32\DRIVERS\ETD.sys
0x07FE6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x031B5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x07FF5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x031C4000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x031DA000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x031E3000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x03000000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x03016000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0303A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x103CB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0F400000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0F41B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0F43C000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x07FFA000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0766B000 \SystemRoot\system32\DRIVERS\ks.sys
0x03046000 \SystemRoot\system32\DRIVERS\AsusVBus.sys
0x0F456000 \SystemRoot\system32\DRIVERS\ScpVBus.sys
0x0F464000 \SystemRoot\system32\DRIVERS\umbus.sys
0x080DB000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x08135000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0814A000 \SystemRoot\system32\DRIVERS\AsusVTouch.sys
0x08154000 \SystemRoot\System32\drivers\mshidkmdf.sys
0x0815C000 \SystemRoot\System32\drivers\HIDCLASS.SYS
0x08175000 \SystemRoot\System32\drivers\HIDPARSE.SYS
0x0817E000 \SystemRoot\system32\DRIVERS\iusb3hub.sys
0x09444000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x098C9000 \SystemRoot\system32\drivers\portcls.sys
0x09906000 \SystemRoot\system32\drivers\drmk.sys
0x09928000 \SystemRoot\system32\drivers\ksthunk.sys
0x0992E000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x0999F000 \SystemRoot\System32\Drivers\fastfat.SYS
0x099D5000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x09400000 \SystemRoot\System32\Drivers\usbvideo.sys
0x0942E000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04C00000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x081DB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x099F2000 \SystemRoot\System32\drivers\Dxapi.sys
0x081EE000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00400000 \SystemRoot\System32\TSDDD.dll
0x00760000 \SystemRoot\System32\cdd.dll
0x00820000 \SystemRoot\System32\ATMFD.DLL
0x08000000 \SystemRoot\system32\drivers\luafv.sys
0x08023000 \SystemRoot\system32\drivers\aswMonFlt.sys
0x08046000 \SystemRoot\system32\drivers\aswStm.sys
0x09984000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x08069000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x080BC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x079E6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0943C000 \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
0x080CF000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x06650000 \SystemRoot\system32\drivers\HTTP.sys
0x06719000 \SystemRoot\system32\DRIVERS\bowser.sys
0x06737000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0674F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0677C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x067CA000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x067EE000 \SystemRoot\system32\drivers\aswHwid.sys
0x0A8F8000 \SystemRoot\system32\drivers\peauth.sys
0x0A9A2000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0A9AD000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0A9DE000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0A800000 \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
0x0A848000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0ACE8000 \SystemRoot\System32\DRIVERS\srv.sys
0x0ADB6000 \SystemRoot\system32\drivers\WudfPf.sys
0x0AC00000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x76D50000 \Windows\System32\ntdll.dll
0x47DE0000 \Windows\System32\smss.exe
0xFF070000 \Windows\System32\apisetschema.dll

Processes (total 112):
0 System Idle Process
4 System
528 C:\Windows\System32\smss.exe
748 csrss.exe
980 csrss.exe
988 C:\Windows\System32\wininit.exe
192 C:\Windows\System32\winlogon.exe
420 C:\Windows\System32\services.exe
432 C:\Windows\System32\lsass.exe
452 C:\Windows\System32\lsm.exe
720 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\svchost.exe
920 C:\Windows\System32\svchost.exe
752 C:\Windows\System32\svchost.exe
408 C:\Windows\System32\svchost.exe
656 C:\Windows\System32\svchost.exe
1232 C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
1244 C:\Windows\System32\wisptis.exe
1312 C:\Windows\System32\svchost.exe
1512 C:\Windows\System32\wisptis.exe
1524 C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
1536 C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
1544 C:\Windows\System32\wlanext.exe
1552 C:\Windows\System32\FBAgent.exe
1668 C:\Windows\System32\conhost.exe
1676 C:\Windows\System32\dwm.exe
1712 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1740 C:\Windows\explorer.exe
1760 C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
1856 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1880 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1904 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1948 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
2012 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
1472 C:\Windows\System32\spoolsv.exe
1448 C:\Windows\System32\taskhost.exe
1984 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\svchost.exe
2148 C:\Windows\System32\hkcmd.exe
2176 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2196 C:\Program Files\Elantech\ETDCtrl.exe
2312 C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
2424 C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe
2824 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2848 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2920 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
2940 C:\Windows\System32\taskeng.exe
3004 C:\Windows\System32\taskeng.exe
1116 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1496 C:\Windows\System32\taskeng.exe
2212 C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
2784 C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
2792 C:\Program Files\ASUS\P4G\BatteryLife.exe
2800 C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
2808 C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
2756 C:\Windows\AsScrPro.exe
908 C:\Windows\SysWOW64\ACEngSvr.exe
2640 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
3164 C:\Program Files\Scarlet.crush Productions\ScpService.exe
3204 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
4060 C:\Windows\SysWOW64\svchost.exe
3188 C:\Program Files\Intel\iCLS Client\HeciServer.exe
4028 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
3708 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
3184 C:\Windows\System32\svchost.exe
1364 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
4264 C:\Windows\System32\svchost.exe
4292 C:\Windows\System32\svchost.exe
4356 C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
4480 C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
4492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4656 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4852 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
4872 C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
2044 WmiPrvSE.exe
4908 WmiPrvSE.exe
3972 C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
2772 C:\Windows\System32\SearchIndexer.exe
5464 C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
5852 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
5996 C:\Windows\System32\svchost.exe
6064 C:\Program Files\Windows Media Player\wmpnetwk.exe
6020 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
5348 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
3648 C:\Program Files\Elantech\ETDCtrlHelper.exe
5992 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
5648 WUDFHost.exe
676 C:\Program Files\AVAST Software\Avast\AvastUI.exe
5252 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
5240 C:\Program Files\Elantech\ETDGesture.exe
5640 C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
5624 ngservice.exe
6148 C:\Windows\System32\wbem\unsecapp.exe
6228 C:\Program Files\CCleaner\CCleaner64.exe
6304 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
6488 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
6216 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
6484 C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
1152 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
4132 C:\Windows\System32\svchost.exe
3692 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
4576 C:\Windows\System32\wuauclt.exe
6344 C:\Windows\System32\audiodg.exe
6748 taskhost.exe
5108 C:\Windows\SysWOW64\dllhost.exe
4700 C:\Windows\System32\SearchProtocolHost.exe
6964 C:\Windows\System32\SearchFilterHost.exe
5724 C:\Windows\System32\SearchProtocolHost.exe
2276 dllhost.exe
6900 dllhost.exe
6928 C:\Users\asus\Desktop\MBRCheck.exe
1480 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`14900000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000028`53800000 (NTFS)

PhysicalDrive0 Model Number: ST9500325AS, Rev: 0003SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 639AC5CDF8A5CF3245975932C6A4215450A7B98F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 0
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!

 

[TwinHeadedEagle]

Hello,



They call me TwinHeadedEagle around here, and I'll be working with you.



Before we start please read and note the following:

• At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
• Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
• If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
• I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
  
• Please attach all report using
  
  button below. Doing this, you make it easier for me to analyze and fix your problem.
  
• Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay for the repair.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[scott82]

Thanks for the response. Took a couple of days due to a busy Easter weekend but I've got back and managed to get the scan complete.

For some odd reason, I cannot seem to attach any files using the upload button on this site as I continually get errors whenever I try. I have tested out WeTransfer to ensure it wasn't my connection and that seems to work fine. I have pasted two individual links to the txt files below. Let me know if there is a problem using this sort of method for whatever reason (protocol etc). Maybe it's a cache issue or something I don't know. Await your response anyway Twin, thanks.

FRST.txt
https://www.wetransfer.com/download...5ee6e674a537007355e0507d20150407151434/0c9a23

Addition.txt
https://www.wetransfer.com/download...8048e7924c2b362d64cd77eb20150407151509/102783

Scott

 

[TwinHeadedEagle]

Your PC seems clean, I do not see signs of malware here.

 

[scott82]

Right ok at least nothing is showing up then. Have you any idea why Internet Exporer suddenly decided to stop working?

"page cannot be displayed" is all that shows up. I mean I could try reinstalling it maybe. I was a bit curious as to the MBR unknown code and thought that may have had something to do with it.

Thanks anyway.

 

[TwinHeadedEagle]

We see Unknown MBR very often and it is not a sign of something bad running on your PC.

Did you set proxy on this PC?

 

[scott82]

I personally haven't but my knowledge on proxy isn't too great. This is my personal laptop I bring to a studio I use which is based in a building with a network for internet access. I originally thought it was something to do with that, but it also wouldn't show up when I tried it through my 3G which I tend to use at home from my mobile/cell phone, acting as a hotspot.

 

[TwinHeadedEagle]

Maybe it is the reason why Internet Explorer acted badly.

Let's get rid of it.

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

 

[scott82]

Upload seemed to work this time since the reset. Here is the fix file anyay.

Scott

 

[scott82]

Nice one by the way. After the restart, I noticed IE seems to be working fine now. What was the problem with it?

 

[TwinHeadedEagle]

Probably Proxy settings as I've said.

Anything else I can help with?

 

[scott82]

I think I should be ok. If the MRB code isn't an issue then it looks all good and the actual problem (IE) has now been fixed. Thanks again. You can mark the thread as solved if you like.

Scott