TechSpot Store is now open! Get deals on gadgets, software & more

Safe mode BSD and activation loop after virus removal/repair install

By Adam Snowball
Oct 17, 2012
  1. Adam Snowball

    Adam Snowball TS Rookie Topic Starter Posts: 19

    Will do. I will let you know how it goes...

  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Okay. Look forward to it. *nerd*
  3. Adam Snowball

    Adam Snowball TS Rookie Topic Starter Posts: 19

    That's done the trick! Booted into safe mode CMD, installed IE 8, booted normally and activated Windows. Running MS Security Essentials and MBAM just in case. Got anything you want me to run to check if something is hiding?

  4. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Let's try this real quick, then we can finish up and I can give some recommendations on preventing malware. :)

    avast! aswMBR

    Please download aswMBR from here
    • Save aswMBR.exe to your Desktop
    • Double click aswMBR.exe to run it
    • Uncheck "Trace disk IO calls".
    • Click the Scan button to start the scan as illustrated below
    Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives.
    • Once the scan finishes click Save log to save the log to your Desktop
    • Copy and paste the contents of aswMBR.txt back here for review
    • Please also find MBR.dat on your Desktop, and rename it to MBRscan.txt. Upload that as well. Do not copy and paste MBR.dat/txt, it needs to be uploaded.
  5. Adam Snowball

    Adam Snowball TS Rookie Topic Starter Posts: 19

    aswMBR version Copyright(c) 2011 AVAST Software
    Run date: 2012-11-01 16:14:32
    16:14:32.578 OS Version: Windows 5.1.2600 Service Pack 3
    16:14:32.578 Number of processors: 2 586 0x1C02
    16:14:32.578 ComputerName: PC154092186412 UserName: John
    16:14:33.265 Initialize success
    16:14:43.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    16:14:43.640 Disk 0 Vendor: ST9160314AS 0005HPM1 Size: 152627MB BusType: 3
    16:14:43.703 Disk 0 MBR read successfully
    16:14:43.718 Disk 0 MBR scan
    16:14:43.718 Disk 0 Windows VISTA default MBR code
    16:14:43.734 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152616 MB offset 2048
    16:14:43.750 Disk 0 scanning sectors +312560640
    16:14:43.859 Disk 0 scanning C:\WINDOWS\system32\drivers
    16:15:02.843 Service scanning
    16:15:10.062 Service MpKsl85fd2b51 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D11A2E0C-8B91-4839-97D7-4449EB5B0980}\MpKsl85fd2b51.sys **LOCKED** 32
    16:15:18.031 Modules scanning
    16:15:24.906 Scan finished successfully
    16:16:16.046 Disk 0 MBR has been saved successfully to "D:\MBR.dat"
    16:16:16.546 The log file has been saved successfully to "D:\aswMBR.txt"

    Attached Files:

  6. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Clean :D

    Personal Tips on Preventing Malware

    See this page for more info about malware and prevention.

    Any other questions before I mark this topic solved?
  7. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Topic marked solved. :)
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.