 [Resolved] Virus Won't Let Me Scan/System Restore!, HJT Log Included, Also, Edited With Description |
Welcome! Register for a free account (or login) > How does it work?
|
|
 Jun 27 2009, 05:41 PM
Post
#1
|
|
 Authentic Member  Group: Authentic Member Posts: 38 Joined: 11-December 08 From: HELL (Connecticut) Member No.: 82,887 Operating System: Windows XP  |
This virus won't let me do any anti-virus scans, not even with MalwareBytes..... nor can I do a System Restore.
I don't even know the name of the virus, I have NO idea. Can anyone help me, plz?! (I REALLY do not want to have to reformat my computer again.) >___< I'd also like to quickly mention that out of curiosity I went to Jotti and scanned explorer.exe as well as c:\windows\system32\svchost.exe just be sure. Both scans said they "found nothing". So I don't know where the virus is or what kind it is, but it's probably a badboy. (As they all are.) EDIT: I should probably give the full story. My Avast! trial ran out... and I haven't had any money to purchase a full anti-virus, which would probably work better than the free online ones. (AVG didn't help me last time, I got a nasty virus despite having it.) So I was going without an anti-virus for a while, giving myself a little time to decide if I wanted to scrounge up the money for one or just keep hopping from free trial to free trial. I figured that as long as I didn't stray to any unusual sites besides my regular ones (e-mail, MySpace, etc.) that I'd be fine for the time being. I KNOW, I KNOW.... dumb move. I'm paying for it now, the computer gods have served up a big ol' helping of karma. So anywho, I'm on MySpace and suddenly I get one of those anti-virus pop ups, the kind that you can't just "X" out of, it looks like it's doing a scan... that kind. I shut Firefox down, then quickly log on again and download TrendMicro for the virus and MalwareBytes because it could be Malware. But MalwareBytes would stop scanning after a few minutes, just shutting down. TrendMicro wouldn't even work at all. And the System Restore screen stays blank. I ran MalwareBytes in Safe Mode, which allowed it to complete the scan... but it came up with nothing. Everything seems alright for now, save for the anti-viruses not working and System Restore not working. I'm wondering if MalwareBytes and TrendMicro are conflicting and negating each other? Although why would System Restore not work? I know that was horribly long-winded, but I figure... the more you know about the situation, the more you can help. HJThis Log posted below: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:39:51 PM, on 6/27/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files\Trend Micro\Internet Security\TmProxy.exe C:\Program Files\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Icatch(VI) SnapDetect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 6881 bytes This post has been edited by StarryNight: Jun 28 2009, 01:21 PM |
 |
 
|
|
Replies
|
Jul 2 2009, 01:02 PM
Post
#2
|
|
 SuperHelper  Group: Classroom Teacher Posts: 5,755 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro |
Hi Starrynighy,
Good. Lets make sure nothing got in. *Note It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time. Please don't go surfing while your resident protection is disabled! Once the scan is finished remember to re-enable your antivirus along with your antispyware programs. Please go to Kaspersky website and perform an online antivirus scan.
Thanks |
|
|
|
Posts in this topic
StarryNight [Resolved] Virus Won't Let Me Scan/System Restore! Jun 27 2009, 05:41 PM
oldman960 Hi StarryNight, welcome to the forum.
To make cle... Jun 29 2009, 11:00 PM StarryNight Posts as requested:
GMER 1.0.15.14972 - http://ww... Jun 30 2009, 02:03 PM oldman960 Hi Starrynight,
MBAM and Trend shouldn't conf... Jul 1 2009, 12:59 AM StarryNight The OTL is not producing any scan logs, and I trie... Jul 1 2009, 11:27 AM oldman960 Hi Starrynight,
We seem to be hitting a wall at e... Jul 1 2009, 11:56 AM StarryNight OTS File attached. Jul 1 2009, 09:43 PM oldman960 Hi StarryNiht,
Log is clean and System Restore is... Jul 2 2009, 12:11 AM StarryNight Help and Support center does not come up, and User... Jul 2 2009, 09:41 AM oldman960 Hi StarryNight,
I haven't seen any malware ye... Jul 2 2009, 12:12 PM StarryNight Oh wow, both succeeded and both programs work agai... Jul 2 2009, 12:51 PM StarryNight --------------------------------------------------... Jul 2 2009, 04:05 PM oldman960 Hi Starrynight,
None of the scan tools or Kaspers... Jul 2 2009, 10:46 PM StarryNight Thank you so much for your help!
I'm maki... Jul 3 2009, 11:56 AM oldman960 Hi StarryNight,
You're welcome.
You're n... Jul 3 2009, 12:54 PM StarryNight Everything else seems alright, I'm having some... Jul 3 2009, 01:03 PM oldman960 RE: [Resolved] Virus Won't Let Me Scan/System Restore! Jul 3 2009, 01:07 PM
oldman960 Since this issue appears to be resolved ... this T... Jul 5 2009, 01:23 AM |
Similar Topics
| Topic Title | Replies | Topic Starter | Views | Last Action | |||
|---|---|---|---|---|---|---|---|
 |
11 | ladyixnay | 596 | 22 minutes ago Last post by: oldman960 |
|||
|
8 | kaxfenix | 148 | 48 minutes ago Last post by: RPMcMurphy |
|||
|
0 | ladykrimson | 0 | Today, 11:40 AM Last post by: ladykrimson |
|||
|
3 | clgray75 | 64 | Today, 10:19 AM Last post by: extremeboy |
|||
|
Time is now: 20th March 2010 - 02:10 PM |
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy
