 [Resolved] Virus Won't Let Me Scan/System Restore!, HJT Log Included, Also, Edited With Description |
Welcome! Register for a free account (or login) > How does it work?
|
|
 Jun 27 2009, 05:41 PM
Post
#1
|
|
 Authentic Member  Group: Authentic Member Posts: 38 Joined: 11-December 08 From: HELL (Connecticut) Member No.: 82,887 Operating System: Windows XP  |
This virus won't let me do any anti-virus scans, not even with MalwareBytes..... nor can I do a System Restore.
I don't even know the name of the virus, I have NO idea. Can anyone help me, plz?! (I REALLY do not want to have to reformat my computer again.) >___< I'd also like to quickly mention that out of curiosity I went to Jotti and scanned explorer.exe as well as c:\windows\system32\svchost.exe just be sure. Both scans said they "found nothing". So I don't know where the virus is or what kind it is, but it's probably a badboy. (As they all are.) EDIT: I should probably give the full story. My Avast! trial ran out... and I haven't had any money to purchase a full anti-virus, which would probably work better than the free online ones. (AVG didn't help me last time, I got a nasty virus despite having it.) So I was going without an anti-virus for a while, giving myself a little time to decide if I wanted to scrounge up the money for one or just keep hopping from free trial to free trial. I figured that as long as I didn't stray to any unusual sites besides my regular ones (e-mail, MySpace, etc.) that I'd be fine for the time being. I KNOW, I KNOW.... dumb move. I'm paying for it now, the computer gods have served up a big ol' helping of karma. So anywho, I'm on MySpace and suddenly I get one of those anti-virus pop ups, the kind that you can't just "X" out of, it looks like it's doing a scan... that kind. I shut Firefox down, then quickly log on again and download TrendMicro for the virus and MalwareBytes because it could be Malware. But MalwareBytes would stop scanning after a few minutes, just shutting down. TrendMicro wouldn't even work at all. And the System Restore screen stays blank. I ran MalwareBytes in Safe Mode, which allowed it to complete the scan... but it came up with nothing. Everything seems alright for now, save for the anti-viruses not working and System Restore not working. I'm wondering if MalwareBytes and TrendMicro are conflicting and negating each other? Although why would System Restore not work? I know that was horribly long-winded, but I figure... the more you know about the situation, the more you can help. HJThis Log posted below: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:39:51 PM, on 6/27/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files\Trend Micro\Internet Security\TmProxy.exe C:\Program Files\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Icatch(VI) SnapDetect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 6881 bytes This post has been edited by StarryNight: Jun 28 2009, 01:21 PM |
 |
 
|
|
Replies
|
Jul 3 2009, 01:03 PM
Post
#2
|
|
|
Authentic Member Group: Authentic Member Posts: 38 Joined: 11-December 08 From: HELL (Connecticut) Member No.: 82,887 Operating System: Windows XP |
Everything else seems alright, I'm having some trouble with MalwareBytes, but I'm going to uninstall it and reinstall it.
(The scans don't stay up for some reason.) Worst case scenario, I can direct any issues to the techs on the MalwareBytes site if reinstalling it doesn't help. Everything else is in tip-top shape though, thanks to you. 
|
|
|
|
Posts in this topic
StarryNight [Resolved] Virus Won't Let Me Scan/System Restore! Jun 27 2009, 05:41 PM
oldman960 Hi StarryNight, welcome to the forum.
To make cle... Jun 29 2009, 11:00 PM StarryNight Posts as requested:
GMER 1.0.15.14972 - http://ww... Jun 30 2009, 02:03 PM oldman960 Hi Starrynight,
MBAM and Trend shouldn't conf... Jul 1 2009, 12:59 AM StarryNight The OTL is not producing any scan logs, and I trie... Jul 1 2009, 11:27 AM oldman960 Hi Starrynight,
We seem to be hitting a wall at e... Jul 1 2009, 11:56 AM StarryNight OTS File attached. Jul 1 2009, 09:43 PM oldman960 Hi StarryNiht,
Log is clean and System Restore is... Jul 2 2009, 12:11 AM StarryNight Help and Support center does not come up, and User... Jul 2 2009, 09:41 AM oldman960 Hi StarryNight,
I haven't seen any malware ye... Jul 2 2009, 12:12 PM StarryNight Oh wow, both succeeded and both programs work agai... Jul 2 2009, 12:51 PM oldman960 Hi Starrynighy,
Good. Lets make sure nothing got ... Jul 2 2009, 01:02 PM StarryNight --------------------------------------------------... Jul 2 2009, 04:05 PM oldman960 Hi Starrynight,
None of the scan tools or Kaspers... Jul 2 2009, 10:46 PM StarryNight Thank you so much for your help!
I'm maki... Jul 3 2009, 11:56 AM oldman960 Hi StarryNight,
You're welcome.
You're n... Jul 3 2009, 12:54 PM oldman960 RE: [Resolved] Virus Won't Let Me Scan/System Restore! Jul 3 2009, 01:07 PM
oldman960 Since this issue appears to be resolved ... this T... Jul 5 2009, 01:23 AM |
Similar Topics
| Topic Title | Replies | Topic Starter | Views | Last Action | |||
|---|---|---|---|---|---|---|---|
 |
4 | kaxfenix | 80 | 26 minutes ago Last post by: RPMcMurphy |
|||
 |
14 | ShawBuck | 146 | Today, 10:50 AM Last post by: CatByte |
|||
|
12 | lazycoach1 | 160 | Today, 10:26 AM Last post by: ken545 |
|||
|
19 | haypor | 300 | Today, 10:24 AM Last post by: ken545 |
|||
|
Time is now: 18th March 2010 - 01:33 PM |
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy
