BleepingComputer.com: Can't run antivirus scans or window's defender scans

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Can't run antivirus scans or window's defender scans

#1 User is offline   Roger36 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 13
  • Joined: 30-October 09

Posted 30 October 2009 - 01:40 PM

Saw a similar topic earlier but never saw where person did what was suggested. I ran the rootrepeal program/scan as suggested. here is copy of report:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/30 13:15
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB2EC8000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xb60d70c6

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xb60d70bc

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xb60d70cb

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xb60d70d5

#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xb60d70da

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xb60d70a8

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xb60d70ad

#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xb60d70e4

#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xb60d70df

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xb60d70d0

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xb60d70b7

==EOF==

Hope that helps.

#2 User is offline   garmanma 

  • Computer Masochist
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Staff Emeritus
  • Posts: 27,809
  • Joined: 27-January 07
  • Location:Cleveland, Ohio

Posted 01 November 2009 - 08:56 PM

Now that you were successful in creating a Root Repeal log you need to post it in our HJT forum There they will help you with the removal through some custom scripts and programs that we cannot run here in this forum

First, try to run a DDS / HJT log as outlined in our preparation guide:
http://www.bleepingcomputer.com/forums/topic34773.html

If it won't run, don't worry, just give a brief description and tell them that this log was all you could get to run successfully

Post here:
http://www.bleepingcomputer.com/forums/forum22.html

The HJT team is extremely busy, so be patient and good luck
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 User is offline   Orange Blossom 

  • OBleepin Investigator
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Moderator
  • Posts: 29,405
  • Joined: 14-July 06
  • Gender:Not Telling
  • Location:Bloomington, IN

Posted 02 November 2009 - 11:49 PM

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic268745.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days, up to two weeks perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom
An ounce of prevention is worth a pound of cure
SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users