Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anti-virus won't open, system maintenance won't work, can't run anything as administrator, bad virus.


  • Please log in to reply
4 replies to this topic

#1 brettski

brettski

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 24 January 2009 - 04:12 PM

So it seems i have some sort of virus. When i boot up my computer, nothing loads up. It says that I cannot find any wireless networks. Although somehow I have managed to connect to the internet. My anti-virus won't open, neither will my system maintenance. I can't add or remove programs, and pretty much no programs will open. Anything that I try to do to fix my computer will not open. Any suggestions? I even tried command prompt in administrator to start up my anti-virus, but that won't work either.

(Moderator edit: thread moved to more appropriate forum. jgw)

Edited by jgweed, 25 January 2009 - 08:29 AM.


BC AdBot (Login to Remove)

 


#2 DJBPace07

DJBPace07

  • BC Advisor
  • 4,869 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 PM

Posted 25 January 2009 - 03:56 AM

Are any error messages displayed? How do you know you have a virus? Can you find the executable for the anti-virus by going in through "My Computer" or "Windows Explorer"?

3939.png

 


#3 brettski

brettski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 25 January 2009 - 09:24 PM

hey, yeah i've been getting these errors popping up saying that windows explorer has experience a problem and needs to shut down, and to end process. This occurs quite often, even if i'm not on explorer or mozilla. And no i cannot find the executable file for my one care.

#4 brettski

brettski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 25 January 2009 - 09:26 PM

heres a log file


DDS (Ver_09-01-19.01) - NTFSx86 NETWORK
Run by Owner at 18:22:35.26 on 25/01/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.2037.1552 [GMT -8:00]

AV: Windows Live OneCare *On-access scanning enabled* (Updated)
FW: Windows Live OneCare Firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Owner\Desktop\AntiMalwareRepair.exe
C:\Users\Owner\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ca/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
uURLSearchHooks: Yahoo! ¤u¨ă¦C: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: metaspinner media GmbH: {12fc9a49-cfe0-49aa-be9e-8f4eeafc9443} - c:\progra~1\yetisp~1\IEBUTT~1.DLL
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Alcohol Toolbar Helper: {8126a4a5-bfd3-46fe-bbdf-bfb5cf78e489} - c:\program files\alcohol toolbar\v3.2.0.0\Alcohol_Toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: Ask Toolbar BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Alcohol Toolbar: {ed4bd629-c1b6-4399-8a34-02ccaa921dc9} - c:\program files\alcohol toolbar\v3.2.0.0\Alcohol_Toolbar.dll
TB: Yahoo! ¤u¨ă¦C: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
uRun: [SetupWizard] E:\SetupWizard.exe reboot
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0\bin\jusched.exe"
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [OneCareUI] "c:\program files\microsoft windows onecare live\winssnotify.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iPodVideoConverter_upgrade] "c:\program files\e-zsoft\ipodvideoconverter\iPodVideoConverter.exe" /upgrade
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
dRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://www.driveragent.com/files/driveragent.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\i37hvjf1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\mozilla firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");

============= SERVICES / DRIVERS ===============

S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-2-22 29744]
S4 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\microsoft windows onecare live\OcHealthMon.exe [2008-11-5 25968]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-20 24652]

=============== Created Last 30 ================

2009-01-24 13:16 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-24 13:16 <DIR> --d----- c:\users\owner\.housecall6.6
2009-01-24 12:59 <DIR> --d----- C:\ComboFix
2009-01-24 12:59 318,976 a------- c:\windows\system32\CF30182.exe
2009-01-24 12:57 318,976 a------- c:\windows\system32\CF29686.exe
2009-01-24 12:56 318,976 a------- c:\windows\system32\CF29486.exe
2009-01-24 12:22 172,032 a------- c:\windows\system32\igfxres.dll
2009-01-13 15:15 288,768 a------- c:\windows\system32\drivers\srv.sys

==================== Find3M ====================

2009-01-24 12:55 318,976 a------- c:\windows\system32\CF29290.exe
2008-12-11 16:24 130,958 a------- c:\windows\hpoins12.dat
2008-10-31 19:44 52,736 a------- c:\windows\apppatch\iebrshim.dll
2008-10-31 19:44 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2008-10-31 19:44 541,696 a------- c:\windows\apppatch\AcLayers.dll
2008-10-31 19:44 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2008-10-31 19:44 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2008-10-31 19:44 28,672 a------- c:\windows\system32\Apphlpdm.dll
2008-10-31 17:21 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2008-10-28 22:29 2,927,104 a------- c:\windows\explorer.exe
2008-10-09 22:04 51,200 a------- c:\windows\inf\infpub.dat
2008-10-09 22:04 143,360 a------- c:\windows\inf\infstrng.dat
2008-10-01 15:47 174 a--sh--- c:\program files\desktop.ini
2008-10-01 15:40 86,016 a------- c:\windows\inf\infstor.dat
2008-10-01 15:32 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-06 20:01 32 a------- c:\programdata\ezsid.dat
2008-02-06 20:01 32 a------- c:\progra~2\ezsid.dat
2006-11-02 04:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 04:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 04:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 04:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-09-27 10:53 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-09-27 10:53 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-09-27 10:53 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2007-08-31 10:45 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2007-08-31 10:45 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2007-08-31 10:45 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 18:24:14.91 ===============

#5 newsletteremail

newsletteremail

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 27 April 2009 - 09:51 PM

I also had this problem. I just figured out that it is because the date/time is set wrong. My comuter thought it was 2006 instead of 2009.

hope this helps. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users