Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Internet security not allowing me to open programs virus please help

  • Please log in to reply
No replies to this topic

#1 mlangrick


  • Members
  • 2 posts
  • Local time:12:31 PM

Posted 17 April 2010 - 05:53 PM

I have read many other topics today and I appear to have the same virus as many other members, whenever I log on I am not allowed to open any programs other than viewing files. Also internet security which I was previously unaware of keeps popping up and trying to get me to purchase to remove a number of infected files.
I found the following list below which would hopefully help me out and have also posted the MBAM log. My system still appears to be infected but I don't know what to do any more please help!!!

I followed the following which was posted on a different topic;

Next run ATF:
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Please download ATF Cleaner by Atribune & save it to your desktop.
•Double-click ATF-Cleaner.exe to run the program.
•Under Main "Select Files to Delete" choose: Select All.
•Click the Empty Selected button.
•If you use Firefox browser click Firefox at the top and choose: Select All
•Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
•If you use Opera browser click Opera at the top and choose: Select All
•Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
•Click Exit on the Main menu to close the program.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware (v1.45) and save it to your desktop.
alternate download link 1
alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.•Make sure you are connected to the Internet.
•Double-click on mbam-setup.exe to install the application.
•When the installation begins, follow the prompts and do not make any changes to default settings.
•When installation has finished, make sure you leave both of these checked:
◦Update Malwarebytes' Anti-Malware
◦Launch Malwarebytes' Anti-Malware
•Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
•If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
•If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:
•Make sure the "Perform Quick Scan" option is selected.
•Then click on the Scan button.
•If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
•The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
•When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
•Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
•Click on the Show Results button to see a list of any malware that was found.
•Make sure that everything is checked, and click Remove Selected.
•When removal is completed, a log report will open in Notepad.
•The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
•Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
•Exit MBAM when done.

The log report read;

# An unexpected error has been detected by Java Runtime Environment:
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x25252525, pid=7036, tid=4544
# Java VM: Java HotSpot™ Client VM (11.0-b16 mixed mode windows-x86)
# Problematic frame:
# C 0x25252525
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.

--------------- T H R E A D ---------------

Current thread (0x0cb6c800): JavaThread "thread applet-Main.class-1" [_thread_in_native, id=4544, stack(0x0d460000,0x0d4b0000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x25252525

EAX=0x00000000, EBX=0x08e0d048, ECX=0x0cc01d70, EDX=0x00000000
ESP=0x0d4af8fc, EBP=0x41444444, ESI=0x08e0d048, EDI=0x0cb6c800
EIP=0x25252525, EFLAGS=0x00210246

Top of Stack: (sp=0x0d4af8fc)
0x0d4af8fc: 0cb55100 0d4af900 08e0d048 0d4af934
0x0d4af90c: 08e0d710 00000000 08e0d048 00000000
0x0d4af91c: 0d4af930 0d4af95c 025c2e83 00000000
0x0d4af92c: 025c8189 048c0200 048cc4f0 048cc4f0
0x0d4af93c: 0d4af93c 08e0cfa7 0d4af96c 08e0d710
0x0d4af94c: 00000000 08e0cfc8 0d4af930 0d4af968
0x0d4af95c: 0d4af990 025c2da1 048cf1e8 048c0200
0x0d4af96c: 048cc4f0 0d4af970 08e0c551 0d4af9a8

Instructions: (pc=0x25252525)
[error occurred during error reporting (printing registers, top of stack, instructions near pc), id 0xc0000005]

Stack: [0x0d460000,0x0d4b0000], sp=0x0d4af8fc, free space=318k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C 0x25252525

[error occurred during error reporting (printing native stack), id 0xc0000005]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j com.sun.media.sound.HeadspaceSoundbank.nOpenResource(Ljava/lang/String;)J+0
j com.sun.media.sound.HeadspaceSoundbank.initialize(Ljava/lang/String;)V+7
j com.sun.media.sound.HeadspaceSoundbank.<init>(Ljava/net/URL;)V+89
j com.sun.media.sound.HsbParser.getSoundbank(Ljava/net/URL;)Ljavax/sound/midi/Soundbank;+5
j javax.sound.midi.MidiSystem.getSoundbank(Ljava/net/URL;)Ljavax/sound/midi/Soundbank;+36
J Main.init()V
j sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run()V+837
j java.lang.Thread.run()V+11
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x0cb6cc00 JavaThread "Java Sound Event Dispatcher" daemon [_thread_blocked, id=8008, stack(0x0d4b0000,0x0d500000)]
0x0cb6d800 JavaThread "Thread-10" [_thread_blocked, id=5884, stack(0x0d620000,0x0d670000)]
0x0cb6d400 JavaThread "Keep-Alive-Timer" daemon [_thread_blocked, id=6028, stack(0x0d550000,0x0d5a0000)]
=>0x0cb6c800 JavaThread "thread applet-Main.class-1" [_thread_in_native, id=4544, stack(0x0d460000,0x0d4b0000)]
0x0cb6c000 JavaThread "AWT-EventQueue-2" [_thread_blocked, id=3240, stack(0x0d3c0000,0x0d410000)]
0x0cb6bc00 JavaThread "Applet 1 LiveConnect Worker Thread" [_thread_blocked, id=5092, stack(0x0ce70000,0x0cec0000)]
0x0cb6b000 JavaThread "Browser Side Object Cleanup Thread" [_thread_blocked, id=7880, stack(0x0d280000,0x0d2d0000)]
0x0cb6ac00 JavaThread "Windows Tray Icon Thread" [_thread_in_native, id=6892, stack(0x0d370000,0x0d3c0000)]
0x0cb6a400 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=7840, stack(0x0d320000,0x0d370000)]
0x0cb59400 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=1044, stack(0x0d2d0000,0x0d320000)]
0x0cb58400 JavaThread "Java Plug-In Heartbeat Thread" [_thread_blocked, id=7632, stack(0x0d230000,0x0d280000)]
0x0cb4fc00 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=5316, stack(0x0d1e0000,0x0d230000)]
0x0cb4d800 JavaThread "AWT-Windows" daemon [_thread_in_native, id=7812, stack(0x0d090000,0x0d0e0000)]
0x0cb4b000 JavaThread "AWT-Shutdown" [_thread_blocked, id=6512, stack(0x0cfc0000,0x0d010000)]
0x01c6fc00 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=7820, stack(0x0cf10000,0x0cf60000)]
0x0cb29800 JavaThread "Java Plug-In Pipe Worker Thread (Client-Side)" [_thread_in_native, id=3756, stack(0x0cec0000,0x0cf10000)]
0x01c69800 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=7780, stack(0x0ce20000,0x0ce70000)]
0x01c69400 JavaThread "Timer-0" [_thread_blocked, id=7752, stack(0x0cdb0000,0x0ce00000)]
0x01c24000 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=6456, stack(0x0ca10000,0x0ca60000)]
0x01c1dc00 JavaThread "CompilerThread0" daemon [_thread_blocked, id=4712, stack(0x0c9c0000,0x0ca10000)]
0x01c1d800 JavaThread "Attach Listener" daemon [_thread_blocked, id=2068, stack(0x02540000,0x02590000)]
0x01c12c00 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=7680, stack(0x024f0000,0x02540000)]
0x01c00800 JavaThread "Finalizer" daemon [_thread_blocked, id=548, stack(0x02450000,0x024a0000)]
0x01bfc000 JavaThread "Reference Handler" daemon [_thread_blocked, id=7204, stack(0x02400000,0x02450000)]
0x025b9800 JavaThread "main" [_thread_blocked, id=7672, stack(0x00140000,0x00190000)]

Other Threads:
0x01bf7400 VMThread [stack: 0x01c70000,0x01cc0000] [id=7664]
0x01c25400 WatcherThread [stack: 0x0ca60000,0x0cab0000] [id=7716]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

def new generation total 4544K, used 3141K [0x045c0000, 0x04aa0000, 0x04aa0000)
eden space 4096K, 76% used [0x045c0000, 0x048d17d8, 0x049c0000)
from space 448K, 0% used [0x04a30000, 0x04a30000, 0x04aa0000)
to space 448K, 0% used [0x049c0000, 0x049c0000, 0x04a30000)
tenured generation total 60544K, used 59952K [0x04aa0000, 0x085c0000, 0x085c0000)
the space 60544K, 99% used [0x04aa0000, 0x0852c038, 0x0852c200, 0x085c0000)
compacting perm gen total 12288K, used 8594K [0x085c0000, 0x091c0000, 0x0c5c0000)
the space 12288K, 69% used [0x085c0000, 0x08e24850, 0x08e24a00, 0x091c0000)
No shared spaces configured.

Dynamic libraries:
0x00400000 - 0x00424000 C:\Program Files\Java\jre6\bin\java.exe
0x778d0000 - 0x779f7000 C:\Windows\system32\ntdll.dll
0x77690000 - 0x7776c000 C:\Windows\system32\kernel32.dll
0x775c0000 - 0x77686000 C:\Windows\system32\ADVAPI32.dll
0x760a0000 - 0x76163000 C:\Windows\system32\RPCRT4.dll
0x70300000 - 0x7031e000 C:\Windows\system32\ShimEng.dll
0x75db0000 - 0x75ddc000 C:\Windows\system32\apphelp.dll
0x6d720000 - 0x6d7a8000 C:\Windows\AppPatch\AcLayers.DLL
0x77440000 - 0x774dd000 C:\Windows\system32\USER32.dll
0x76f60000 - 0x76fab000 C:\Windows\system32\GDI32.dll
0x761b0000 - 0x76cc0000 C:\Windows\system32\SHELL32.dll
0x774e0000 - 0x7758a000 C:\Windows\system32\msvcrt.dll
0x773e0000 - 0x77439000 C:\Windows\system32\SHLWAPI.dll
0x77290000 - 0x773d5000 C:\Windows\system32\ole32.dll
0x76cc0000 - 0x76d4d000 C:\Windows\system32\OLEAUT32.dll
0x75e30000 - 0x75e4e000 C:\Windows\system32\USERENV.dll
0x75e10000 - 0x75e24000 C:\Windows\system32\Secur32.dll
0x72e80000 - 0x72ec2000 C:\Windows\system32\WINSPOOL.DRV
0x75890000 - 0x758a4000 C:\Windows\system32\MPR.dll
0x77770000 - 0x7778e000 C:\Windows\system32\IMM32.DLL
0x75fd0000 - 0x76098000 C:\Windows\system32\MSCTF.dll
0x761a0000 - 0x761a9000 C:\Windows\system32\LPK.DLL
0x76d50000 - 0x76dcd000 C:\Windows\system32\USP10.dll
0x75a10000 - 0x75bae000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x76170000 - 0x76199000 C:\Windows\system32\imagehlp.dll
0x76fb0000 - 0x77096000 C:\Windows\system32\WININET.dll
0x77a10000 - 0x77a13000 C:\Windows\system32\Normaliz.dll
0x77790000 - 0x778c3000 C:\Windows\system32\urlmon.dll
0x770a0000 - 0x77288000 C:\Windows\system32\iertutil.dll
0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d800000 - 0x6da56000 C:\Program Files\Java\jre6\bin\client\jvm.dll
0x74b50000 - 0x74b82000 C:\Windows\system32\WINMM.dll
0x74b10000 - 0x74b4d000 C:\Windows\system32\OLEACC.dll
0x6d280000 - 0x6d288000 C:\Program Files\Java\jre6\bin\hpi.dll
0x75ee0000 - 0x75ee7000 C:\Windows\system32\PSAPI.DLL
0x6d7b0000 - 0x6d7bc000 C:\Program Files\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000 C:\Program Files\Java\jre6\bin\java.dll
0x6d7f0000 - 0x6d7ff000 C:\Program Files\Java\jre6\bin\zip.dll
0x10000000 - 0x10006000 c:\PROGRA~1\mcafee\SITEAD~1\saHook.dll
0x76dd0000 - 0x76f5a000 C:\Windows\system32\SETUPAPI.dll
0x6d430000 - 0x6d436000 C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1c0000 - 0x6d1d3000 C:\Program Files\Java\jre6\bin\deploy.dll
0x75790000 - 0x75882000 C:\Windows\system32\CRYPT32.dll
0x758f0000 - 0x75902000 C:\Windows\system32\MSASN1.dll
0x6d6b0000 - 0x6d6f2000 C:\Program Files\Java\jre6\bin\regutils.dll
0x750e0000 - 0x750e8000 C:\Windows\system32\VERSION.dll
0x72060000 - 0x72287000 C:\Windows\system32\msi.dll
0x6d610000 - 0x6d623000 C:\Program Files\Java\jre6\bin\net.dll
0x77590000 - 0x775bd000 C:\Windows\system32\WS2_32.dll
0x77a00000 - 0x77a06000 C:\Windows\system32\NSI.dll
0x75400000 - 0x7543b000 C:\Windows\system32\mswsock.dll
0x75470000 - 0x75475000 C:\Windows\System32\wship6.dll
0x6d630000 - 0x6d639000 C:\Program Files\Java\jre6\bin\nio.dll
0x6d000000 - 0x6d138000 C:\Program Files\Java\jre6\bin\awt.dll
0x73b80000 - 0x73b8c000 C:\Windows\system32\DWMAPI.DLL
0x6d220000 - 0x6d274000 C:\Program Files\Java\jre6\bin\fontmanager.dll
0x75010000 - 0x75015000 C:\Windows\System32\wshtcpip.dll
0x74650000 - 0x7465f000 C:\Windows\system32\NLAapi.dll
0x756a0000 - 0x756b9000 C:\Windows\system32\IPHLPAPI.DLL
0x75660000 - 0x75695000 C:\Windows\system32\dhcpcsvc.DLL
0x75be0000 - 0x75c0c000 C:\Windows\system32\DNSAPI.dll
0x75bb0000 - 0x75bb7000 C:\Windows\system32\WINNSI.DLL
0x75600000 - 0x75622000 C:\Windows\system32\dhcpcsvc6.DLL
0x726e0000 - 0x726ef000 C:\Windows\system32\napinsp.dll
0x726c0000 - 0x726d2000 C:\Windows\system32\pnrpnsp.dll
0x726b0000 - 0x726b8000 C:\Windows\System32\winrnr.dll
0x75f80000 - 0x75fc9000 C:\Windows\system32\WLDAP32.dll
0x16080000 - 0x160a5000 C:\Program Files\Bonjour\mdnsNSP.dll
0x730c0000 - 0x730c6000 C:\Windows\system32\rasadhlp.dll
0x75200000 - 0x7523b000 C:\Windows\system32\rsaenh.dll
0x6d520000 - 0x6d544000 C:\Program Files\Java\jre6\bin\jsound.dll
0x6d550000 - 0x6d558000 C:\Program Files\Java\jre6\bin\jsoundds.dll
0x74390000 - 0x74400000 C:\Windows\system32\DSOUND.dll
0x750f0000 - 0x7510a000 C:\Windows\system32\POWRPROF.dll
0x72370000 - 0x7239f000 C:\Windows\system32\wdmaud.drv
0x702b0000 - 0x702b4000 C:\Windows\system32\ksuser.dll
0x74ac0000 - 0x74ae8000 C:\Windows\system32\MMDevAPI.DLL
0x746f0000 - 0x746f7000 C:\Windows\system32\AVRT.dll
0x74660000 - 0x7468d000 C:\Windows\system32\WINTRUST.dll
0x745f0000 - 0x74611000 C:\Windows\system32\AUDIOSES.DLL
0x74320000 - 0x74386000 C:\Windows\system32\audioeng.dll
0x74e20000 - 0x74e29000 C:\Windows\system32\msacm32.drv
0x74e00000 - 0x74e14000 C:\Windows\system32\MSACM32.dll
0x74df0000 - 0x74df7000 C:\Windows\system32\midimap.dll

VM Arguments:
jvm_args: -D__jvm_launched=2662612895 -Xbootclasspath/a:C:\\PROGRA~1\\Java\\jre6\\lib\\deploy.jar;C:\\PROGRA~1\\Java\\jre6\\lib\\javaws.jar;C:\\PROGRA~1\\Java\\jre6\\lib\\plugin.jar -Dsun.plugin2.jvm.args=-D__jvm_launched=2662612895 "-Xbootclasspath/a:C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\lib\\\\deploy.jar;C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\lib\\\\javaws.jar;C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\lib\\\\plugin.jar" "-Djava.class.path=C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\classes" --
java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid1260_pipe3,read_pipe_name=jpi2_pid1260_pipe2
Launcher Type: SUN_STANDARD

Environment Variables:
PATH=C:\Program Files\Internet Explorer;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
PROCESSOR_IDENTIFIER=x86 Family 6 Model 23 Stepping 10, GenuineIntel

--------------- S Y S T E M ---------------

OS: Windows Vista Build 6002 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 7 stepping 10, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3

Memory: 4k page, physical 2097151k(1491328k free), swap 4194303k(4194303k free)

vm_info: Java HotSpot™ Client VM (11.0-b16) for windows-x86 JRE (1.6.0_11-b03), built on Nov 10 2008 02:15:12 by "java_re" with MS VC++ 7.1

time: Sat Apr 17 22:49:06 2010
elapsed time: 6 seconds


BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users