Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Anti-virus software won't run.

This is a discussion on Anti-virus software won't run. within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Help please! I am unable to run any anti-virus etc. I am also unable to reach my System Restore, which


 
 
Thread Tools Search this Thread
Old 06-17-2009, 10:41 AM   #1
Registered Member
 
Join Date: Feb 2005
Posts: 19
OS: WinMe



Help please!

I am unable to run any anti-virus etc. I am also unable to reach my System Restore, which appears to be "blocked".

Other than that the Pc (Windows xp) appears to be running ok!

Any ideas would be very welcome.

I was unable to run gmer.exe!

DS (Ver_09-05-14.01) - NTFSx86
Run by Karl Lang at 18:29:18.64 on 17/06/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1.#QNAN.476 [GMT 1:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\windows\system32\svchost -k DcomLaunch
svchost.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\System32\svchost.exe -k HTTPFilter
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VirusScan\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\BT Backup Manager\VaultClientSRV.exe
C:\windows\Explorer.EXE
C:\Program Files\BT Backup Manager\VaultClientUpgrade.exe
C:\windows\system32\ctfmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\windows\SOUNDMAN.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\windows\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\Documents and Settings\Karl Lang\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://uk.yahoo.com/
uDefault_Page_URL = hxxp://bt.yahoo.com
mDefault_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*https://uk.search.yahoo.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn9\yt.dll
mWinlogon: userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn9\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: {3049c3e9-b461-4bc5-8870-4c09146192ca} - RealPlayer Download and Record Plugin for Internet Explorer
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\siteadvisor\mcieplg.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn9\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn9\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\siteadvisor\mcieplg.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [<NO NAME>]
mExplorerRun: [<NO NAME>] 1 (0x1)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
dPolicies-explorer: HideClock = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - c:\microgaming\poker\ladbrokesmpp\MPPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program files\partygaming.net\partypokernet\RunPF.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
Trusted Zone: amaena.com
Trusted Zone: avsystemcare.com
Trusted Zone: onerateld.com
Trusted Zone: safetydownload.com
Trusted Zone: trustedantivirus.com
Trusted Zone: virusremover2008.com
Trusted Zone: virusschlacht.com
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\siteadvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-9 214024]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-3-26 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-3-26 234888]
R2 ibmfilter;ibmfilter;c:\windows\system32\drivers\ibmfilter.sys [2005-12-22 12544]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-6-17 203280]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-6-17 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\virusscan\mcshield.exe [2009-6-17 144704]
R2 VaultClientSRV;BT Auto Backup Service;c:\program files\bt backup manager\VaultClientSRV.exe [2007-6-22 982120]
R2 VaultClientUpgrade;uninitialized;c:\program files\bt backup manager\VaultClientUpgrade.exe [2008-6-3 56424]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\virusscan\mcsysmon.exe [2009-6-17 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-5 79880]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-5 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-5 40552]
R3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2006-11-30 16384]
R3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\pelusblf.sys [2006-11-30 9216]
S0 ANCSQ;ANCSQ;c:\windows\system32\drivers\ancsq.sys --> c:\windows\system32\drivers\ANCSQ.sys [?]
S1 AxPsHook11;AxPsHook11;\??\ --> [?]
S2 COMSysAppAudioSrv;COM+ System Application COMSysAppAudioSrv;c:\windows\temp\4a.tmp srv --> c:\windows\temp\4A.tmp srv [?]
S2 SENSRpcLocator;System Event Notification SENSRpcLocator;c:\windows\temp\b.tmp srv --> c:\windows\temp\B.tmp srv [?]
S2 smi2;smi2;\??\c:\program files\smi2\smi2.sys --> c:\program files\smi2\smi2.sys [?]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-5 34216]
S3 PCD5SRVC{5964019C-62DD3083-05010003};PCD5SRVC{5964019C-62DD3083-05010003} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pcdr5\PCD5SRVC.pkms [2007-12-10 21280]

============== File Associations ===============

inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
piffile="%1" %*"

=============== Created Last 30 ================

2009-06-17 12:47 5,389 a------- c:\windows\system32\Config.MPF
2009-06-17 12:41 120,136 a------- c:\windows\system32\drivers\Mpfp.sys
2009-06-17 12:40 <DIR> --d----- c:\program files\common files\McAfee
2009-06-17 12:40 <DIR> --d----- c:\program files\McAfee.com
2009-06-17 12:40 <DIR> --d----- c:\program files\McAfee
2009-06-17 11:35 <DIR> --d----- c:\documents and settings\karl lang\smitRem
2009-06-15 22:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-06-15 22:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8ls
2009-06-14 21:50 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}

==================== Find3M ====================

2009-05-07 16:32 345,600 -------- c:\windows\system32\localspl.dll
2009-05-07 16:32 345,600 -------- c:\windows\system32\dllcache\localspl.dll
2009-05-01 19:30 3,366,912 a------- c:\windows\system32\GPhotos.scr
2009-04-29 05:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-29 05:56 827,392 a------- c:\windows\system32\dllcache\wininet.dll
2009-04-29 05:56 233,472 a------- c:\windows\system32\dllcache\webcheck.dll
2009-04-29 05:56 1,159,680 a------- c:\windows\system32\dllcache\urlmon.dll
2009-04-29 05:56 671,232 a------- c:\windows\system32\dllcache\mstime.dll
2009-04-29 05:56 105,984 a------- c:\windows\system32\dllcache\url.dll
2009-04-29 05:56 102,912 a------- c:\windows\system32\dllcache\occache.dll
2009-04-29 05:56 44,544 a------- c:\windows\system32\dllcache\pngfilt.dll
2009-04-29 05:56 3,596,288 a------- c:\windows\system32\dllcache\mshtml.dll
2009-04-29 05:56 477,696 a------- c:\windows\system32\dllcache\mshtmled.dll
2009-04-29 05:56 193,024 a------- c:\windows\system32\dllcache\msrating.dll
2009-04-28 18:15 360 a------- C:\drmHeader.bin
2009-04-28 10:05 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-28 10:05 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-25 06:27 636,088 a------- c:\windows\system32\dllcache\iexplore.exe
2009-04-25 06:26 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-04-17 13:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-17 13:26 1,847,168 -------- c:\windows\system32\dllcache\win32k.sys
2009-04-15 15:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-15 15:51 585,216 -------- c:\windows\system32\dllcache\rpcrt4.dll
2009-03-21 15:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2008-03-06 23:06 24,192 ac------ c:\documents and settings\karl lang\usbsermptxp.sys
2008-03-06 23:06 22,768 ac------ c:\documents and settings\karl lang\usbsermpt.sys
2005-11-23 10:12 18,051 ac------ c:\program files\Install.log
2008-09-18 19:22 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091820080919\index.dat

============= FINISH: 18:30:50.21 ===============
Attached Files
File Type: zip Attach.zip (614 Bytes, 17 views)
muhkau is offline  
Sponsored Links
Advertisement
 
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:36 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts