Unsolved
This post is more than 5 years old
43 Posts
0
35275
HELP....Virus not allowing me access to internet or to open any programs(such as control panel, hijackthis, etc.) and I have virus protection(symantec)
I need help! I think I have a virus and not sure what it is or what to do. I am unable to open anything without a box popping up that says
"Security WArning...Application cannot be executed. The file _______ is infected. Doyou want to activate your antivirus software now?" Then another small box pops up the says "Infiltration Alert" Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan - dropper or similar" Then it gives a little more info. And yet another bigger box will pop up titled "ATTention! Spyware Alert...vulnerabilities found...thengoes on to say other things.
When I try to access the internet, the only page that comes up is Internet Explorer Warning - visiting this website may harm your computer.. It goe son to say other things. I cannot access any internet page(ie google, aol, etc.).This will come up instead. Now if I don't manually access the internet, the internet automatically opens to some adult site (adult.com..porn.com)...?
I tried to open hijackthis(had on my computer from a previous issue long ago...I know it's probably out of date but just wanted to see if I could do it......... It would not open. The first box "Security Warning...." comes up instead.. So I have no clue as to how I would even send you guys a log or access any urls. I can't open control panel, network...nothing!!!
I have Symantec on my computer but not sure what's going on. I went ahead and did an update on it even though I'm pretty sure it was already updated. I need help. Should I turn off the computer, do I leave it on. Do I go ahead and hit "no" on these popups. Ctrl ALT Del doesn't even work for this stuff. Did I say I NEED HELP!
Thanks so much! I've attached a few pics so hope they come through.
Regards, Yolanda
yjohnson94
43 Posts
0
April 23rd, 2010 10:00
Anyone?? :emotion-43: Please help. Should I go into Safe Mode, then try to install AVG spyware and Hijack this? Not sure what to do. I also have 2 other logins on the computer and when I went into my son's, I didn't see those viruses so it's only when I access mine(as administrator). I have Windows XP. Thanks
iroc9555
1K Posts
0
April 23rd, 2010 19:00
Hi Yolanda.
You have to have patience. You already posted in the malware removal forum. May be they are busy. Do not go into safe mode to install AVG and less still play with Hijack This without instructions from a qualify member. From one of your pictures I could see you may have "Antivirus 2010" rogue program that is given you those false alerts and stopping your PC to connect to Internet, and may be that is your only problem, may be. There is a tutorial to get rid of that pesky program, but you need a working PC to print the instructions and download Malwarebytes to install in your PC. If you want to try it, this is the tutorial. If it work, I would advice you to wait afteward for a qualify member to give you further instructions to check more deeply your PC for other infections. Be Aware, whatever Malwarebytes finds put it in quarantine. Do not delete and keep the log of whatever it may find to give to the person who would be helping you.
Hope it helps.
yjohnson94
43 Posts
0
April 23rd, 2010 22:00
Thanks Hernan! That helps. I thought posting in the Malware was incorrect, that's why I posted here thinking this should have been the forum to post in. I do have other PCs so I'll try to the process of removing the Antivirus 2010. I'll post what I find.
Thanks again.
yjohnson94
43 Posts
0
April 25th, 2010 10:00
Okay. I dont' think it's the antivirus 2010 that I have as that didn't work. I'm also experiencing a lot of PORN type pop ups when IE automatically opens...
I went into safe mode to post a HIjack log and Malware log as I could not open HiJackThis in normal mode. I ran Malware 2 days ago, it quarantined 2 items but when I ran it this morning, it found no infections....yet nothing has changed(same problems). The quarantined items in Malware are
Vendor: Malware.Trace Items: C:\WINDOWS\Herjek.config
Vendor: Adware.Coupons Items: HKEY_Current_User\softwar
Here is my Malware Log:
Malwarebytes' Anti-Malware 1.34
Database version: 1898
Windows 5.1.2600 Service Pack 3
4/25/2010 10:17:30 AM
mbam-log-2010-04-25 (10-17-30).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 250236
Time elapsed: 1 hour(s), 31 minute(s), 1 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
And Here is my HiJack Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:08 PM, on 4/25/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173327661\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [njkbcyic] C:\Documents and Settings\Yolanda Johnson\Local Settings\Application Data\xntgopdrp\kbrbvkatssd.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [njkbcyic] C:\Documents and Settings\Yolanda Johnson\Local Settings\Application Data\xntgopdrp\kbrbvkatssd.exe
O4 - HKUS\S-1-5-20\..\Run: [zedorabise] Rundll32.exe "C:\WINDOWS\system32\hemeketu.dll",s (User 'NETWORK SERVICE')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (file missing)
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Yolanda Johnson\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Update Service (gupdate1ca68c8ef46d4e8) (gupdate1ca68c8ef46d4e8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 13623 bytes
iroc9555
1K Posts
0
April 25th, 2010 12:00
No worries David. Thank you for backing me up.
I saw the data version (1898), but I missed the program version (1.34). It is really "ancient". May be two years back, and that in antimalware products you can call it prehistoric.
Regards.
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
April 25th, 2010 12:00
EDIT: I see that Hernan and I were responding at about the same time... since I've already taken the time to compose this response, I will leave it... intact... although it does duplicate much of what Hernan said...
You wrote: "I dont' think it's the antivirus 2010 that I have as that [MBAM] didn't work".
Be advised that you're running a very ancient version of MBAM: Malwarebytes' Anti-Malware 1.34 , Database version: 1898
The current program version is Malwarebytes' Anti-Malware 1.45, Database version: 4035
Something that old is not programmed to find/remove the latest threats --- The newer version may at least have a fighting chance.
MBAM runs best in normal mode. But if you can't get it to run normally, you can try to run (the current version) in safe mode... hopefully it will find enough this time.... that you will then be able to run in again in Normal mode.
-----------------
HiJackThis analysis is done in the Malware Removal Forum. You have already started a thread there, you should add on a copy of your HJT log there.
http://en.community.dell.com/support-forums/virus-spyware/f/3521/t/19331406.aspx
Alternatively, since the DELL forums are running VERY SLOWLY at present, it might work out better for you if you (joined, and) posted your HJT log at another forum, such as SpywareHammer: http://spywarehammer.com/simplemachinesforum/index.php?board=10.0
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
April 25th, 2010 12:00
Actually, only about 1 year old... but "prehistoric" nonetheless, malwarewise.
iroc9555
1K Posts
0
April 25th, 2010 12:00
Yolanda.
Your malwarebyties´ data version is outdated. Try to update it and scan (full) again. Your HijackThis log must be displayed in the Malware Removal Forum here.
You can read Bugbatter instructions to properly install, update (if it can not connect to the server), and run Malwarebytes´ here second post.
Good luck.
Bugbatter
20.5K Posts
0
April 25th, 2010 13:00
yjohnson94, I can see the malware in your log, but while Dell is working on their forum upgrade, it is not easy for the helpers on the MR forum to handle logs. Pages are loading slowly and I keep getting logged out while doing research. Your issue will probably be handled within 48 hours if you follow ky331's suggestion. Perhaps in a week or so the Dell Community Forums will be running more smoothly.
Jeff Hoffman
881 Posts
0
April 26th, 2010 12:00
I apologize for interupting here....... But isn't "Antivirus 2010" itself malware???
Just wondering.
Jeff
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
April 26th, 2010 13:00
yes. despite the name "ANTI-virus 2010", the program is indeed malware.
we typically refer to such a program as being a "rogue" program. using a deceptive name... and sometimes, extreme scare-tactics, it entices (or forces/ransoms) you to run [and sometimes even purchase] it.
yjohnson94
43 Posts
0
April 26th, 2010 14:00
Thank you guys soo much! I've always relied on you & you've never let me down.... *Hi Bugbatter* - You've always helped me before so I appreciate you chiming in again too as well as the other guys(or gals..)
I had a long work day yesterday so didn't get a chance to update the Malwarebytes but plan to do it this evening when I get home.
I will also do what you suggest and try this other forum.....I'll post my new log here anyway just in case but will post should I get further from the other site.
I can run the Malwarebytes in normal mode but I doubt it will let me install it in normal mode. I'll have to install it in safe mode.
Thanks again,
iroc9555
1K Posts
0
April 26th, 2010 16:00
Hi Yolanda.
The trick to install MBAM in an infected PC is to change the name of the installer before you copy it from an uninfected working PC to a pen drive, flash or CD, from "mbam-setup-1.45.exe" to let´s say "yolanda.exe" then you transfer (copy) the file to the infected PC and double click "yolanda.exe" to install MBAM.
Regards.
PS: Yolanda you are most welcome, and Jeff you too. Whoever takes Jeff´s invitation on to go to Missouri to eat ribs please look me up. I need a ride.
yjohnson94
43 Posts
0
April 26th, 2010 19:00
Well I was almost there. I was installing the Malwarebyte software and it was almost done. I saw the finish button for completing the installation and clicked it. I then went to open it so I can scan and the SEcurity WArning box ..got me! It popped up saying "Application cannot be executed. The file mbam.exe is infected....do you want to activate your antivirus software now? It appears that that doesn't start happening right away..so I'll try to log off and back on in normal mode & try to hurry & run the Malwarebyte before it has a chance to interrupt. I'll let you know what happens... Patience, Patience, patience. Thanks
Jeff Hoffman
881 Posts
0
April 26th, 2010 19:00
Please forgive me for getting in the middle of this - I am trying to learn. Did you rename mbam.exe to xxxx.exe? Or did the virus spot the name?
Jeff