Jump to content

Malwarebytes can't detect the virus on my pc. log files included


zoltanb

Recommended Posts

I got infected few days ago. I have bit defender pro. It seems did let it trough. When I start the pc. on the boot up it gives a screen where I have to choose profile because of some hardware issue(I have no hardware issue). There is only one profile to choose from. When this appears even if I do restart the pc I can't go safe mode.It seems blocks it. And if I just choose the profile1 to continue boot up the pc seems works fine for awhile and boom. The typing cursor start to run from left to right when you want to type and everything stops working. Can't even turn the pc off it disable the buttons only the stand by button works. I did try to run my bit defender rescue cd but this virus doesn't even let me to choose from the menu to run the scan only one option let me choose to boot from hard drive. I downloaded the Microsoft Sweeper that couldn't kill it either. After the Microsoft Sweeper scan it boots ok for few times without the profile choose screen. Boots up even in safe mode than it starts the whole thing again. When was booting ok after MS sweeper scan I was able to run the Bit Defender rescue cd in safe mode but it couldn't find anything. Than I downloaded the Malwarebytes and unfortunately that couldn't find it either ( I did the scan in safe mode). I also did try the superspyware without success. This is the first time I can't find and kill virus. I would appreciate some expert help.

Thank you.

Here is the log file

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Sniper at 17:10:53 on 2011-12-20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1324 [GMT -8:00]

.

AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: BitDefender Firewall *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\InstallBrainService\InstallBrainService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\REGSVR32.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

TB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [AlcWzrd] ALCWZRD.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [bitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"

mRun: [bDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\sniper\application data\mozilla\firefox\profiles\nfwxbrmg.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.ebay.com/?ssPageName=ADME:B:TB1:US:1&rvr_id=252345702957&clk_rvr_id=252345702957&crlp=3446086106_258512_320342&UA=WXF%3F&GUID=8ce21e4e1310a0aa150220c2ffacbbec&agid=1270435646&tm_kw=ebay.com&siteid=0&MT_ID=631&tt_encode=raw&keyword=ebay.com&geo_id=1&ff4=258512_320342

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z208&form=ZGAADF&install_date=20111217&q=

FF - plugin: c:\documents and settings\sniper\application data\mozilla\firefox\profiles\nfwxbrmg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2011-8-2 12960]

R1 Bdvedisk;BDVEDISK;c:\windows\sy

Link to post
Share on other sites

  • 1 month later...

Hello ,

Would you advise if you have resolved your issues or if you have sought help elsewhere?

If not resolved and you are not already seeking help elsewhere, I'd like for you to rerun a new DDS and Copy & Paste the DDS.txt into a new reply.

Anyone other than original-poster who has similar issues, do not reply here. Start your own topic.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.