Jump to content

Recommended Posts

I loaded Malwarebytes Anti Malware (version 1.35) onto several machines, did a Quick Scan on them all and it found nothing (I'm glad to say!). I then ran the Full Scan on them and it ran OK on all but one (this one). It froze. I used Process Explorer to kill the program and the PC worked fine.

I have uninstalled it using Add/Remove Programs and the Malwarebytes Clean up utility and reinstalled it but - same problem.

Should appreciate some help please.

Many thanks.

John.

HJT log :-

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:48:55, on 03/04/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\D4\D4.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\CameraFixer.exe

C:\WINDOWS\vsnpstd3.exe

C:\Acronis\TrueImageMonitor.exe

C:\Acronis\TimounterMonitor.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe

C:\ZoneAlarm\zlclient.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = d:\G4PDQ web site stuff\Backup from website\backup-6.1.2008_08-39-48_t12g4pd\backup-6.1.2008_08-39-48_t12g4pd\homedir\public_html\phpwebsite\javascript\editors\tinymce\jscripts\tiny_mce\plugins\paste\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\FTW\Html\blank.htm

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - (no file)

O4 - HKLM\..\Run: [Dimension4] C:\D4\D4.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe

O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Acronis\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Acronis\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [bandmon] C:\Bandwidth Monitor\bandmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: org32.exe

O4 - Global Startup: Microsoft Find Fast.lnk = D:\From C Drive\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Word 2000\Office\OSA9.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: Post-it

Link to post
Share on other sites

  • Staff

Hi,

We recommend to use the quick scan instead of the full scan. The quick scan is "smarter" and faster. Also, it is known that the full scan may crash on certain folders, this because mbam has problems with scanning some (locked) files. These folders are ignored in the quick scan.

Please don't worry about this. This has nothing to do with malware present. Your log looks clean as well. :)

Extra note.. I see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.

  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

I also suggest you update your Internet Explorer.

Link to post
Share on other sites

Hi,

We recommend to use the quick scan instead of the full scan. The quick scan is "smarter" and faster. Also, it is known that the full scan may crash on certain folders, this because mbam has problems with scanning some (locked) files. These folders are ignored in the quick scan.

Please don't worry about this. This has nothing to do with malware present. Your log looks clean as well. :)

Extra note.. I see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.

  • Viewpoint

  • Viewpoint Manager

  • Viewpoint Media Player

I also suggest you update your Internet Explorer.

Many thanks for putting my mind at rest.

Thanks also for the advice about Viewpoint - will do.

I'll also update my IE.

What a great forum this is.

Thanks again.

John.

Link to post
Share on other sites

Many thanks for putting my mind at rest.

Thanks also for the advice about Viewpoint - will do.

I'll also update my IE.

What a great forum this is.

Thanks again.

John.

Whoops!

I went to uninstall Viewpoint Media Player (Add/Remove Programs) and although it shows up in the list of programs, when I try to remove it, I get the usual "Are you sure that you want to remove the Viewpoint Media Player?" and when I hit 'Yes', it does absolutely nothing!

Should be grateful for any suggestions please on how to get rid of it.

Many thanks.

John.

Link to post
Share on other sites

  • Staff

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.