Hi fellas, first of all i would like to salute all the members here for this fine forum.
Now about my problem ...
yesterday i was surfing on the interent when suddenly this popup window showed up and it said something like "your pc is infected with Win32.MT.RS etc..."
telling me it's a trojan and that it could mess up "exe" files and stuff.
I thought it was only a publicity stunt pop-up, but a bit later I downloaded a demo of Rainbow Six Raven Shield when, to my surprise, the exe would not start up :/. Shortly thereafter I tried to play Splinter Cell Chaos Theory (which had already been installed on my pc for over a month) and it too didn't start up :(.
Then I tested all of my games and they worked just fine ...weird.
I followed all the instructions from the forum with Safe Mode start up, Ad-Aware, SB S&D, CCleaner, SmitFraudFix, Prevx1, Tuneup Utlities and McAfee VirusScan 9.0.
But the game exe still doesn't start up.
So I just wanted to know wether there really is a virus or malware of some sort on my machine that could be causing this or it's just a specific software problem from the game.
here the HiJack log:
Logfile of HijackThis v1.99.1
Scan saved at 13:49:36, on 28/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Scan done at 3:07:03.12, 28/11/2006
Run from C:\Documents and Settings\Sub-Zero\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
I would really appreciate it if someone could take a look and tell me if I have to delete or modify anything.
Your HjT log is clean, but of course this infection usually won't show in a HjT log. I hate to do this because this will make the third time today I've started out people with online scans, but we will have to run one sooner or later. :)
Go here to run Kaspersky Online Scanner.
After downloading, click "My Computer" to scan.
After scanning, click "Save report as".
Save as a text file on the desktop.
Post the log in your next reply along with a new HijackThis log.
Hi Niobis,
Thanks for the reply, unfortunately I can't seem to get the Kaspersky online scan working.
(I tried with Firefox, but it was no go since it requires IE 5 or higher.
...so I fired up IE 7 and I got past the "accept" screen and it seemed to begin downloading up 'till the moment that it asked to install a certain ActiveX component ...which I approved,
but then I was sent back to the "accept agreement" page but this time without the accept button to be seen anywhere ...weird)
my question is ...is it possible for that pop up to have been a publicity stunt about me having "Win32.mt.rs" infection and all :/ ?
btw, I unistalled my McAfee VirusScan 9.0 and installed AVG which seems much better in terms of speed and wallet hit ;)
but it too didn't find anything new except a file "HL2 Hijack.zip" which is a file I downloaded to be able to play my retail copy of Half-Life 2 without the damn Steam ...dunno, could that have triggered some system slowdown ? :/
Run ActiveScan instead.
Go here to run ActiveScan.
Click "Panda ActiveScan.
Fill in the form with your information.
After downloading, click My Computer to scan.
When it finishes, click "See Report".
Click "Save report" and save it to the desktop.
Post the log in your next reply.
Quote:is it possible for that pop up to have been a publicity stunt about me having "Win32.mt.rs" infection and all :/ ?
