cancel
Showing results for 
Search instead for 
Did you mean: 
Stupoo
Level 7

Infected by a virus and weird looking text file....

Hey, my macafee realtime keeps getting turned off same with all my other anti virus's. When i do scans i find infected files which are removed but i still have this problem.

( I can't boot in normal mode, only safe mode )

I found this wierd notepad file too...

12/29/2009 19:41:32 - PFRO Error: \??\D:\Windows\WindowsUpdate.log, |delete operation|, 0xc000003a
12/29/2009 19:41:32 - 0 Successful PFRO operations

12/29/2009 19:45:40 - PFRO Error: \??\C:\Windows\NV15761896.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 19:45:40 - PFRO Error: \??\C:\Windows\NV19921968.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 19:45:40 - PFRO Error: \??\C:\Windows\NV17721960.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 19:45:40 - PFRO Error: \??\C:\Windows\NV18121968.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 19:45:40 - PFRO Error: \??\C:\Windows\NV22002208.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 19:45:40 - 0 Successful PFRO operations

12/29/2009 20:12:10 - PFRO Error: \??\C:\Windows\NV24242432.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 20:12:10 - PFRO Error: \??\C:\Windows\NV24082628.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 20:12:10 - PFRO Error: \??\C:\Windows\NV22442800.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 20:12:10 - PFRO Error: \??\C:\Windows\NV16281656.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 20:12:10 - PFRO Error: \??\C:\Windows\NV16161132.TMP\nvsvc.ini, |delete operation|, 0xc000003a
12/29/2009 20:12:11 - 42 Successful PFRO operations

1/15/2010 7:17:19 - PFRO Error: \??\C:\Users\Stuart\AppData\Local\Temp\SiteAdvisor\mcinst.exe, |delete operation|, 0xc0000034
1/15/2010 7:17:20 - PFRO Error: \??\C:\Users\Stuart\AppData\Local\Temp\SiteAdvisor\mcinst.exe, |delete operation|, 0xc0000034
1/15/2010 7:17:20 - 155 Successful PFRO operations

1/15/2010 7:38:41 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
1/15/2010 7:38:41 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\vso\mcinst.exe, |delete operation|, 0xc000003a
1/15/2010 7:38:41 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\mpf\mcinst.exe, |delete operation|, 0xc000003a
1/15/2010 7:38:41 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe, |delete operation|, 0xc000003a
1/15/2010 7:38:41 - PFRO Error: \??\C:\Program Files (x86)\McAfee\MPS\mpsres.dll, |delete operation|, 0xc0000034
1/15/2010 7:38:41 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\mps\mcinst.exe, |delete operation|, 0xc000003a
1/15/2010 7:38:41 - 121 Successful PFRO operations

1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/15/2010 15:41:0 - 0 Successful PFRO operations

1/15/2010 18:49:50 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\MSC\mcutil\9,15,101,0\mcutil.dll, |delete operation|, 0xc000003a
1/15/2010 18:49:50 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\MSC\mcutil\9,15,101,0, |delete operation|, 0xc000003a
1/15/2010 18:49:50 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\MSC\mcutil, |delete operation|, 0xc0000034
1/15/2010 18:49:50 - 80 Successful PFRO operations

1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\McAfee\MPS\mpsres.dll, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.exe, |delete operation|, 0xc0000034
1/16/2010 9:19:20 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPIPS.dll, |delete operation|, 0xc0000034
1/16/2010 9:19:21 - 99 Successful PFRO operations

1/17/2010 8:41:38 - PFRO Error: \??\C:\Users\Stuart\AppData\Local\SupportSoft\, |delete operation|, 0xc0000101
1/17/2010 8:41:38 - PFRO Error: \??\C:\Windows\TEMP\SiteAdvisor\mcinst.exe, |delete operation|, 0xc0000034
1/17/2010 8:41:38 - 54 Successful PFRO operations

2/18/2010 15:26:39 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
2/18/2010 15:26:39 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\vso\mcinst.exe, |delete operation|, 0xc000003a
2/18/2010 15:26:39 - 6 Successful PFRO operations

3/11/2010 9:51:58 - PFRO Error: \??\C:\Users\Stuart\AppData\Local\Temp\{3B61CF66-F8A5-46C4-8573-CA5488E42AC0}, |delete operation|, 0xc0000101
3/11/2010 9:51:58 - 4 Successful PFRO operations

3/24/2010 22:36:23 - PFRO Error: \??\C:\Windows\TEMP\SiteAdvisor\mcinst.exe, |delete operation|, 0xc0000034
3/24/2010 22:36:23 - 154 Successful PFRO operations

4/1/2010 15:38:18 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\vso\mcinst.exe, |delete operation|, 0xc000003a
4/1/2010 15:38:18 - 1 Successful PFRO operations

4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch\HWAPI.dll, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\Program Files (x86)\Common Files\McAfee\HackerWatch, |delete operation|, 0xc0000034
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msc\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\vso\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\mpf\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MSC\Updates\Installs\1\mps\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - PFRO Error: \??\C:\PROGRA~3\McAfee\MS

C\Updates\Installs\1\mhn\mcinst.exe, |delete operation|, 0xc000003a
4/29/2010 15:33:30 - 33 Successful PFRO operations

4/29/2010 15:33:3 is the time i booted my computer and at that moment i found out i couldn't boot in normal Windows 7.

Please help.

0 Kudos
1 Reply
Stupoo
Level 7

Re: Infected by a virus and weird looking text file....

Also i found the securuity log which im not sure about,

-------------------------------------------
Monday, July 13, 2009 9:48:54 PM
    Administrative privileged user logged on.
    Parsing template defltbase.inf.
----Configuration engine was initialized successfully.----

----Reading Configuration Template info...


----Configure User Rights...
        SeImpersonatePrivilege must be assigned to administrators. This setting is adjusted.
        SeImpersonatePrivilege must be assigned to SERVICE. This setting is adjusted.
    Configure S-1-5-32-546.
        remove SeInteractiveLogonRight.
    Configure S-1-5-32-547.
        remove SeNetworkLogonRight.
        remove SeSystemtimePrivilege.
        remove SeRemoteShutdownPrivilege.
        remove SeIncreaseBasePriorityPrivilege.
        remove SeInteractiveLogonRight.
        remove SeProfileSingleProcessPrivilege.
        remove SeShutdownPrivilege.
        remove SeRemoteInteractiveLogonRight.

it's removed rights or something O_o or is it me getting nervous??

0 Kudos