Jump to content

Jacktivity

Honorary Members
  • Posts

    360
  • Joined

  • Last visited

Posts posted by Jacktivity

  1. NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

  2. Hi Otis and welcome to Malwarebytes,

    The point is that we don't work on malware removal in this forum. You need to post a new topic in the Malware Removal HijackThis area as PrarieDog has already suggested twice. The people in that area are trained in this. The people here are not. If you are not able to follow the instructions due to not being able to run software, start a new topic there anyway and tell them that you are unable to post logs because you can't get the software to run. Someone will walk you through various steps and give you one on one advice. Be advised that it may be a day or so until someone gets to you. Lots of other people need help as well.

    Meanwhile, it's best to stop trying to remove it yourself at this point because it only complicates things and makes the helper's job tougher and longer.

    Thanks,

  3. <{POST_SNAPBACK}>

    I was told to always reboot to normal mode prior to doing the scan and then reboot after you remove infections - In safe mode I was told that the infected files can be hidden from MBAM - ?? Is this right, or can a 'decent' scan be done in safe mode ??? <_<

    Safe mode was only for downloading while infected, then normal mode was the only to really find the infections -

    If necessary, a scan can be run in safe mode, but should be followed up with a scan in normal mode. Malwarebytes' is designed to be run in normal mode. See the post below for more info.

    http://www.malwarebytes.org/forums/index.php?showtopic=17334

  4. ok i got the log your right it was hidden

    Thanks Ryanking32,

    The developers may or may not ask for additional information.

    By the way, is this the only problem you are having? Are you able to do automatic updates and scans? No other freezing issues?

    If so, please have a look here for common problems, especially with other AV and Firewall programs.

  5. Hi,

    Please try again to post the logs that Swandog46 asked for. I see there was a little typo in the directory structure he gave you. Please look in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs.

    The Application Data folder is set to hidden by default, so you'll have to un-hide it if it isn't already. See here if you don't know how.

    You can open them in notepad and copy and paste the log info into your reply

  6. @ Scarrlette,

    I checked what you posted in the HJT area, and it's just fine. When one of the helpers starts working with you, he/she will tell you what additional tools they want you to use and how to use them. If they need any other logs, they will tell you along the way.

    I can second what Mailman told you about the "edit" feature. It's been abused in the past. Consequently, there is a policy in place that a member needs 50 posts in order to be able to edit.

  7. Here is a copy of my entries off an XP Pro SP2 machine, if it helps.

    Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Parameters

    Class Name: <NO CLASS>

    Last Write Time: 6/22/2009 - 8:38 AM

    Value 0

    Name: ServiceDll

    Type: REG_EXPAND_SZ

    Data: %SystemRoot%\System32\cryptsvc.dll

    Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon\Parameters

    Class Name: <NO CLASS>

    Last Write Time: 6/22/2009 - 8:38 AM

    Value 0

    Name: ServiceDll

    Type: REG_EXPAND_SZ

    Data: %SystemRoot%\System32\seclogon.dll

    Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler

    Class Name: <NO CLASS>

    Last Write Time: 8/6/2009 - 12:11 AM

    Name: ImagePath

    Type: REG_EXPAND_SZ

    Data: %SystemRoot%\system32\spoolsv.exe

    I don't see any @ signs, nor any -1002

  8. Hi Don999

    My version of malwarebyte is 1.38. I can not get the latest updates because the internet connection is not working. Is there a way to get updates on another computer and move them?

    This assumes you have access to either a CD burner or a USB flash drive or similar with the computer you are currently working with and that you have Administrator rights.

    • Download and install Malwarebytes Anti-Malware to the computer you are currently working with.
    • Then go to the UPDATE tab and check for updates if not done during installation.
    • Don't delete the setup file when done. Instead, hold it to burn to the CD or copy to the USB flash drive.
      Ensure that you can view hidden files and folders by opening Windows Explorer - not Internet Explorer - and selecting Tools --> Folder Options --> View.

      Select radio button Show Hidden Files and Folders (should have a dot in it)

      It will look similar to this

      Click Apply to All Folders

      post-13280-1249005598_thumb.jpg


    • Navigate to C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
    • Copy Rules.ref to the same location you are holding the MBAM setup file.
    • Burn MBAM-Setup.exe AND Rules.ref to CD or copy to USB Flash Drive or similar.
    • Install MBAM on computer that has the Internet problem. When asked if you want to update, select no.
    • Copy Rules.ref to C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
    • When asked if you want to replace the existing file, click yes.

    Another place to get an updated database file is here though these are never as current as the ones that MBAM downloads as part of it's own update.

    Once all this is done - They will want NEW logs, so just refer to post #8 from Yardbird above.

    If you can't do any of this, start a new post in the HJT area with what you DO have and someone will help you through the rest of it.

    Good Luck,

    post-13280-1249005598_thumb.jpg

  9. Hi Don999,

    Please look again.

    AdvancedSetup DID reply to your post the next day and advised that your version of Malwarebytes was out of date and needed to be updated. He also provided other instructions. In the absence of a reply from you, he closed the thread on the 20th due to no response.

    I realize sometimes things just happen and you can't be there to respond. We also need to keep the number of open posts in the HJT area manageable, so I hope you understand as well. It's not uncommon for people to ask for help and never return.

    My advice at this point would be to start over with a NEW post in the HJT area.

  10. Hello and Welcome to Malwarebytes.org

    If you're having Malware related issues with your computer that you're unable to resolve.

    1. Please read and follow the instructions provided here: I'm infected - What do I do now?
    2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
    3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.
    • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
    • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
    • Using these other tools often makes the cleanup task more difficult and time consuming.
    • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
    • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
    • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review
    • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.
  11. Hi Norman K,

    Welcome to Malwarebytes. I suspect that you are using Vista and that what is actually prompting you is the UAC (User Account Control) and not Windows Defender. Feel free to correct me if I'm wrong. To get around the UAC prompt, you can use Windows Task Scheduler to schedule Free Agent to launch as a task at startup. Note that you will have to be logged on as an administrator for this to work.

    Here are a couple of easy to follow articles to help you get it done.

    Make Vista launch UAC restricted programs at startup with Task Scheduler
    How To Tame Microsoft Windows Vista's UAC

    Please let us know if that solves the problem.

  12. Hi DLGolfs,

    See if this helps to burn the Memtest+86 ISO

    How to Burn an Image File to CD Using ImgBurn
    1. Download and install ImgBurn from here
    2. Place a blank CD or DVD in the CD/DVD tray and close it.
    3. Start ImgBurn.
    4. Upon startup, ImgBurn will open two windows. The bottom window is an information window only - the top one is a wizard window asking what you would like to do.
    5. In the top window, select Write image file to disc.
    6. On the next screen, find the folder icon with a magnifying glass on it toward the top center. If you hover the mouse over it, it says browse for a file. Click it.
      Note: By default this will show you only disc image types such as .bin, .cue., .img, .iso, etc and won't show other file types.
    7. Highlight the file you wish to burn and select open.
    8. You should be back on the main screen now.
    9. If you have more than one burner, select the one you want to use.
    10. Place a check mark on verify so that it automatically verifies the burn is good at the end of the process.
    11. Click on the icon in the bottom of the window with a right facing green arrow that points to a disc to begin the burn.
    12. The next screen will show the progress bars.
    13. When the burn is complete, the CD/DVD tray will cycle and you may notice a message in the bottom of the information window that says waiting for device to be ready. This is normal and the verification process will start automatically. If you are using a laptop, you most likely will have to close the tray manually.
    14. Once it's verified, you're done.
      Note: If you are trying to burn a bootable CD, you don't need to do any extra steps. ImgBurn will automatically include the boot information that is included in the image file, but the image file DOES have to have that information to make the CD bootable.
  13. Hi bubbleboi

    One of the machines I own is an HP laptop. It used to give me startup fits from time to time just like you are talking about. It would just hang there with the wallpaper showing and nothing apparently happening. Admittedly, I have way fewer startup programs than you do though. :) I would control-alt-del to bring up the task manager and act like I was going to either change users or restart the machine, and that would kind of kick start it again. I finally tracked it down to Zone Alarm. I uninstalled ZA and haven't had a problem since. Unfortunately, ZA is a heavy resource user, though I do like the simple interface. I don't know what's going on with that program lately. I used to use it everywhere, and even got the pro version, but I've had problems with ZA Free on 4 different machines lately. Recently, I did an install of ZA on one of them and found that the box wouldn't even shut down from the start menu. I have no idea why it would do that. The problem went away immediately when I uninstalled ZA. Now I no longer recommend it because of these problems. Not to start a firewall flamewar - this just worked for me. :D

    Pay attention to AdvancedSetup's last bit of advice. I almost missed it myself and was going to recommend it. Get Autoruns and export the list to here. Someone can help trim down some of those startups. The nice thing about Autoruns is that you can turn those startups off and on without uninstalling programs. If you find you've turned off something you want, it's easy to turn it back on. That's why you should get some help here.

  14. Hi,

    One very legitimate reason for an alternate e-mail address is in case you forget your password. The automated account verification needs to send a new temporary password to somewhere you CAN access. I got locked out of AOL this way back in the day because I had failed to update my alternate and it went into limbo. Then I had to call and talk to a real human. Normally, you can get a new temp password at the alternate address in just moments 24/7. They should also follow up at both addresses and tell you that they have changed the password, and offer a link or phone number in case you are NOT the one who requested the change/reset. I don't use a password manager, and with all the accounts we end with these days, if I'm not fairly active somewhere, I do forget. It's tough tryin' to keep it all in my noggin. :D

  15. Thanks Ahsenag! Excellent articles.

    Like Exile360, I like to use the reg cleaner in CCleaner for VERY selective (human approved - after research) removal and trimming. I think it can also assist in trying to pinpoint inconsistencies. For the stuff I don't understand or don't feel like checking into - leave it alone. I used to be one of those that felt like the leaner and meaner the registry, the better performance I was going to get. Like Ed Bott and Fred Langa, I never found any proof, not even on my own systems. I was just lucky I didn't screw anything up too badly in the meanwhile, while I was still learning -Ha! Did I say was? I'm still learning - Every Day! :D

  16. Good info from Jaxryley, though it didn't help in my particular case. I went ahead and took my own medicine this afternoon on the 64 bit machine, merging the reg file I downloaded from the article I referenced above. All APPEARS to be great - but I've thought that before sometimes. I hope it stays that way. Good to hear you're back in business Tigger93.

    @Exile360 regards me beating you to it - great fluke - 3 minutes later, and I'd have been telling you that instead.

  17. This sounds similar to a problem I've been having and just started researching for Vista Ultimate 64. In my case, the folder view keeps changing from icon view to list view. For what it's worth, I have the same icon view changing problem on a Vista Home Premium 32 bit machine.

    Check out this article on How to Reset Windows Explorer Folder View Settings to Make Vista Remember

    Method 2 is the one I'm referring to. It involves deleting/resetting the Bags and BagMRU keys in HKey_Current_User\Software\Microsoft\Windows\Shell, Disabling automatic folder type discovery for templates, increasing the folder view cache memory, and resetting local group policy if necessary.

    They include a download link for a reg file to automate most of it or a step by step guide if you want to do it manually.

    To be honest, even though I've read the article, I haven't yet had time to implement it to see if it works for me. I'll try to do that in the next day or two.

  18. Hi, don't know if this would be suitable for you or not. It's a program called GameBooster from IObit.

    http://www.iobit.com/gamebooster.html#

    Description from the IObit site:

    Game Booster

    Better Play Experience!

    Designed to help optimize your PC for smoother, more responsive game play in the latest PC games with the touch of a button, Game Booster helps achieve the performance edge previously only available to highly technical enthusiasts. It works by temporarily shutting down background processes, cleaning RAM, and intensifying processor performance. That means you can keep all the features of Microsoft

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.