Davexxx
-
Posts
32 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Davexxx
-
-
Many thanks - adding the exclusions to VIPRE has remedied the problem.
Dave.
-
I have the same problem (cannot enable malware protection), commenced this morning after initial boot (v 3.4.5.2467 & Win7 x64 Pro), mb-check-results.zip attached.
Dave.
-
Many thanks - completed (Thread can be closed).
Dave.
-
Is a final tidy-up is still needed - e.g., to remove FRST logs/quarantines & delete 'system restore' backups still holding virus content ?
Dave.
-
Looks OK (MAM threat scan found nothing).
Dave.
-
Apologies - for 'missing' read 'hidden', so Malwarebytes Anti-Malware is amongst the hidden icons (as expected).
Dave.
-
After FRST re-boot, Malwarebytes Anti-Malware is back again amongst the 'Missing Icons' on the toolbar.
FRST Fixlog.txt attached.
Dave.
-
I've just noticed that Malwarebytes Anti-Malware is missing from the 'Missing Icons' on the toolbar (VIPRE is there)
FRST scan files attached.
Dave.
-
1) Error message post-boot:
RegSvr32
The module "C:\ProgramData\GoluKfid\OatboSratl.fox" failed to load.
Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.
The specified module could not be found.
2) Start-up includes:
Yes HKCU:Run GoluKfid Microsoft Corporation regsvr32.exe "C:\ProgramData\GoluKfid\OatboSratl.fox"
No trace of OatboSratl.fox apart from the two quarantine copies.
Dave.
-
Yes - deleting C:\ProgramData\GoluKfid\ also deletes C:\Users\All Users\GoluKfid\
Dave. -
Superficially OK (nothing detected by Malwarebytes scan), but there are still two copies of OatboSratl.fox post-FRST fix at 15:58 (plus two in quarantine), see screenshot.
Dave.
-
-
-
-
VirusTotal scan:
File name: OatboSratl.fox
Detection ratio: 20 / 57
Analysis date: 2015-02-14 12:18:26 UTC ( 0 minutes ago )
Dave.
-
Malwarebytes Anti-Rootkit now runs without premature exit - files attached (mbar-log-2015-02-14 (11-13-34).txt & system-log.txt), plus subsequent FRST scan files (FRST.txt & Addition.txt).
The 3 copies of OatboSratl.fox (as per earlier screenshot, with same size, dates & paths) still remain.
Dave.
-
Malwarebytes Anti-Rootkit: "An error has occurred: Scan failed!" on two attempts (updated successfully) ...
1) Malwarebytes Anti-Rootkit - "Registry Value "AppInit_Dlls" has been found ... Press 'no' button if not sure [selected] ... if tool crashes ... restart and press "yes" ...'
"This version of Malwarebytes Anti-Rootkit requires ... to completely exit ... [OK selected] - "An error has occurred: Scan failed!" and exit
2) Launched mbar.exe - "Registry Value "AppInit_Dlls" has been found ... Press 'no' button if not sure ... if tool crashes ... restart and press "yes" [selected] ...'
"This version of Malwarebytes Anti-Rootkit requires ... to completely exit ..." [OK selected] - "An error has occurred: Scan failed!" and exit
So FRST scan not undertaken.
Dave.
-
Also, there are two start-up entries (the first is new, and disabled by me)
No HKCU:Run GoluKfid Microsoft Corporation regsvr32.exe "C:\ProgramData\GoluKfid\OatboSratl.fox"
No HKCU:Run GoluKfid Microsoft Corporation regsvr32.exe "C:\ProgramData\GoluKfid\OatboSratl.fox"
Dave.
-
Thanks - Fixlog.txt attached.
FYI: Two newer versions of OatboSratl.fox have appeared - screenshot of the search for all .fox files attached (post-FRST fix 09:55 14 Sep 2015)
Dave.
-
-
Virustotal reports:
File name: OatboSratl.fox
Detection ratio: 5 / 57
Kaspersky - UDS:DangerousObject.Multi.Generic - 20150213
Avira - TR/Crypt.ZPACK.Gen8 - 20150213
AVG - Inject2.BOTR - 20150213
Bkav - HW32.Packed.C45E - 20150213
ESET-NOD32 - a variant of Win32/Kryptik.CYGW - 20150213
Dave.
-
And delete these ?:
C:\ProgramData\GoluKfid\OatboSratl.fox
C:\Users\All Users\GoluKfid\OatboSratl.fox
TIA.
Dave
-
Just a final note: the Laptop start-up procedure still contains this entry
Yes HKCU:Run GoluKfid Microsoft Corporation regsvr32.exe "C:\ProgramData\GoluKfid\OatboSratl.fox"
Which I've disabled - presumably it can be deleted ?
Dave.
-
SvcRepair.log is attached.
I've just scanned the system with Malawarebytes & VIPRE and neither detected anything, and there's no unusual activity - so I guess that's it fixed ?
I'll send something shortly as a contribution to tonight's drinks ;-)
Dave.
Can not turn on malware protection
in Malwarebytes for Windows Support Forum
Posted
FYI: The problem has returned after first boot this morning: MB flagged 'Malwareware protection off'', but it cannot be enabled.