Jump to content

rvmlister

Members
  • Posts

    11
  • Joined

  • Last visited

Everything posted by rvmlister

  1. No threats found by MBAM! Wonderful. Have downloaded Avira Free and am presently running that as well. Maybe I can take a big breath now, TwinHeadedEagle :-) Many, many thanks for your kind help. It looks like you've solved it! Do you happen to know what might have caused all this in the first place? Knowing this might help me avoid getting into this kind of trouble again... All best wishes, Ralph
  2. Bingo! Having run FixExec and re-booted, I ran the previously-downloaded MBAM installer, and still got the "corrupted" error message. So, not to be outdone, I then re-downloaded a fresh version of MBAM installer from the MB site, which overwrote the last download, and ran that. It then installed perfectly, and, as I write, I'm carrying out a full Threat Scan on the infected computer. It's scanning the files now, and will begin the heuristic phase of the scan in a short while, no doubt. So far, no infections logged. I will let you know what the scan finds, if anything, when it's finished. I am beginning to feel relieved! :-) Best wishes, Ralph
  3. I have now uninstalled all components of Avira using Control Panel, and have re-booted (twice). MBAM still says it's set-up file is corrupted, and mbam-cleaner still responds saying it is not a valid Win32 application. So removing Avira does not seem to help. Now I no longer have Avira OR MBAM on my infected unit!
  4. So, I re-started the infected PC, booting as per normal. I then downloaded a fresh version of MBAM (to re-install it after uninstalling a week ago, when the problem arose), and attempted to run it: same error message came back as before - the file is "corrupted". That seems strange. I then tried to run mbam-cleaner (which, admittedly, I had downloaded last week), and, as before, back came the message that this not "a valid Win32 application". Is there something I am missing? I can hardly believe the new MBAM setup would be "corrupted"...
  5. Here's the fixlog.txt in its entirety: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02 Ran by SYSTEM at 2015-05-19 11:43:02 Run:1 Running from g:\ Boot Mode: Recovery ============================================== Content of fixlist: ***************** Startup: C:\Users\Ralph Lister\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-05] ShortcutTarget: Dropbox.lnk -> (No File) S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork C:\Users\Ralph Lister\AppData\Local\Temp\AskSLib.dll C:\Users\Ralph Lister\AppData\Local\Temp\avgnt.exe C:\Users\Ralph Lister\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpild7n1.dll C:\Users\Ralph Lister\AppData\Local\Temp\processhacker-2.33-setup.exe C:\Users\Ralph Lister\AppData\Local\Temp\RHSetup.exe C:\Users\Ralph Lister\AppData\Local\Temp\SHSetup.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.0.7-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.0.8-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.2-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.3-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.5-win32.exe ***************** C:\Users\Ralph Lister\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk => Moved successfully. ShortcutTarget: Dropbox.lnk -> (No File) not found. APNMCP => Service deleted successfully. C:\Program Files (x86)\AskPartnerNetwork => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\AskSLib.dll => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\avgnt.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpild7n1.dll => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\processhacker-2.33-setup.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\RHSetup.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\SHSetup.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.0.7-win32.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.0.8-win32.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.2-win32.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.3-win32.exe => Moved successfully. C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.5-win32.exe => Moved successfully. ==== End of Fixlog 11:43:03 ====
  6. Making some progress! Yes, this way I was able to run FRST - at last :-) Here's the log, copied and pasted in its entirety. Thanks for your ongoing help, TwinHeadedEagle - much appreciated. Ralph Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02 Ran by SYSTEM on MININT-EKIF8NA on 18-05-2015 23:16:01 Running from g:\ Platform: Windows 7 Home Premium (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor) HKLM-x32\...\Run: [biosNotice] => C:\Program Files (x86)\BIOSTAR\BiosNotice\BiosNotice.exe [1003008 2010-10-13] () HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-10] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [DigidesignMMERefresh] => C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-15] (Avid Technology, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-05-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) Startup: C:\Users\Ralph Lister\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-05] ShortcutTarget: Dropbox.lnk -> (No File) ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-05-11] (Avira Operations GmbH & Co. KG) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-11] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-11] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-05-11] (Avira Operations GmbH & Co. KG) S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.) S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG) S2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-15] (Avid Technology, Inc.) S2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe [75040 2008-09-05] (Ralink Technology, Corp.) S2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter64.exe [210720 2008-09-05] (Ralink Technology, Corp.) S2 rtpMIDIService; C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe [1142272 2012-08-23] (Tobias Erichsen) S4 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-07-17] (Enigma Software Group USA, LLC.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-05-05] (Avira Operations GmbH & Co. KG) S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG) S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG) S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-05-05] (Avira Operations GmbH & Co. KG) S1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-10] (BIOSTAR Group) S1 BIOS; C:\Windows\SysWOW64\drivers\BIOS64.sys [14136 2009-06-10] (BIOSTAR Group) S1 BS_I2cIo; C:\Windows\system32\drivers\BS_I2c64.sys [15408 2010-05-17] (BIOSTAR Group) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] () S3 MBOX; C:\Windows\System32\DRIVERS\AvidMbox.sys [423728 2012-02-23] (Avid) S3 MBOXDFU; C:\Windows\System32\DRIVERS\AvidMbox_DFU.sys [30512 2012-02-23] (Avid) S3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-15] (Tobias Erichsen) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-18 23:15 - 2015-05-18 23:16 - 00000000 ____D () C:\FRST 2015-05-17 14:25 - 2015-05-17 14:25 - 00582335 _____ () C:\Users\Ralph Lister\Downloads\FRST64(1).exe 2015-05-12 13:45 - 2015-05-12 13:45 - 00415895 _____ () C:\Users\Ralph Lister\Downloads\FRST64.exe 2015-05-11 19:42 - 2015-05-11 19:42 - 02042244 _____ () C:\Users\Ralph Lister\Downloads\esetsmartinstaller_enu.exe 2015-05-11 19:34 - 2015-05-11 19:34 - 00214415 _____ () C:\Users\Ralph Lister\Downloads\rkill.exe 2015-05-11 19:26 - 2015-05-11 19:27 - 20373700 _____ (Malwarebytes Corporation ) C:\Users\Ralph Lister\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-11 19:20 - 2015-05-11 19:21 - 00301892 _____ (Malwarebytes Corporation) C:\Users\Ralph Lister\Downloads\mbam-clean-2.1.1.1001.exe 2015-05-11 19:16 - 2015-05-11 19:16 - 00261988 _____ () C:\Users\Ralph Lister\Downloads\mbam-clean-2.1.1.1001 (2).exe 2015-05-11 16:40 - 2015-05-11 16:40 - 00003014 _____ () C:\Windows\System32\Tasks\{2AAB8110-7528-4E10-B217-91A47FCC7099} 2015-05-11 16:39 - 2015-05-11 16:39 - 00003014 _____ () C:\Windows\System32\Tasks\{5B0C8252-A725-4436-8FE3-0DE4D91F2617} 2015-05-11 16:35 - 2015-05-11 16:35 - 00000000 ____D () C:\Users\Ralph Lister\Desktop\Old Firefox Data 2015-05-11 16:16 - 2015-05-11 16:17 - 06420600 _____ (Tim Kosse) C:\Users\Ralph Lister\Downloads\FileZilla_3.10.3_win64-setup.exe 2015-05-05 12:35 - 2015-05-05 12:35 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-18 11:15 - 2014-02-12 16:20 - 00000000 ___RD () C:\Users\Ralph Lister\Dropbox 2015-05-18 11:15 - 2014-02-12 16:18 - 00000000 ____D () C:\Users\Ralph Lister\AppData\Roaming\Dropbox 2015-05-18 11:14 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-18 11:14 - 2009-07-13 20:51 - 00179967 _____ () C:\Windows\setupact.log 2015-05-17 22:51 - 2013-01-26 17:19 - 01797811 _____ () C:\Windows\WindowsUpdate.log 2015-05-17 22:43 - 2009-07-13 20:45 - 00014608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-17 22:43 - 2009-07-13 20:45 - 00014608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-17 22:39 - 2013-09-16 04:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-17 22:39 - 2009-07-13 21:13 - 00713888 _____ () C:\Windows\System32\PerfStringBackup.INI 2015-05-11 19:05 - 2013-01-29 08:51 - 00000000 ____D () C:\Users\Ralph Lister\AppData\Roaming\FileZilla 2015-05-11 17:49 - 2013-01-26 15:33 - 00291820 _____ () C:\Windows\PFRO.log 2015-05-11 16:22 - 2013-08-19 09:01 - 00000000 ____D () C:\Users\Ralph Lister\AppData\Roaming\Avira 2015-05-11 16:22 - 2013-08-19 08:59 - 00000000 ____D () C:\ProgramData\Avira 2015-05-11 16:17 - 2013-01-29 08:51 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2015-05-05 17:02 - 2013-01-26 15:36 - 00000000 ____D () C:\Users\Ralph Lister\AppData\Roaming\Digidesign 2015-05-05 12:39 - 2013-09-16 04:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-05-05 12:39 - 2013-08-04 17:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-05 12:39 - 2013-01-28 13:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-05 12:38 - 2013-08-19 08:59 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys 2015-05-05 12:38 - 2013-08-19 08:59 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys 2015-05-05 12:38 - 2013-08-19 08:59 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys 2015-05-05 12:36 - 2014-08-13 05:24 - 00001131 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-05-05 12:36 - 2014-08-13 05:24 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-05 12:35 - 2013-08-19 08:59 - 00000000 ____D () C:\Program Files (x86)\Avira Some content of TEMP: ==================== C:\Users\Ralph Lister\AppData\Local\Temp\AskSLib.dll C:\Users\Ralph Lister\AppData\Local\Temp\avgnt.exe C:\Users\Ralph Lister\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpild7n1.dll C:\Users\Ralph Lister\AppData\Local\Temp\processhacker-2.33-setup.exe C:\Users\Ralph Lister\AppData\Local\Temp\RHSetup.exe C:\Users\Ralph Lister\AppData\Local\Temp\SHSetup.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.0.7-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.0.8-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.2-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.3-win32.exe C:\Users\Ralph Lister\AppData\Local\Temp\vlc-2.1.5-win32.exe ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-11-30 22:03:33 Restore point made on: 2014-12-08 08:50:57 Restore point made on: 2014-12-15 09:53:23 Restore point made on: 2015-05-05 13:31:46 Restore point made on: 2015-05-11 19:19:31 Restore point made on: 2015-05-11 19:56:12 Restore point made on: 2015-05-17 15:07:09 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3967.3 MB Available physical RAM: 3367.56 MB Total Pagefile: 3965.45 MB Available Pagefile: 3352 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:196.06 GB) (Free:65.4 GB) NTFS Drive e: (Storage) (Fixed) (Total:735.35 GB) (Free:10.65 GB) NTFS Drive g: (ATTACHE16GB) (Removable) (Total:14.96 GB) (Free:14.96 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 956F78D7) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=196.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=735.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=15 GB) - (Type=0C) LastRegBack: 2015-05-17 14:59 ==================== End Of Log ============================
  7. Heya - I entered Safe mode and attempted to run FRST from there, but no luck, again, the same error message: not a Win32 application. So, no, I can't run FRST from Safe mode. Interestingly, I also tried to run the MBAM setup file (which I had downloaded earlier) while I was still in Safe mode, and the error message for that was that the file was "corrupted" and it couldn't run - not that it was "not a Win32 application", as per all the other error messages I've been getting. I got the MBAM installer from the MBAM site, so hardly likely that that file is corrupted?
  8. No, I did not. Good call. So, I temporarily deactivated Avira (umbrella down), then tried to run FRST again, and the same error message "FRST64.exe is not a valid Win 32 application" came up after I'd hit the Run button on the FRST launch, not allowing me to go further, the only option being to close out of trying to run it. So Avira off, same result. MBAM is now off my system (I have been unable to re-install it - same problem). Also, when I was re-installing Malwarebytes, I got the same error message... I would think that Avira would operate with MBAM without that kind iof message/denial, so, again, it doesn't make me suspect Avira as the culprit here. It seems I just can't run any .exe or install files. Even when I was trying an online scanning service, which needed me to download and run its installer on my unit, I got the same error message when attempting to run that too. Thoughts?
  9. Hi there TwinHeadedEagle, Many, many thanks for your help. I tried this before, and I tried it again - always hopeful! I downloaded FRST (for my 64-bit OS), saved the .exe file, attempted to run it, and was blocked (again) by the same error message as before, namely, that "FRST64.exe is not a valid Win 32 application". I just can't seem to run any .exe files! All best wishes, Ralph
  10. Hi there, good MBAM folk :-) I am directed by one of the kind MBAM moderators to open a new thread after initially posting under the incorrect catregory. Here goes: Computer: PC, Windows 7 Home Premium, 64 bit. Malwarebytes Free, Avira Pro. Note: I have chosen NOT to install the Windows Updates - this may/may not be relevant. I first noticed there might be a problem when I was attempting to download regular definition Updates for Malwarebytes. The download could never quite complete - it froze up 3/4 of the way through. Same result after several attempts. I then uninstalled Malwarebytes using Control Panel. I also downloaded the mbam-cleaner file from the MBAM site. BUT I was then unable to open this mbam-cleaner file beyond the Run window (which I clicked), getting instead the error message "mbam-cleaner.exe is not a valid Win32 application". Having uninstalled MBAM, I then re-downloaded MBAM, but, when running the .exe file to re-install it, upon hitting Run, the system would not go any further than coming up with the error message, once again, "not a valid Win32 application". So I was unable to run mbam-cleaner OR re-install MBAM. Not good. Same exact result when I tried to run rkill - same equivalent error message: "rkill.exe is not a valid Win32 application". Definitly something is awry. These are very likely to be good .exe files, and something is choosing to block their opening. I've never seen this error message before. I have made no changes whatsoever to my registry or startup - nothing at all. Additional info: As per the malware instructions, I have since downloaded FRST (FRST64.exe) and attempted to run it, and, again, as soon as I click Run, up comes the same error message, this time saying "FRST64.exe is not a valid Win 32 application" and it doesn't go any further than that. This bad stuff is stopping everything dead in its tracks, so I can't even diagnose/cure the problem with FRST! I am posting from the 'infected' computer, so the unit still has considerable functionality, despite whatever bad stuff is going on. Any wisdom very much appreciated indeed. All warmest wishes, Ralph
  11. Hi there, good MBAM folk :-) PC, Windows 7 Home Premium, 64 bit. I have chosen NOT to install the Windows Updates - this may/may not be relevant. Malwarebytes Free, Avira Pro. I first noticed there might be a problem when I was attempting to download regular definition Updates for Malwarebytes. The download could never quite complete - it froze up 3/4 of the way through. Same result after several attempts. I also noticed the internet was running very slowly (and normally it's pretty quick). Another change in behavior. I uninstalled Malwarebytes using Control Panel. I also downloaded the mbam-cleaner file from the MB site. BUT I was unable to open this mbam-cleaner file beyond the Run window (which I clicked), only to get the error message "mbam-cleaner.exe is not a valid Win32 application". Same result when I tried to run rkill - same equivalent error message: "rkill.exe is not a valid Win32 application". Definitly something is awry. These are very likely to be good files, and something is choosing to block their opening. I've never seen this error message before. I have made no changes whatsoever to my registry or startup - nothing at all. Otherwise the computer still appears to be running as it should. I am writing to you from my laptop. Any wisdom very much appreciated. All warmest wishes, Ralph
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.