-
Content Count
1,848 -
Joined
-
Last visited
Posts posted by SpySentinel
-
-
I just have a few more scans to make sure no malware is hiding.
Rootkit Unhooker:
- Please download Rootkit Unhooker and save it to your desktop.
- Now double-click on RKUnhookerLE.exe to run it.
- Click the Report tab, then click Scan.
- Check (Tick) Drivers, Stealth. Uncheck the rest and then click OK.
- Wait till the scanner has finished and then click File, Save Report.
- Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.
Note** you may get the following warning, just click OK and continue.
"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"
- Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
- Double click on RSIT.exe to run RSIT.
- Click Continue at the disclaimer screen.
- Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Also, let me know how your computer is running.
- Please download Rootkit Unhooker and save it to your desktop.
-
Hi,
Launch Malwarebytes' Anti-Malware
- Please check for updates. If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish, so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked , and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
Run ESET Online Scan
- Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan - Click the
button.
- For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on
to download the ESET Smart Installer. Save it to your desktop.
- Double click on the
icon on your desktop.
- Check
- Click the
button.
- Accept any security warnings from your browser.
- Check
- Push the Start button.
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push
- Push
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
- Push the
button.
- Push
You can refer to this animation by neomage if needed.
- Please check for updates. If an update is found, it will download and install the latest version.
-
You're welcome
Run OTL.exe
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
[2010/03/28 21:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Abi\Application Data\AVG9
[2011/04/05 18:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot when it is done
- Under the Custom Scans/Fixes box at the bottom, paste in the following
-
Hi VirusPain,
Welcome to the Malwarebytes Forum
My name is Matt and I will be helping you with your malware issue. I apologize for the delay as we have been very busy lately.
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Download OTL to your desktop.
-
Hehe, not exactly
.
I loved the Transformers: Beast Wars series
-
If you break a sweat doing it, its a sport to me
Glad you had a great birthday and thanks for the leftover cake...Oops, guess I was suppose to save some for everyone else.
-
Hi grog1961,
So, there is no way to have it automatically check or tell you thatdefinitions are available for download????
I think there should be since they update so much each day.
If you have the PRO version, you can set Malwarebytes Anti-Malware to automatically update definitions. There is also an option that will show a notification when Malwarebytes Anti-Malware automatically updates the definitions.
-
Thanks. Anyone else have any comments or recommendations?
Make sure the ESET Smart Security firewall is turned off if you are using Comodo Firewall.
-
You're welcome
I didn't know this until i went to trend micro forum! Is it still neccessary for me to install MBAMMalwarebytes Anti-Malware is an extra layer of protection that can be used along side antivirus software. We target threats that traditional antivirus applications aren't good at catching.
-
Is there a way the Moderators can mark posts, resolved in this fashion, to notify other users of the PM resolution ?
Yes and no. It would take some tweaking of the forum skin to add something like that, but it is technically possible. The actual thread title could be changed as well to indicate something like that.
-
Hi Statics,
Welcome to the Malwarebytes Forum
Have a look around and I hope you enjoy your stay!
-
Hi Staticguy,
Welcome to the Malwarebytes Forum
You can set exclusions for MBAM in Trend Micro to help resolve the conflict.
Set Exclusions for Malwarebytes' Anti-Malware in Trend Micro on 32 bit Windows Versions:
- Open Trend Micro and click on the Settings button at the bottom of the main menu (looks like a small cog/wheel).
- Click on Exception List from the list on the side panel, and then select Programs/Folders.
- Add the following items.
- C:\Program Files\Malwarebytes' Anti-Malware
- C:\Windows\System 32\Drivers\mbam.sys
- C:\Windows\System 32\Drivers\mbamswissarmy.sys
[*]Once that is complete, click the apply button.
[*]Now click on websites and click the add button and then add the Malwarebytes update domain.
- data-cdn.mbamupdates.org
[*]Click the Apply button and then Restart the computer.
- C:\Program Files\Malwarebytes' Anti-Malware
Set Exclusions for Malwarebytes' Anti-Malware in Trend Micro on 64 bit Windows Versions:
- Open Trend Micro and click on the Settings button at the bottom of the main menu (looks like a small cog/wheel).
- Click on Exception List from the list on the side panel, and then select Programs/Folders.
- Add the following items.
- C:\Program Files (x86)\Malwarebytes' Anti-Malware
- C:\Windows\System 32\Drivers\mbam.sys
- C:\Windows\System 32\Drivers\mbamswissarmy.sys
[*]Once that is complete, click the apply button.
[*]Now click on websites and click the add button and then add the Malwarebytes update domain.
- data-cdn.mbamupdates.org
[*]Click the Apply button and then Restart the computer.
- C:\Program Files (x86)\Malwarebytes' Anti-Malware
Set Exclusions for Trend Micro in Malwarebytes' Anti-Malware:
- Open Malwarebytes' Anti-Malware and click on the Ignore List tab
- Click the Add button on the lower left
- In the small browse window that opens, navigate to C:\Program Files and click once on Trend Micro and click OK.
Note: For 64 bit Windows versions this will be C:\Program Files (x86) - Close Malwarebytes' Anti-Malware
Let me know if this helps to resolve the issue.
Thanks,
- Open Trend Micro and click on the Settings button at the bottom of the main menu (looks like a small cog/wheel).
-
I have had your paid service for a year and a half. Having used several, yours is by far the very best, to me anyway. Keep up the great work.
Thank you for the kind words! I am glad to hear that Malwarebytes Anti-Malware has been able to help keep your computer secure.
-
Happy Birthday Elise!!!!
Hope you have a great day with family and friends.
-
I'm not able to catch what you mean by "regardless of whether the location the file itself is in is contained in the Quick Scan or not". In any event you catch and remove it from memory, but how do you remove it from a folder that is excluded from the scan?
The Quick scan is enough to find and remove any infections on the system, as the quick scan targets where malware it seen installing itself. The Full Scan, scans everywhere on the system, and is also used to scan removable devices to search for any malware that could be present there.
While, I can see why you don't condone certain activities, flat out telling people you don't care if they are infected by something obtained from said method is certainly a bit bold and most likely would put a serious hurt on sales if you were market your product in that manner. I would expect your customers would expect your priority is to keep their computer safe from all malware no matter how it was obtained(I know I do). Obviously MBAM is only interested providing protection for how it thinks people should use a pc and thus fails to meet the needs for many user's in doing so. Certainly that is your choice, and thankfully user's like myself have other options. As well.. it's hard to recommend a product to other people that is lacking in basic functionality.Of course we care about how our users are infected, and that is why we are dedicated to helping create software to eradicate malware from systems, to keep our users safe. We are always striving to come up with the best ways to help remove the latest threats, and for that reason, we only concentrate on the malware that is a threat to our users, and that is why we do not go after what the antivirus vendors do. If we did, we would be able to spend less time on the really nasty malware that is currently out there today. We jump on the latest malware right away, and sometimes before any user has seen it in the wild. Therefore we protect our users from the latest threats, that most AVs will miss because they are tying to catch everything.
-
Hi jerrysec45,
Welcome to the Malwarebytes Forum
Have a look around, and I hope you enjoy your stay!
-
Should have been more explicit !
"Do not dwell on events that happened in the past, only concentrate on the present moment."
Thanks for posting, and please feel free to let me know of any similar posts on our Facebook page in the future.
-
I didn't see a need to do that, in as much as someone from MBAM, commented within the same post, and must have seen it also.
On the Facebook page? More than likely I did, and it was taken care of. I was referring to any post that I have not commented on already.
-
The exile loves cheesecake, especially with cherries
I love cheesecake also. By far, the best cheesecake I have had was a caramel apple cheesecake.
-
Happy Birthday Comprev!!!!!
Hope you have a great day, free from spammers, with family and friends.
-
as I get extremely "Pist" (sic) when I see comments on your own Facebook page of people who are doing it.
If you see any such posts on our Facebook page, please let me know by sending me a PM with the information.
Also if they post the illegal license key, I can go ahead and pass it on to get it blacklisted.
Thanks
-
Happy Birthday Maniac!!!!!
Hope you have a great day with family and friends.
-
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
-
Happy Birthday Mieke!!!!!!!!!!!
Hope you have a great day
Have a wonderful day you Jedi Mistress of malware removal
Virus Problem- random pop ups, slow running
in Resolved Malware Removal Logs
Posted
Glad to hear your computer is running better
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
Java™ 6 Update 26
Upgrading Java:
Please let me know if the update is successful.