JetpackAngel

I got it fixed on my own. Yay for back-door work-arounds! Restarted my computer in safe mode, was able to update MBAM, ran a scan and it nabbed a few things. Restarted my computer again in normal mode, I still had the virus but this time I could grab yet another series of updates, and it finally got everything. I (and my friend who knows more about computers than I do and who walked me through the safe-mode) noticed that the virus created a folder for itself: C:\Documents and Settings\[my name]\Local Settings\Application Data\wvkgwsptn. There was only one .exe in that folder and until MBAM did its thing I was unable to delete that .exe (and I don't remember the name of it). But once MBAM ran again and got the virus, the folder remained but that .exe is gone. I just thought it was worth mentioning. And just for the records of the program developers, I'll go ahead and post the log file from the last time I ran MBAM. I have more from just today, but this was the one that got the virus, and I don't remember which ones are from full runs that didn't get the virus and which ones were from incomplete runs, which were times I started to scan but then stopped because the scan was going to take a couple of hours and I had to go somewhere. But I'll post the other logs relevant to this virus should I be asked to do so. Thank you for making such an awesome product! And I really wish I made enough money to purchase the full version because I feel really bad that I can't afford it. mbam_log_2010_04_26__22_35_39_.txt

Please forgive me if this counts as spamming, but I couldn't find the button to edit my last post. It's been too long since I've been on a phpBB forum, it seems. Apologies if this is annoying you guys. As for my own personal annoyances, this is the second time I've been nailed with the .exe-hijacking 'antivirus' bug (first time: http://forums.malwarebytes.org/index.php?s...mp;#entry205155 ) and Malwarebytes cleaned it up last time, but now I'm not getting rid of it no matter how many times I scan every drive I've got with MBAM and I get that error code every time I try to update my MBAM. My network connections are weird, in that my Firefox is working fine but every other program that connects to the internet (Yahoo Messenger, for example) doesn't seem to be working. I would post a log but the stupid virus has locked up my Notepad and I don't remember how to get around it. Do I need to download the MBAM installer again and run it as MBAM.com? Please help me get my computer back!

Remember me? Last time I was here: http://forums.malwarebytes.org/index.php?s...mp;#entry205155 I've got the same bug again, and I've run Malwarebytes twice but it's still not getting the infection. And every time I try to update my Malwarebytes I get a dialogue box that says: "Error code: 732 (0,0)"

It's so quiet. No pop-ups for this 'antivirus' virus or porn, no constant barrage of urgent dialogue boxes, no error messages whenever I try to open something... You people are now my heroes. Seriously. A thousand blessings upon your homes and your hard drives. May your servers never lag and your firewalls never fail. And if Wal-Mart paid better then I would so buy the full version of MalwareBytes, in a heartbeat. You guys rock. One logfile as requested! mbam_log_2010_02_24__05_15_40_.txt

Never uninstalled the .exe, which was probably the reason it freaked out. *facepalm* But that may be irrelevant now! New thread as requested: http://forums.malwarebytes.org/index.php?showtopic=41300

New thread as requested. Old one is here, and ongoing details will be posted here. Already had MalwareBytes installed on my computer. Decided to try making a copy of the installer and naming it mbam-setup.com as this thread instructed (link courtesy of Miekiemoes). Mbam-setup.com was installing just fine until I got a "DeleteFile failed: code 5. Access denied" dialogue box concerning mbam.dll, and it asked for Abort, Retry, Ignore. I posted this update and in the meantime decided that just for giggles, I'd go ahead and scan with the updated mbam.exe and see if it got anything. It did! I've got an infected Memory File (under Other, says 1832), two regular Files, and two Registry Values (under Other, says value: prbuhvpv) flagged as Trojan.FakeAlert, and two Registry Keys flagged as Trojan.Fraudpack. So, I remove the infected items? Save logfile, show logfile? And should I just hit Abort and then Cancel on the mbam.com setup still on my taskbar?

Okay, problem. I got my MalwareBytes to download the updates. Decided that if the .exe was hijacked then I should run it with the .com, so I made a copy of mbam-setup.exe and copied it to the desktop and renamed it mbam-setup.com like the thread said, but when it was installing I got a "DeleteFile failed; code 5. Access denied." It had a problem with mbam.dll and is asking Abort, Retry, Ignore. Your educated guess before I proceed?

ComboFix and Avast, I'll add that to my list of stuff to download. I'm going to have so many anti-virus programs when this is over... which I suppose isn't a bad thing.

Okay, I'll have to try this on my next reboot. Apparently I got a little too creative on this go-around trying to put the anti-virus program launchers in my Startup menu to save time (Windows XP), and I've lost my Windows Explorer so when I do reboot, it'll have to be a hard one. Hopefully I'll have enough time for Malbytes to download the updates before the frakking [insert expletive here] kicks in. I bookmarked the thread you linked me to, as well as this one. Fingers crossed!

I'm not sure if this qualifies as a false positive but I don't know what else to do, since my only other option is to pay GeekSquad $150 USD to help. I'm under attack by what has to be the most aggressive anti-virus advertisement known to mankind, and in addition to constant "Your computer is under attack / Windows security says you're infected / You need better virus protection! / Would you like to run this anti-virus?" dialogue boxes (and ads for Viagra and porn in Internet Explorer), it locks out my programs so that trying to open anything does nothing but bring up a "Cannot open program.exe, it is infected. Would you like to run your anti-virus software now?" and it insta-kills the program. I can't even open freaking NOTEPAD (and thus, I can't post a log file like this forum wants me to, sorry). I do have the option for a 'free thirty-day trial' of this so-called 'essential' antivirus, but I figure that giving them my credit card number just to try to get it and then kill it that way would just be shooting myself in the foot. I'm only online because of my always-connected cable, and because I figured out that this virus is a program all its own, in that it takes time to get itself running whenever I turn on my computer, so that leaves me a small window of time to open Firefox and try to run various, TRUSTED antivirus and anti-malware programs. Last time I restarted, I managed to re-download MalBytes and a few other free virus scanners that I saw recommended on popular online forums, but at this point the virus has locked down the launchers so I'll have to try those on my next reboot. I did manage to run Malbytes; I couldn't download any updates but I re-downloaded the whole program from the site. After scanning my computer for an hour and a half, it didn't detect anything infected, and I've lost count of how many virus-prompted dialogue boxes I've killed in the meantime. One would think that would qualify as a false positive, since Malbytes falsely reported my computer to be virus- and/or malware-free. I figured, if there's anybody who could help me kill this thing WITHOUT a system restore or reformatting my computer (I would lose everything, including the latest version of my manuscript as well as numerous other projects I've been working on), it would be the people who hang out on an anti-malware forum. So... can you help me?