mrjohncougar

THANKS, MUCH. I will deleate it asap. You might want to go up to these sites andsee if infact are they in violation of the license.

I was on the superantispyware forum reading about how now there portable has to be installed so it's not really a portable. Any way the last post said that there was a malwarebytes portable at "portableAppz.com". They wanted me to sign up so I found it in two other places to download it at.One was "filestube" and i downloaded it but DIDN'T run it at "mediafinder.com". Is there no such thing? After downloading it and seeing that if i right click it says company media finder, product name bootstrap, and product version 1.0. If it's a scam I want other people to know too. You can find these sites by just google download malwarebytes portable. Thanks

the scan is better and that's because my computer must be faster. porgrams are faster so thanks everyone. One problem i have to look at is when MAB ends a full scan it freezes. Only twice I'm watching it again much thanks all forums even though they should be are not hat nice. this one was a joy. love your product and i talk it up.

Ok I'm going to wait till my computer has been running for a while and that do a full scan. if malwarebytes scans as fast as it was yesterday I guess we close this down? I don't know, how could it fix itself? be back either with logs because the scan is so slow or because it better.

Look something has changed for the moment, i do not want to load the logs yet because all of a sudden the scan is faster. I haven't changed anything and don't believe it just fixed it self. Don't close this i will not let this just sit but i don't understand this and it might go right back to slow scanning to i will stay in touch. This is strange.I'm not convinced. Voodoo?

I did run check disk for a differnet reason and ran the other scn to look for bad sectors, both ok. Also ran dell diagnostic this one is different looks at your memory and prosssor again ok. i did that because the computer is slow and although i have a number of things installed it seems to make zero differnece. I will uninstall anyting that really slows me down. OH ok logs. The logs didn't attach because i'm a dimwit. OTL.Txt Extras.Txt

looking at the logs i know that we are in a malwarebytes forum but I have posted in two forums trying to stop sidebyside errors just so you know ilook alot in the event log. Yea it has nothing to do with this. Sorry

Ok nowI may look like a jerk but I installed spuerantispyware after the reinstaltion of malwarebytes and google chrome today. I am only using superantisyware as a scanner not real time protection, but that was just alittle while ago Bored? Thanks for staying with it. Here are your logs

ok did it did everything as written, started scan with ariva guard off and same thing. I have no issues with the quick scan. Thats fine but the full scan is horrible unless i go in the safe mode. i've never had this problem with malwaebytes and as far as i am concerned it is my most important malwaye product.It'as a big concern. I ave a dell vistro not even two yera old and 4gbs of memory. No junk on the desktop. Any other ideas? Thanks for hanging in with me.

Boy it sounded so good. I was like well maybe something has changed in ariva so I did just what you wrote to the letter and then did a malwarebytes scan and nothing has changed. It makes sense that something is slowing malwarbytes down because I did a scan in the safe mode after i posted and it was fast as ever. This just didn't work. I even shut the guard off during the scan after it didn't work.

First of all two things. I just got my computer back from repair,I'm not infected and I have installed, uninstalled and reinstalled malwarebytes with the same problem. I was going to by the full version so i downloaded the trial. I could not do a full scan, for it was very so once the scan hit the part of software/distibution/download/ it slowed down to a crawl. I uninstalled and reinstalled with no luck. So i deleted the trial hoping that was it but still it was still the same. If I go into the safe mode the scan is much better. I have ariva antivirus free,the portble superantispyware so nothing is installed and that's it on virus and spyware. I have 4gbs of ram and I have the same computer with the same antivirus that I've had for over two years. Ideas? It slows to a crawl in the full scan. The quick is not that bad. The version that I'm using is 1.51.0.1200. I tried an older versions no difference.By the time it gets to the end it almost doesn't finish. I need this working. i have been using the prouct for over four years and i think it's fantastic.However not like this.

I got blasted two days ago. I was hit with the rogue antispyware soft virus and many many trogans going to the syfy web sit. I I rebooted and ran malwarebytes in the safe mode asap and it found almost over twenty nasties. I rebooted and in about five minutes my computer froze and keep beeping. I had to push the power button to reboot. I ran the scan again and it found more. I did a hijack log and it was clean. I looked in the registry and places where this virus should be and I could not find anything. After running my virus scan which found more, running a2squared and then rerunning malwarebytes theyall kept findind more things. The computer kept freezing and acting like it was infected. Now finally the scans are clean after trying many things. I still have the freezing problem I was going to post on 5 star forum and downloaded all there thiings when i got over whelmed. I didn't thiink of this forum until today. Here's my hijack log. It's a start. Oh and why when in quarentine I have over twenty five items, 5 trogan droppers, 6 troganfraud pak ect but the logs only show five and seven things that were quarantined. Logfile of HijackThis v1.99.1 Scan saved at 2:38:53 PM, on 5/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17023) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe The extra junk is from downloading the antimalware items needed to post on 5 star forum. Malwarebytwes by the wauy is THE BEST no complaints

Look I've been out of work ill for over two years, I have no life. The computer, tv and some video games are all I do. I have ups and downs. After i wrote the reply I knew that it was the wrong thing to do. I am very sorry and just wanted a answer. I overreacted and because of the poor support webroot is giving me mybe that had something to do with it. I own a-squared, malwarebytes and some other software. Maywarebytes has saved me many time i can't tell you how strong I think of the product. Again I"M very sorry

How hard is this? All i asked was what is a ROGUE INSTALLER?? I am not infected. I did a hijackthis log clean, rescanned with superantispyware, then ran today a a-squared antimalware scan. I am not infected, If I was I would post. I guess I'll never know

Only the second time i posted hers so that's why there is a quote reply. I just read my post again and, Did I come off sounding rude? If I did I didn't mean to, I suck a posting and asking questions, as the post says i love the product and am just looking to find out what a rogue installer is. THANKS

Hi I just have a question on a malwarebytes scan that I ran yesterday. I just want to know what was found. I first ran a scan with my antivir anti virus and it came up clean. I happen to really like this program so when malwarebytes came up with five detections I was a little shocked. However i felt there was something there like a Trojan from a attack a while back. So three hours later I ran a malwarebytes full scan and this came up. It detected five ROGUE.INSTALLERS? To me when I see rogue I think rogure spyware. There are manykinds of rogue spyware, but I googled this and came up with nothing so can you tell me what malwarebytes found? Rogue spyware or some kind of malware? THANKS ALOT, PS the program has been terriffic, I very happy. THANKS ALOT!! Malwarebytes' Anti-Malware 1.32 Database version: 1653 Windows 5.1.2600 Service Pack 2 1/14/2009 8:22:05 PM mbam-log-2009-01-14 (20-22-05).txt Scan type: Full Scan (C:\|) Objects scanned: 150911 Time elapsed: 35 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 5 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP294\A0025071.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP308\A0025296.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP322\A0025587.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP324\A0025750.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP338\A0026181.exe (Rogue.Installer) -> Quarantined and deleted successfully.

I was sure that the infections were gone because i ran a hijack this log before the scan and after. I have mixed emotions, malwarebytes was terrific however the number one or two rated spy ware missed every Trojan and just came up with ad ware. I feel now that I have to really watch what i click on. I use the sites that i got attacked on,but i should have known that when I clicked on links to look at other stories spy sweeper kept coming up saying danger. They were sitting on the links ready. I also have to say that there are web reviews on products all over the web and i got upset reading a poor review on malwarebytes, being at the bottom of thirty products alot are so bad they aren't even rated in most reviews. I won't put a link in because it will create anger. This is a very good product and you support it better than most, that's all that i can ask for. I keep thinking about spyware blaster and I think it would be a pain, because i have multi browsers and spyware. KEEP UP THE GOOD WORK, THANKS

Ok I'm going to try and do this, I'm have horrible headaches and I stink at posting. Last Wednesday i was on a site called Yeeeah.com clicked on a link to see something and spy sweeper said i was screwed. This is not porn not even close,I thought i was protected and was being smart as to where i went, I was wrong. Spy sweeper came up and then i saw av2009 asking to download. I got to the desktop and ran a spy sweeper scan and a hijack log. hijack log showed six problems however spy sweeper only found one piece of adware, one piece I own it so i'm stuck. I then ran a malwarebytes scan. Here's my question, I ran a scan and the software showed 24 detections, the log file showed 27 detections and in quarantine there is only 17 detections. Quarantine shows 7 files, five registry keys, and five registry values. the log which i'm posting adds 5 memory modules and 5 registry data items? Why are the totals as to what was deteted and quarantined so different? By the way malwarebytes got everything, I ran another hijack log and was clean, also ran a superantispyware scan. I'm very happy about malwarebytes ticked off about spy sweeper. Thanks alot. Malwarebytes' Anti-Malware 1.30 Database version: 1455 Windows 5.1.2600 Service Pack 2 12/3/2008 7:30:09 PM mbam-log-2008-12-03 (19-30-09).txt Scan type: Full Scan (C:\|) Objects scanned: 139913 Time elapsed: 34 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 5 Registry Keys Infected: 5 Registry Values Infected: 5 Registry Data Items Infected: 5 Folders Infected: 0 Files Infected: 7 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\miziwiva.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\nunayeta.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\disovibu.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\gafuyowo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\puyipufo.dll (Trojan.Vundo) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f0b2395-f536-4091-ad70-6d4ff4085b69} (Trojan.BHO.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1f0b2395-f536-4091-ad70-6d4ff4085b69} (Trojan.BHO.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f0b2395-f536-4091-ad70-6d4ff4085b69} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d4dc18b5 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rekumoboto (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmd7ef2b29 (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: c:\windows\system32\gafuyowo.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: system32\gafuyowo.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: c:\windows\system32\puyipufo.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\puyipufo.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: system32\puyipufo.dll -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\miziwiva.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\aviwizim.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\disovibu.dll (Trojan.BHO.H) -> Delete on reboot. C:\WINDOWS\system32\nunayeta.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\gafuyowo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\puyipufo.dll (Trojan.Vundo) -> Delete on reboot. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2XCDIHAD\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully. PEACE