Jump to content

MalwareBytes won't run


Recommended Posts

I have tried to run MalwareBytes but with no results. I have downloaded the installer several times following the various suggestions in the FAQs, all to no avail.

The download and install are no problem and the programme starts OK but as soon as I try to run a scan, either full scan or quick scan, the operation only lasts about 20 secs and the programme terminates with no message.

I have run it in Safe Mode and it's OK there so there must be something loaded in my 'normal' setup which is interfering with Malware Bytes - help.

I have attached the two files per instruction - DDS.txt and Attach.txt. I hope these are of assistance.

thank you in anticipation

Bemuksee

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Brian at 20:49:01 on 2012-01-09

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2038.767 [GMT 0:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Mamutu\a2service.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Windows SteadyState\SCTSvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Users\Brian\AppData\Local\CrossLoop\CrossLoopService.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Macrium\Reflect\ReflectService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\StkASv2K.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Mamutu\mamutu.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Logitech\Logitech Vid\Vid.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Shrink Pic\shrink_pic.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bbc.co.uk/news

uDefault_Page_URL = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

mURLSearchHooks: H - No File

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.23\AVG Secure Search_toolbar.dll

BHO: {99079a25-328f-4bd4-be04-00955acaa0a7} - No File

BHO: SearchCore for Browsers: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\search~1\search~1\BROWSE~1.DLL

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Bar World Toolbar Powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Bar World Toolbar Powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.23\AVG Secure Search_toolbar.dll

TB: {99079a25-328f-4bd4-be04-00955acaa0a7} - No File

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Logitech Vid] "c:\program files\logitech\logitech vid\Vid.exe" -bootmode

uRun: [<NO NAME>]

uRun: [downloadhq] "c:\program files\downloadhq\downloadhq.exe" -h

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [Power2GoExpress]

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [<NO NAME>]

mRun: [updateP2GShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0"

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide

mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [Mamutu Guard] "c:\program files\mamutu\mamutu.exe" /silent

mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [DATAMNGR] c:\progra~1\search~1\search~1\DATAMN~1.EXE

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\brian\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\brian\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\brian\appdata\roaming\micros~1\windows\startm~1\programs\startup\passwo~1.lnk - i:\pw\password safe\pwsafe.exe

StartupFolder: c:\users\brian\appdata\roaming\micros~1\windows\startm~1\programs\startup\shrink~1.lnk - c:\program files\shrink pic\shrink_pic.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: EnableInstallerDetection = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableVirtualization = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: HideFastUserSwitching = 1 (0x1)

mPolicies-system: EnableLinkedConnections = 1 (0x1)

mPolicies-system: SoftwareSASGeneration = 3 (0x3)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL

LSP: c:\windows\system32\wpclsp.dll

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://homebase.2020.net/Core/Player/2020PlayerAX_Win32.cab

DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} - hxxp://bq.kp.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{35A748FB-5AD9-4D81-B75B-B65BB6F962DD} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{D1529832-52D5-4562-A2CC-55318FDA8D2E} : DhcpNameServer = 172.10.0.1

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\search~1\search~1\datamngr.dll c:\progra~1\search~1\search~1\IEBHO.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]

R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2011-1-17 16024]

R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2011-4-17 752128]

R1 a2injectiondriver;a2injectiondriver;c:\program files\mamutu\a2dix86.sys [2011-4-29 34768]

R1 a2util;a-squared Malware-IDS utility driver;c:\program files\mamutu\a2util32.sys [2011-4-29 11776]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]

R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2011-11-24 25680]

R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2011-4-17 3246040]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 CrossLoopService;CrossLoop Service;c:\users\brian\appdata\local\crossloop\CrossLoopService.exe [2011-7-17 563216]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 Mamutu;Mamutu Service;c:\program files\mamutu\a2service.exe [2011-4-29 2978720]

R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\macrium\reflect\ReflectService.exe [2011-1-17 220824]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-3-9 92592]

R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe [2011-12-7 855904]

R2 Windows SteadyState;Windows SteadyState Service;c:\program files\windows steadystate\SCTSvc.exe [2008-5-30 115728]

R3 a2acc;a2acc;c:\program files\mamutu\a2accx86.sys [2011-4-29 51632]

R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2011-4-17 167968]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-9 40776]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-22 136176]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-10-20 1025352]

S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-12-11 14216]

S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-12-11 8456]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-22 136176]

S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]

S3 tvnserver;TightVNC Server;c:\users\brian\appdata\local\crossloop\tvnserver.exe [2011-7-17 814080]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-5-28 25704]

S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-5-28 25704]

S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-5-28 25704]

S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-5-28 25704]

S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2011-5-28 25704]

.

=============== Created Last 30 ================

.

2012-01-09 20:46:51 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-09 20:46:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-01-09 16:51:16 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-01-03 01:24:59 -------- d-----w- c:\program files\Windows Searchqu Toolbar

2012-01-03 01:23:42 -------- d-----w- c:\program files\SearchCore for Browsers

2012-01-03 01:23:28 15360 ----a-w- c:\windows\system32\inetfr.DLL

2012-01-03 01:23:28 115920 ----a-w- c:\windows\system32\msinet.OCX

2012-01-03 01:23:28 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL

2012-01-03 01:23:27 119568 ----a-w- c:\windows\system32\VB6FR.DLL

2012-01-03 01:23:26 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL

2012-01-03 01:23:25 484352 ----a-w- c:\windows\system32\lame_enc.dll

2012-01-03 01:23:25 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL

2012-01-03 01:23:25 -------- d-----w- c:\users\brian\appdata\roaming\FreeBurner

2012-01-03 01:23:25 -------- d-----w- c:\program files\Free Easy CD DVD Burner

2011-12-24 16:12:24 -------- d-----w- c:\program files\iPod

2011-12-24 16:12:21 -------- d-----w- c:\program files\iTunes

2011-12-18 00:50:58 -------- d-----w- c:\programdata\Microsoft Help-old

2011-12-18 00:35:35 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2011-12-14 04:39:34 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 04:39:33 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-14 04:39:30 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 04:39:29 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 04:39:26 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-12-14 04:39:20 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 04:39:13 2048 ----a-w- c:\windows\system32\tzres.dll

.

==================== Find3M ====================

.

2011-11-24 12:50:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-24 11:52:33 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-11-04 14:42:10 272208 ----a-w- c:\windows\system32\WPPFilt.dll

2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-24 14:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 14:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

============= FINISH: 20:51:44.67 ===============

Attach.txt

DDS.txt

Link to post
Share on other sites

:welcome:

Have you tried this?

Set Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 in Windows Vista and Windows 7:

1.Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident Shield

2.Click on Tools at the top and select Advanced settings...

3.Click on Excluded Items under Resident Shield

4.Click on the Add Path button on the right

5.Click on the + next to Computer in the Browse For Folder window

6.Click on the + next to your system drive (usually C:)

7.Click on the + next to Program Files Note: This should be Program Files (x86) for 64 bit Windows versions.

8.Click once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OK

9.Click on the Add Path button on the right

10.Click on the + next to Computer in the Browse For Folder window

11.Click on the + next to your system drive (usually C:)

12.Click on the + next to ProgramData

13.Click once on the Malwarebytes folder so that it is highlighted and click on OK

14.Click on the Add File button on the right and click on Computer on the left

15.Double-click on your system drive (usually C:)

16.Double-click on Windows

17.Scroll to the right until you find the System32 folder and double-click on it

18.Double-click on the drivers folder

19.Scroll to the right until you find mbam.sys and double-click on it

20.Click on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on it Note: This will be C:\Windows\SysWOW64\drivers for 64 bit Windows versions.

21.Click on the Apply button at the bottom of the program window and then click on OK

22.Close the AVG window

Link to post
Share on other sites

Thank you Larry for your response and please accept my apologies for the delay in getting back to you.

I carried out your suggestion adding MalwareBytes to the AVG exclusions. After re-booting there was no change - load the programme, start a quick scan and it runs for a few seconds and disappears from the screen.

Bemuksee

:welcome:

Have you tried this?

Set Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 in Windows Vista and Windows 7:

1.Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident Shield

2.Click on Tools at the top and select Advanced settings...

3.Click on Excluded Items under Resident Shield

4.Click on the Add Path button on the right

5.Click on the + next to Computer in the Browse For Folder window

6.Click on the + next to your system drive (usually C:)

7.Click on the + next to Program Files Note: This should be Program Files (x86) for 64 bit Windows versions.

8.Click once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OK

9.Click on the Add Path button on the right

10.Click on the + next to Computer in the Browse For Folder window

11.Click on the + next to your system drive (usually C:)

12.Click on the + next to ProgramData

13.Click once on the Malwarebytes folder so that it is highlighted and click on OK

14.Click on the Add File button on the right and click on Computer on the left

15.Double-click on your system drive (usually C:)

16.Double-click on Windows

17.Scroll to the right until you find the System32 folder and double-click on it

18.Double-click on the drivers folder

19.Scroll to the right until you find mbam.sys and double-click on it

20.Click on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on it Note: This will be C:\Windows\SysWOW64\drivers for 64 bit Windows versions.

21.Click on the Apply button at the bottom of the program window and then click on OK

22.Close the AVG window

Link to post
Share on other sites

Again thank you for your efforts to help.

After running the batch file and zipping the created folder, I am unable to send it as it is 22Mb in size and the limit would appear to be 10Mb of which I have already used 35.69K.

Are there any files/folders within 'MBAM FILES' that would be of more significance than others? I could zip them as long as they are less than 10Mb

Bemuksee

Link to post
Share on other sites

Have you ever used Rapidshare or Megaupload?

No I haven't. Are they similar to Dropbox?

If you want me to download and install, perhaps you could give me a couple of hints on how to go about getting the files/folders to you.

It is now after 2:00am here so I'm afraid I will have to get to bed, but I will check in the morning for your advice / suggestions

again - thank you.

Bemuksee

Link to post
Share on other sites

Thanks for the update info for the new limit for attachments. Unfortunately the 20MB is still less than the zipped folder size of 22.6MB (Max compression).

Having looked at the folder contents the only files I could comfortably delete would be the languages other than English.

I have attached a.pdf file with screenshots of all of the contents in the various subfolders under 'MBAM Files'. If you could indicate which of these I could delete without intergfering with your process I could then zip up the remainder and send it. (the end size would now be around 18MB)

Sorry this is a bit protracted.

Bemuksee

Link to post
Share on other sites

Thank YOU.

Now lets see if we can get MBAM to run

Go to: C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

Open the first file (Chameleon)

Run the test by clicking Test Now on MBAM-Chameleon.exe

This will try to install and run MBAM

If that one doesn't work, try the next one: MBAM-Chameleon.com

Link to post
Share on other sites

My apologies once again. I replied in error to the notification e-mail I received with your latest advice, instead of to the forum topic.

here is the message in it's correct place:

SUCCESS - thank you.

I couldn't follow your advice exactly but here is what I did based on that advice.

I followed the path to the 'chameleon' folder, double clicked on 'mbam-chameleon.exe' which ran through its routine updating the database and finally showing "killing known malicious processes".

When it finished I loaded mbam.exe. When it started I was surprised to get a message 'The Malwarebytes anti-malware database is missing or corrupt..........' it then asked if I wanted to download a new copy. I did and when that was finished it had the updated version replacing a 000.000.0.0 version confirming the earlier '...missing or corrupt....' message.

I then elected to do a quick scan and that is what it did taking approx 45mins.

I am now in process of a full scan.

Apologies if this reply is a bit lengthy but hopefully it helps anyone with a similar problem and certainly you are entitled to the result after all your expert help.

again thank you.

Bemuksee

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.