Jump to content

malwarebytes won't install - am I infected?

ballgj

By ballgj
in Resolved Malware Removal Logs

 Share

Recommended Posts

ballgj

ballgj

Posted
  • Author
Posted

thanks for all your help! it's made a big difference, just realising the tdx.sys was a problem and getting it sorted to get the dhcp up again is great. hopefully we can locate whatever is behind the installation problems on the malware. thanks again. I've checked the scheduler now and it is doing restores once a day and reg backup every 10.

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK so connection is back up, can you run RogueKiller?

Let me know what error messages you get now.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

See if ComboFix will run:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites
ballgj

ballgj

Posted
  • Author
Posted

Ok, so RogueKiller doesn't work still. I run as administrator and allow it access but nothing happens after that. It doesn't start.

I'll have a go with ComboFix.

It looks like the DHCP now has to be started manually each time I reboot, even though it is set to start automatically. So there is still something amiss with that.

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Try it like this......

Delete your copy of ComboFix. Grab a fresh copy and save it to your Desktop, but do not run it yet.

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Click Start --> Run, and enter this command exactly as shown: (copy and paste)

"%userprofile%\desktop\combofix.exe" /nombr

See if it will run successfully now.

~~~~~~~~~~~~~~~~~~~~

See if you can get MBAR to run also. MrC

Link to post
Share on other sites
ballgj

ballgj

Posted
  • Author
Posted

rkill run successfully, but still the same problem with ComboFix hanging MBAR giving the "Entry Point Not Found" error.

Here is the rkill report:

kill 2.4.5 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/13/2012 02:22:40 PM in x86 mode.

Windows Version: Windows 7 Enterprise Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\DRIVERS\o2flash.exe (PID: 336) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/13/2012 02:22:58 PM

Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.