Jump to content

Protection Module not loading - Flywelder


Recommended Posts

I was instructed by Julien Tortora  that Ron had moved on and up to the forum here, and I should contact him here to continue our quest to discover why malwarebytes will not fully  function on my computer.  Please help me find these individuals.

thank you

 

David

Link to post
Share on other sites

  • Root Admin

Hello David

 

Please try to follow the steps below.  I will be in and out over the weekend but will check back with you as soon as I can.

 

 

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
 

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.

Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02

Please download Malwarebytes Anti-Rootkit from HERE


  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt


STEP 03

Please download Junkware Removal Tool to your desktop.


  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 04

Please download AdwCleaner by Xplode to your desktop.


  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.


STEP 05

button_eos.gif

Please go here to run the online antivirus scannner from ESET.


  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

 

 

Link to post
Share on other sites

  • Root Admin

Hello David

 

Please try to follow the steps below.  I will be in and out over the weekend but will check back with you as soon as I can.

 

 

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
 

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.

Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02

Please download Malwarebytes Anti-Rootkit from HERE


  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt


STEP 03

Please download Junkware Removal Tool to your desktop.


  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 04

Please download AdwCleaner by Xplode to your desktop.


  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.


STEP 05

button_eos.gif

Please go here to run the online antivirus scannner from ESET.


  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

 

 

Link to post
Share on other sites

  • Root Admin

The log for MBAR should be a text file and should not be too large to upload. If it's too large then you're probably selecting the wrong file.

However looking at the protection log file it shows that the device is not ready which is a bit odd. Somehow I think it's trying to use the wrong device maybe.

Please run a new DDS scan and post back those logs

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

I don't mean to be difficult at all, and I'm a poor at explaning  myself, I admit it , and any body here in my town will tell you that much about me.  LoL

I'm not certain I understand your instructions exactly, but I think your saying I have to  reply here like  I am now...?

Here  are my posts that  I have been sending you:.... well it looks like  I'll have to  do that  tomarrow, as I don't know how to  get an email I sent you  posted here, so I'll have to  wait  and use the actual computer with the actual problem  and thus  all the scan  reports,  or logs which are on it  and not this computer.

When you see those, the dates on them  will show  that  I have  been answering with in the next day or two and not in a week like you say.

 

I wish we could give this a better , and more descriptive subject name  that better matched  the actual problem  my computer is experiencing,  rather than  the : looking for Juilen or Ron Lewis...   would that  be possible?

Link to post
Share on other sites

  • Root Admin

I've updated the Title.

 

Please ignore all the old emails and logs you currently have and let's run new logs and tools.   Please follow the directions here below as though we were starting out all new again and we'll see if that approach works better.

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 

 

 

Then run new DDS scans and post back the logs as attachments.

 

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment. 


    When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt


  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file


 

 

 

Next, Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 

 

Thanks

Link to post
Share on other sites

Ron  Thanks!
I have followed your instructions  and the results are  attached.  There is so much info to send you I hope it all fits here, other wise I'll  attempt to send  you several replies.  :)

ESET found 6 infections   see attached screen prints.
One of the scans found something called  ALWIL        But I couldn't find it.    again see the screen prints,  look for :  search results for ALWIL.    

Adware found some things, what I don't know. 
 I don't think mbar found anything, but I'm not certain.

I Still can not fully activate  malwarebytes.

 

Ron   I fiddled around and  got myself  here! huray!   But  this web site has told me  that some of the files are too large to send.  I was  however able to send them    going the route of replyng to  your email.. I hope that was ok, and you recieved them ok. 

mAYBE LATER TODAY THe site will allow me to attached more of the results so u can look them over.  ....I'll try.

  I want to thank you agian, for bearing with me threw this. Im a novice  at computers,  !  it must be frustrating at best!     however I am learning so much!  Im grateful! and it is all becasue of your efforts!  Thanks Ron!   I tip my hat to you!   :)

attach.txt 7-10-2013.txt

AdwCleanerR6.txt 7-10-2013.txt

AdwCleanerS3.txt 7-09-2013.txt

dds.txt 7-10-2013.txt

JRT.txt

JRT.txt 7-09-2013.txt

RKreport0_S_07092013_144151.txt

Link to post
Share on other sites

  • Root Admin

No I did not get any email from you.  As I said I'm no longer working on the Help Desk.
 
Please book mark this link so that you can find it easily.   For now please do the following.
 
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Thanks

Link to post
Share on other sites

I ran TDSS killer,  it found  seven threats , all medium.  I don't know what to do?   ..... shall I  have them quarentined  ; removed or ___?  

I tried  my damnest to copy the report and I hunted for a means to save the report,  thus I could post it here, and every time  I came up empty!  How the hell do I get a copy to you to look  over,  with out using a screen print!??

Link to post
Share on other sites

You had wrote  once that  you spotted several  programs have been crashing. I know that means the programs  iether will not start up or  stop working  once they are  up and working.     What  programs are crashing? 

what shall I do to correct these?

 I ran windows update and it is set to auto update, and has been  for months.  There is no icons in the tool bar  at the moment saying updates are available for this computer.

Link to post
Share on other sites

My wife and I  were just discussing this again. and  the issue of ' the emails'  that are sent  to me from malwarebytes site.  and  together we came upon the notion that  may help us to better understand  what is happening. 

So my wife  has the theory that  what is being sent to me is notifications that you, Ron,  have replied,   here at this forum.  thus it is not a email directly from you but a notification. ..

We would like  verification  from you Ron, if  we have finally solved this  mystery or not?

and if were right, please forgive our ignorance,  for we feel , extremley  ambareesed, especially I do.

I love my wife, she is such a doll and help to me!

 

Yet  we still wonder where are  the replies we send to that so called " notification " ending up at?.. for they are not coming back, undeliverable?

Link to post
Share on other sites

  • Root Admin

So my wife  has the theory that  what is being sent to me is notifications that you, Ron,  have replied,   here at this forum.  thus it is not a email directly from you but a notification. ..

We would like  verification  from you Ron, if  we have finally solved this  mystery or not?

Yes, the forum sends you an email every time I post back here on the forum. You do not and should not reply to that email. It is only a notification and any replies basically go in the trash.

Okay, stop with the logs. We don't need anymore logs at this point. I'll review what you have here and then reply to you again later today.

Thank you

Link to post
Share on other sites

Not to worry,  I have not waited long for your reply, as I knew you were  looking over the reports I sent you. so no need to appologize.    :)

 

Crazy idea I have:    Could the protection be activated and the problem lie  somewhere with  the check mark simply not  generating an image?..is there any  means to  verify the protection is truly acivated or not ? 

my meory is not what it once was, but  I think  this malwarebytes  was working fine last spring and summer 2012  with a check mark in each box.

 

Sorry to report that no we don't have the installation disc any more. I felt certain it was stored inside the tall part, I think that is called a tower?

But I only found  manuals for the computer and  the  other itemes  attached to this computer like the CD player and the wireless mouse; and the speakers  and  a  small plastic case with a lable  stating this word  :  DIMM 

 

David

Link to post
Share on other sites

  • Root Admin

Please save the attached zip file to your computer.

 

Then open the zip file and double click on the batch file inside and let it run and then reboot your computer.

 

Then run the following for me please.

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.


 

 

fixupdates.zip

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.