Malwarebytes not responding, so I think I am infected

[standbyhelp]

Sorry for the slow reply, was busy with school.

 

But I'm free now.

 

Everytime I run FRST tools, I get a "not responding" on the program.... help?

[standbyhelp]

Hello disregard the previous message.

 

THe program  TFC by OldTimer to clear temporary files...gets the "not responding

[standbyhelp]

Computer is looking worser! HELP! ((((

[standbyhelp]

Rkill 2.6.2 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 11/24/2013 07:51:54 PM in x86 mode.

Windows Version: Windows Vista Home Premium 

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * C:\Users\john\AppData\Roaming\SearchProtect\bin\cltmng.exe (PID: 3888) [Win32/Conduit.SearchProtect.B]

 * C:\Users\john\AppData\Local\Temp\is-KJAKI.tmp\SystweakASP.tmp (PID: 4384) [uP-HEUR]

 * C:\Users\john\AppData\Local\Temp\is-KJAKI.tmp\SystweakASP.tmp (PID: 4384) [T-HEUR]

 

3 proccesses terminated!

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * Windows Defender Disabled

 

   [HKLM\SOFTWARE\Microsoft\Windows Defender]

   "DisableAntiSpyware" = dword:00000001

 

Checking Windows Service Integrity: 

 

 * Windows Defender (WinDefend) is not Running.

   Startup Type set to: Automatic

 

Searching for Missing Digital Signatures: 

 

 * No issues found.

 

Checking HOSTS File: 

 

 * HOSTS file entries found: 

 

  127.0.0.1       localhost

  ::1             localhost

 

Program finished at: 11/24/2013 07:56:17 PM

Execution time: 0 hours(s), 4 minute(s), and 23 seconds(s)

[standbyhelp]

STEP 2 ROGUE KILLER

 

RogueKiller V8.7.8 [Nov 14 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

 

Operating System : Windows Vista (6.0.6000 ) 32 bits version

Started in : Normal mode

User : john [Admin rights]

Mode : Scan -- Date : 11/24/2013 20:13:01

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 6 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : SearchProtect (C:\Users\john\AppData\Roaming\SearchProtect\bin\cltmng.exe [7]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-1894444278-134484019-2663054245-1000\[...]\Run : SearchProtect (C:\Users\john\AppData\Roaming\SearchProtect\bin\cltmng.exe [7]) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 4 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [LOADED] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

127.0.0.1       localhost

::1             localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST31000524AS ATA Device +++++

--- User ---

[MBR] 3ddbe85d0a7fbd26cdb06e08e32a351e

[bSP] 7a0cce8cc80a1dd69525c9374336f89c : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_11242013_201301.txt >>

RKreport[0]_S_11132013_190103.txt

[AdvancedSetup]

Sorry for the delay but I was out on vacation.  If you still need help with this please let me know.

 

Thanks

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!