Malewarebytes Not Giving Me The Option To Update

[Slagathor]

Along with a few other problems that nothing has been able to touch so far, r.searchfun.in, no clue what it is, but mbam does block the site from loading......

 

I work swing shift, I can check this thread on my phone, but tomorrow I'll be on second shift till Friday..

 

(utorrent has been uninstalled...)

Addition.txt

FRST.txt

[Maniac]

Hello Slagathor! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

• Launch Malwarebytes' Anti-Malware
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
• Go to Scanner tab and select Threat Scan, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

[Slagathor]

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 4/29/2014

Scan Time: 9:52:44 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1007

Malware Database: v2014.04.30.02

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Slagathor

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 257235

Time Elapsed: 3 min, 40 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 7

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT.2.1, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT.2.1, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[Maniac]

Step 1

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 2

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Scan button. Wait until is finished.
• Click on Clean.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.

In your next reply, post the following log files:

• Junkware Removal Tool log
• AdwCleaner log

[Slagathor]

Sorry I didnt reply till now....

AdwCleanerS1.txt

JRT.txt

[Maniac]

Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

[Slagathor]

It's been running better, MB updates now, and havent gotten one of them redirects for a while now too....

 

Sorry about that:

 

# AdwCleaner v3.207 - Report created 05/05/2014 at 13:04:19

# Updated 05/05/2014 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Slagathor - ZIGGY

# Running from : C:\Users\Slagathor\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\weEbbsavvee

Folder Deleted : C:\Program Files (x86)\WinToFlash Suggestor

Folder Deleted : C:\Program Files (x86)\weEbbsavvee

Folder Deleted : C:\Users\Administrator\AppData\Local\torch

Folder Deleted : C:\Users\Guest\AppData\Local\torch

Folder Deleted : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf

Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghdhejnoljchilckeeagfdjkdhikbiee

Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghdhejnoljchilckeeagfdjkdhikbiee

Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp

Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp

Folder Deleted : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}

Key Deleted : HKCU\Software\RegisteredApplicationsEx

Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}

Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.7601.17514

 

 

-\\ Google Chrome v34.0.1847.131

 

[ File : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Extension] : acaoakiamfeidcmgooclgeleejkbaecf

Deleted [Extension] : iilknjknofbdhdghblchhoaikclbeckp

 

*************************

 

AdwCleaner[R0].txt - [2493 octets] - [08/03/2014 14:29:26]

AdwCleaner[R1].txt - [2553 octets] - [10/03/2014 11:03:09]

AdwCleaner[R2].txt - [3433 octets] - [05/05/2014 13:00:30]

AdwCleaner[s0].txt - [2641 octets] - [10/03/2014 11:03:48]

AdwCleaner[s1].txt - [3872 octets] - [05/05/2014 13:04:19]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [3932 octets] ##########

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Professional x64

Ran by Slagathor on Mon 05/05/2014 at 12:54:38.32

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 05/05/2014 at 12:58:38.13

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[Maniac]

Please update Malwarebytes' Anti-Malware and perform a new scan. Post it in your next reply.

[Slagathor]

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 5/6/2014

Scan Time: 7:54:43 AM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1007

Malware Database: v2014.05.06.04

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Slagathor

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 259945

Time Elapsed: 3 min, 56 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[Maniac]

Please scan your machine with ESET OnlineScan

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.

  ESET OnlineScan

• Click the button.
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

    Save it to your Desktop.

  • Double click on the to download the ESET Smart Installer. icon on your Desktop.
• Check "YES, I accept the Terms of Use."
• Click the Start button.
• Accept any security warnings from your browser.
• Under Scan Settings, check "Scan Archives" and "Remove found threats"
• Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click List Threats
• Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• Click the Back button.
• Click the Finish button.

[Slagathor]

C:\Users\All Users\InstallMate\{67F79B84-2A75-4724-A5CF-6257BC14B972}\Custom.dll Win32/InstalleRex.M potentially unwanted application

C:\Program Files (x86)\Litecoin\litecoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined

C:\Program Files (x86)\Litecoin\daemon\litecoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined

C:\Program Files (x86)\SWATH 1.9.8\SWATH.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined

C:\Program Files (x86)\SWATH 1.9.8\SwathReg.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined

C:\ProgramData\InstallMate\{67F79B84-2A75-4724-A5CF-6257BC14B972}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined

C:\Users\Slagathor\Documents\OffercastInstaller_AVR_U-0002-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-4025940775-695107249-3715929747-1000\$RQJ4R54.rar Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\bfgmine\bfgminer-3.5.7-win64\bfgminer-rpc.exe a variant of Win64/BitCoinMiner.R potentially unsafe application deleted - quarantined

D:\bfgmine\bfgminer-3.5.7-win64\bfgminer.exe a variant of Win64/BitCoinMiner.AC potentially unsafe application deleted - quarantined

D:\dloads\DTLite4481-0347.exe Win32/DownWare.L potentially unwanted application deleted - quarantined

D:\dloads\KeyFinderInstaller.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\dloads\litecoin-0.8.6.2-win32-setup.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined

D:\dloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\dloads\SWATH_v1_9_8.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined

D:\dloads\lite\bfgminer-3.5.7-win64.zip a variant of Win64/BitCoinMiner.AC potentially unsafe application deleted - quarantined

D:\dloads\New folder\GPUMeterVersion24.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\dloads\New folder\NetworkMeterVersion96.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\DriveKey\ubcd529.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantined

D:\guiminer\cgminer\cgminer-nogpu.exe a variant of Win32/BitCoinMiner.AF potentially unsafe application deleted - quarantined

[Maniac]

I recommend you to change all of your passwords and to be more careful what you download.

How are things now?

[Slagathor]

running good, and will do.....

[Maniac]

Good!

Last steps:

Step 1

• Download OTL to your desktop and run it.
• Click on CleanUp button.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

• Double click on AdwCleaner.exe to run the tool.
• Click on Uninstall
• Confirm with Yes

Step 3

Please uninstall ESET Online Scanner .

Step 4

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!