Jump to content

Malewarebytes Not Giving Me The Option To Update


Recommended Posts

Hello Slagathor! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Threat Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 4/29/2014

Scan Time: 9:52:44 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1007

Malware Database: v2014.04.30.02

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Slagathor

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 257235

Time Elapsed: 3 min, 40 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 7

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT.2.1, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT.2.1, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], 

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
Link to post
Share on other sites

It's been running better, MB updates now, and havent gotten one of them redirects for a while now too....

 

Sorry about that:

 

# AdwCleaner v3.207 - Report created 05/05/2014 at 13:04:19
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Slagathor - ZIGGY
# Running from : C:\Users\Slagathor\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\weEbbsavvee
Folder Deleted : C:\Program Files (x86)\WinToFlash Suggestor
Folder Deleted : C:\Program Files (x86)\weEbbsavvee
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghdhejnoljchilckeeagfdjkdhikbiee
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghdhejnoljchilckeeagfdjkdhikbiee
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp
Folder Deleted : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : acaoakiamfeidcmgooclgeleejkbaecf
Deleted [Extension] : iilknjknofbdhdghblchhoaikclbeckp
 
*************************
 
AdwCleaner[R0].txt - [2493 octets] - [08/03/2014 14:29:26]
AdwCleaner[R1].txt - [2553 octets] - [10/03/2014 11:03:09]
AdwCleaner[R2].txt - [3433 octets] - [05/05/2014 13:00:30]
AdwCleaner[s0].txt - [2641 octets] - [10/03/2014 11:03:48]
AdwCleaner[s1].txt - [3872 octets] - [05/05/2014 13:04:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [3932 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Slagathor on Mon 05/05/2014 at 12:54:38.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/05/2014 at 12:58:38.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 5/6/2014

Scan Time: 7:54:43 AM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1007

Malware Database: v2014.05.06.04

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Slagathor

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 259945

Time Elapsed: 3 min, 56 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

C:\Users\All Users\InstallMate\{67F79B84-2A75-4724-A5CF-6257BC14B972}\Custom.dll Win32/InstalleRex.M potentially unwanted application

C:\Program Files (x86)\Litecoin\litecoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined

C:\Program Files (x86)\Litecoin\daemon\litecoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined

C:\Program Files (x86)\SWATH 1.9.8\SWATH.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined

C:\Program Files (x86)\SWATH 1.9.8\SwathReg.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined

C:\ProgramData\InstallMate\{67F79B84-2A75-4724-A5CF-6257BC14B972}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined

C:\Users\Slagathor\Documents\OffercastInstaller_AVR_U-0002-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-4025940775-695107249-3715929747-1000\$RQJ4R54.rar Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\bfgmine\bfgminer-3.5.7-win64\bfgminer-rpc.exe a variant of Win64/BitCoinMiner.R potentially unsafe application deleted - quarantined

D:\bfgmine\bfgminer-3.5.7-win64\bfgminer.exe a variant of Win64/BitCoinMiner.AC potentially unsafe application deleted - quarantined

D:\dloads\DTLite4481-0347.exe Win32/DownWare.L potentially unwanted application deleted - quarantined

D:\dloads\KeyFinderInstaller.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\dloads\litecoin-0.8.6.2-win32-setup.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined

D:\dloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\dloads\SWATH_v1_9_8.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined

D:\dloads\lite\bfgminer-3.5.7-win64.zip a variant of Win64/BitCoinMiner.AC potentially unsafe application deleted - quarantined

D:\dloads\New folder\GPUMeterVersion24.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\dloads\New folder\NetworkMeterVersion96.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\DriveKey\ubcd529.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantined

D:\guiminer\cgminer\cgminer-nogpu.exe a variant of Win32/BitCoinMiner.AF potentially unsafe application deleted - quarantined

Link to post
Share on other sites

Good! :)

Last steps:

Step 1

  • Download OTL to your desktop and run it.
  • Click on CleanUp button.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please uninstall ESET Online Scanner .

Step 4

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.