Jump to content

Malware bytes won't open, I used farbar to help.


Recommended Posts

Okay, so this is what happens, I wake up my computer ( from sleep mode ) and then I go on YouTube using Google Chrome and then when I clicked on a video, a few seconds later my screen spaz's out and all these random colors show up, then I think It restarted, or went black and went "normal" I immediately go to malwarebytes, BUT It wouldn't open. I tried NUMEROUS things such as Safe mode(with networking), It wasn't even working properly. All I ask Is that If anyone can help me with this I'd really appreciate It, down below I've put in two files. FRST and Addition. From the farbar scan that I was told to do by another mod in their post. 

 

Thanks!

 

FRST.txt

 

Addition.txt

Link to post
Share on other sites

Alright so I used farbar and chameleon. Farbar did two scans, FRST and Addition, both of which I will post on the "Attach files" thing. And I also have a picture of chameleon's scan, this was literally the case for all of them, I'll attempt to post the picture along with this post, If not I'll put it in the attach files as well. Malwarebytes will not open, and I've tried everything I can, even in safe mode ( with networking ). Safe mode I believed only requires core items, nothing like skype or something like that. But It literally had all my files with running normally, and in safe mode. I hope the three things in the bottom below can help you guys understand my situation.

 

Thanks!

 

 

 

post-170317-0-94666200-1406833186_thumb.

 

FRST.txt

 

Addition.txt

 

 

Link to post
Share on other sites

  • Staff

First, go to Control Panel and uninstall following (skip lines that cannot be uninstalled):
- Adobe Reader X
- Ask Toolbar
- Java 7 Update 51
 
Latest versions of Java and Adobe Reader available here --> http://www.java.com/en/  and here http://get.adobe.com/uk/reader/
Make sure to uncheck optional offers.




FRST.gif Fix with Farbar Recovery Scan Tool



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif


Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.




adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.

fixlist.txt

Link to post
Share on other sites

Oh, my bad. I forgot to do that. I did it now, here you go.

 

# AdwCleaner v3.302 - Report created 31/07/2014 at 14:32:18
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lachin - LACHIN-PC
# Running from : C:\Users\Lachin\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : vToolbarUpdater18.1.7
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Nation Toolbar
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Folder Deleted : C:\Users\Lachin\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Lachin\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Lachin\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Lachin\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\Lachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Lachin\AppData\Roaming\Mozilla\Firefox\Profiles\xzkn8qj4.default\searchplugins\bingp.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Nation Toolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Nation Toolbar
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nation Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Lachin\AppData\Roaming\Mozilla\Firefox\Profiles\xzkn8qj4.default\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.125
 
*************************
 
AdwCleaner[R0].txt - [7036 octets] - [31/07/2014 14:29:14]
AdwCleaner[s0].txt - [6408 octets] - [31/07/2014 14:32:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6468 octets] ##########
Link to post
Share on other sites

Okay so I have no clue on why I cannot open up my MB, BUT, I posted on my other forum and now that I realized something was going on, a pattern was forming, this is what happened.

 

If you look at the picture, there is a thing called "1995: C:\WINDOWS\SYSWOW64\CFGMGR32.DLL" I'm no computer tech or anything, but If the scan keeps terminating itself on this file, It must be bad...Right?  I've ran Chamelon around... 13 times total today, running every test, #1-#13 every like 10 minutes hoping something will work. Nothing.

 

I have another thread with FRST, Addition, Fixlogs and such, hopefully that will help. 

 

https://forums.malwarebytes.org/index.php?/topic/154111-malware-bytes-wont-open-i-used-farbar-to-help/

 

 

 

 

 

 

 

post-170317-0-17894500-1406841890_thumb.

Link to post
Share on other sites

I have absolutely NO clue what is wrong.

 

I CANNOT open Malwarebytes. 

 

Chameleon will NOT detect the problem, If you know what you're doing and can actually help, please, read my previous forum I made, "TwinHeadedEagle" was nice enough to help a little but hasn't replied further.

 

https://forums.malwarebytes.org/index.php?/topic/154120-a-pattern-has-been-forming-this-whole-time-i-did-not-notice/

 

Link to post
Share on other sites

Is there any way that a help and I can talk, In a chat or something, It takes way too long to get help, or anyone to read your post, infact. I've been trying to gain help all day, and "TwinHeadedEagle" helped out, thanks, but your advice didn't work.. If we could somehow talk. 

 

Like I've stated before in like 5-6 threads I've posted today.

 

My screen spaz'd out, and I got "The Blue Screen" and I'm not sure what else happened cause It was like.. 12-14 hours ago... I've been checking on every like, 20 minutes waiting for a reply from someone. 

I don't mean to sound selfish at all, I just require help. I've done everything THE asked me to do. ( TwinHeadedEagle ). But he stopped replying, I think he assumed my problem has been resolved, but in fact, It has not done anything. Every attempt I've done to fix the problem, did not work. 

 

Please read this, mods or helpers.

 

https://forums.malwarebytes.org/index.php?/topic/154120-a-pattern-has-been-forming-this-whole-time-i-did-not-notice/

Link to post
Share on other sites

  • Staff

Can you be more patient? We all do have a private life, we here volunteer our free time to help you, free of charge, and it seems you do not respect that. When I read something like that, it really stops me from further helping you.

 

 

 

mbam-old.png Uninstall outdated Malwarebytes' Anti-Malware
 
Please download MBAM-clean and save it to your desktop.
 
  • Right-click on mbam-clean.exe icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
It will ask you to reboot the machine - please do so.

 
After that follow my next instructions to download & install the newset MBAM version.
 
 
 
 
51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update.
Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
Click the Scan tab, choose Threat Scan is checked and click Scan Now.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the History tab.
Click Application Logs and double-click the Scan Log.
At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.