Nupjook Posted August 10, 2014 ID:864900 Share Posted August 10, 2014 MBAM version 1.70.0.1100 seems to work fine, but updated version (2.0.2.1012?) does not. First start of the program immediately becomes 'not responding', after which I can start the program but attempt to scan immediately puts the program into 'not responding' state every time. Not sure if caused by infection or other problems (clashing with other programs, etc.). I am currently trying MBAM-Chameleon but MBAM still freezes when scan is attempted and I do not where to go from here. Please help! Windows 7FRST.txt, Addition.txt attached Thanks!FRST.txtAddition.txt Link to post Share on other sites More sharing options...
kevinf80 Posted August 10, 2014 ID:864910 Share Posted August 10, 2014 Hello and P2P/Piracy Warning: If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following: MBAM Clean Removal Process 2xFollow the relevant steps and ensure to run mbam-clean tool after UNinstalling Malwarebytes. When reinstalling the program please try the latest version from here: http://www.malwarebytes.org/mwb-download/Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... linkOpen up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply. Next, Download AdwCleaner by Xplode onto your Desktop. Double click on Adwcleaner.exe to run the tool. Click on Scan Once the scan is done, click on the Clean button. You will get a prompt asking to close all programs. Click OK. Click OK again to reboot your computer. A text file will open after the restart. Please post the content of that logfile in your reply. You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number Next, Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message. Let me see those logs in next reply.... Kevin Link to post Share on other sites More sharing options...
Nupjook Posted August 10, 2014 Author ID:864996 Share Posted August 10, 2014 Hello Kevin, and thank you very much for fast reply. I uninstalled uTorrent and deleted cracked software to meet the policy, and followed the steps mentioned. I uninstalled MBAM using the MBAM-clean tool and reinstalled, but I run into the same problem. That is, I get stuck here: Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link as the program still goes 'not responding' whenever I attempt update/scan (I forgot to mention in my original post that updating also freezes program).Running chameleon does not seem to help either. Link to post Share on other sites More sharing options...
kevinf80 Posted August 10, 2014 ID:865008 Share Posted August 10, 2014 Read the following link before we continue and run Combofix: ComboFix usage, Questions, Help? - Look here Next, Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :- http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.infospyware.net/antimalware/combofix/ Ensure that Combofix is saved directly to the Desktop <--- Very important Disable all security programs as they will have a negative effect on Combofix, instructions available here http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask. Close any open browsers and any other programs you might have running Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator) Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required. If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes. When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze **** Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here http://thespykiller.co.uk/index.php?page=20 why disabling autoruns is recommended. *EXTRA NOTES* If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so. If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted) Post the log in next reply please... Kevin Link to post Share on other sites More sharing options...
Nupjook Posted August 11, 2014 Author ID:865046 Share Posted August 11, 2014 Ran ComboFix. Log attachedComboFix.txt Link to post Share on other sites More sharing options...
kevinf80 Posted August 11, 2014 ID:865118 Share Posted August 11, 2014 Please continue: 1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the Codebox below into it:ClearJavaCache:: Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Next, Download AdwCleaner by Xplode onto your Desktop. Double click on Adwcleaner.exe to run the tool. Click on Scan Once the scan is done, click on the Clean button. You will get a prompt asking to close all programs. Click OK. Click OK again to reboot your computer. A text file will open after the restart. Please post the content of that logfile in your reply. You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number Next, Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message. Next, We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete: Run Eset Online Scanner **Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scan click on the Run ESET Online Scanner button Tick the box next to YES, I accept the Terms of Use.Click Start When asked, allow the add/on to be installedClick Start Make sure that the option "Remove found threats" is ticked Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.Click Scan wait for the virus definitions to be downloaded Wait for the scan to finish When the scan is complete If no threats were found put a checkmark in "Uninstall application on close" close program report to me that nothing was found If threats were found click on "list of threats found" click on "export to text file" and save it as ESET SCAN and save to the desktop Click on back put a checkmark in "Uninstall application on close" click on finish close program Copy and paste the report in next reply. Next, Download Security Check by screen317 from either of the following: http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exeSave it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.A Notepad document should open automatically called checkup.txt; please post the contents of that document.If Security Check will not run or you get an alert saying it is not supported, Re-boot your PC then try again... Let me see those logs in your next reply.... Kevin Link to post Share on other sites More sharing options...
Nupjook Posted August 11, 2014 Author ID:865310 Share Posted August 11, 2014 When I ran ESET scanner the first time, I ran it overnight and when I came back it had finished scanning, found 4 threats, and went 'not responding'. When I ran it again it found no threats. I hope this is not a problem. Logs attachedComboFix.txtAdwCleanerS0.txtJRT.txtcheckup.txtComboFix.txtAdwCleanerS0.txtJRT.txtcheckup.txt Link to post Share on other sites More sharing options...
kevinf80 Posted August 11, 2014 ID:865313 Share Posted August 11, 2014 What is the current status of your system, do you have any remaining issues or concerns.... Run this please: Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue.Make sure the following options are checked: Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows Defender Press "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Next, Check following to see if log files are saved for ESET, let me see any saved logs.... C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt Kevin Link to post Share on other sites More sharing options...
Nupjook Posted August 12, 2014 Author ID:865323 Share Posted August 12, 2014 The computer seems to be working fine, but my initial problem is still not fixed--MBAM still goes 'not responding' whenever I attempt a scan. FSS.txt attachedNo log found for ESETFSS.txt Link to post Share on other sites More sharing options...
kevinf80 Posted August 12, 2014 ID:865460 Share Posted August 12, 2014 I do not see an active anti-virus program installed on your PC, is that correct? Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following: MBAM Clean Removal Process 2x Follow the relevant steps and ensure to run mbam-clean tool after UNinstalling Malwarebytes. When reinstalling the program please try the latest version from here: http://www.malwarebytes.org/mwb-download/ Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... linkOpen up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply. If Malwarebytes still fails to run successfully reboot to Safe Mode with Networking and try again.. Instructions here: https://community.shaw.ca/docs/DOC-1017 Kevin... Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 19, 2014 Root Admin ID:868537 Share Posted August 19, 2014 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts