Jump to content

Malware Antibytes Beta - cannot proceed .


Recommended Posts

I recently tried to download some programs and came across some malware. I tried to run the several anti-malware programs and they all give me the same error. It has also hijacked my ability to use google and therefore I have resorted to using Edge. (yuck) . I have ran Frar as the previous users have done so. What exactly am I looking for in these files when looking to fix and edit the text files? I would love some guidance so I can then offer to help those in need, in future uses.

 

Thanks for the help, this is a great forum wish I stumbled upon it a little sooner.

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello 2Seconds2 and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...


There is nasty infection on your system, this infection has its own protection that will stop all security from running. The best way to remove the infection is via the Recovery Environment using FRST. Continue with the following:

Please download Farbar Recovery Scan Tool from here:

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

save it to a USB flash drive. Ensure to get the correct version for your system, 32 bit or 64 bit...

Next,

Boot your PC and let it go as far as it can, Now hold down the Shift key and re- boot your PC. Windows should open to the "Choose an Option" window....

From that window select "Troubleshoot" from the next window select "Advance Options" from there select "Command Prompt" ensure to plug the flash drive into an open USB port...

Continue with the following:
 
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64 or e:\frst depending on your version. Press Enter Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Thanks,

Kevin...
Link to post
Share on other sites

Hi Kevin

Thanks for the response. After having a little bit of trouble resetting into safe mode, I found one way to do so is to enter using system configuration in Administrative Tools> Boot in safe mode.This was myway of getting into recovery since I wasn't able to get the recovery options menu using the shift+restart trick but I did enter into safe mode as it stated so right above the Cortana search bar. I then plugged in my flash drive and ran the program under the scan option. Here are the files.

 

Thanks, 2Seconds2

 

FRST.txt

Addition.txt

Link to post
Share on other sites

Hiya 2Seconds2,

FRST fix will not work in safe mode or normal mode, it has to be run in the recovery environment to get a new single log, I then compile a fix from that log. The fix is then done with FRST from the recovery environment...

The infections own protection is not active in the recovery environment, hence we can remove it....

Have a read at the following links on how to access the Recovery Environment:

http://www.howtogeek.com/126016/three-ways-to-access-the-windows-8-boot-options-menu/

https://msdn.microsoft.com/en-gb/windows/hardware/commercialize/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference

Thank you,

Kevin..

Link to post
Share on other sites

Thank you for the update and log... Can you tell which option you followed to access RE. Continue with the following:

Save the attached file fixlist.txt to your flash drive, same place as FRST.
Now please enter System Recovery Options as you did to get the log.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Re-Boot to Normal mode...

Next,

Clean install Malwarebytes from version 2 to version 3...

Please download MBAM-clean and save it to your desktop.
 
  • Right-click on mbam-clean.exe icon and select user posted image Run as Administrator to start the tool.
  • It will ask you to reboot the machine - please do so.
  • Run the cleaner tool again, re-boot when complete. <<<---do not miss this step


If you have lost the activation licence key information it can be located here: http://www.cleverbridge.com/342/?scope=cusecolp

Download Malwarebytes version 3 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....

When the install completes and is updated do the following:

Open Malwarebytes, select > "settings" > "protection tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes deal with any found entries... Then select "Export Summary" then "Text File (*.txt)" name that log and save , you can copy or attach that to your reply...

If you have lost the activation licence key information it can be located here: http://www.cleverbridge.com/342/?scope=cusecolp

Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...



Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

Let me see those logs, also give an update on any remaining issues or concerns...

Thank you,

Kevin...

 

 

fixlist.txt

Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.