Jump to content

Malwarebytes 3.2.2. Protections Are Disabled After several installs

TimGuyG

By TimGuyG
in Resolved Malware Removal Logs

 Share

Recommended Posts

TimGuyG

TimGuyG

Posted
Posted

Sophisticated malware on my Dell Inspiron 530 (with Windows Vista) PC,  prevents or disables both devices and anti-malware tools. 2 months ago my PC started crashing after Vistastartup/login. With help I managed to discover that my DVD drive was disabled as well. Windows Recovery and Restore both were disabled as well in all SAFE and Normal boot modes. Reformatted the system drive and reset bios and reloaded Windows Vista with OS disk. Using Dell driver disk discovered that drive was disabled. Loaded AVG with USB and with great difficulty (malware continued to disable DVD drive) managed to get drive to recognize DELL driver CD while running AVG anti-virus. However AVG completed with no malware or virus found. Loaded Malwarebytes Premium, but am unable to enable Protections. All protections (web, exploits and malware) are OFF no matter what I do. I uninstalled and reinstalled Malwarebytes Premium twice. Unable to get Windows Vista security updates to download until we managed to get CCleaner installed and monitoring activated. Performed a complete system clean with this software and the CD drive began to work with the Display monitor install disk loaded). But after we rebooted the PC the malware symptoms returned in full force (disabling the DVD drive and preventing Window Updates). After numerous attempts and failures managed to get all Vista downloads installed but KB929777. This download cannot complete the install (error code: 8000FFFF failure). Loaded MBAR and it runs successfully reporting no problems. Loaded FRST and fixed entry that had ATTENTION associated with it. However Malwarebytes protections continue to be disabled and DVD drive will only recognize the DELL driver disk (with some difficulty - with alert Please insert a disk into CD Drive E:). I ran FRST more than 7 times but do not know how to interpret the outputs. Please help!

I have attached the FRST, ADDITION & SHORTCUT outputs from the FRST tool.

Thanks in advance...

 

FRST.txt

Addition.txt

Shortcut.txt

Link to post
Share on other sites
TimGuyG

TimGuyG

Posted
  • Author
Posted

Thanks Kevin, I just reran FRST in windows vista normal mode, and have the results which I am attaching to this post. As I indicated in my original post, the malware attempts to block all my windows vista update attempts. I spent all day yesterday downloading all available from the query of available updates. One of the updates I successfully downloaded was for service pk 1, which came with an install program that ran successfully. At least it looked like it did. We did it several times. But just now when I checked the windows vista system page from my control panel it is not indicating that service pk 1 is installed. This might be because one of my trouble shooting efforts was to remove all files in windows\system32\softwaredistribution\download folder and the csroot2 (sp?) as well. But I did download and install service pk 1. Service Pk 2 for windows vista did not show up as available for download or it is associated with the KB929777 download which does not install successfully. It appears that the malware program is blocking this install; as it gets 75% completed and then crashes with the error code 8888FFFF.  And thanks for your assistance K.

FRST.txt

Addition.txt

Shortcut.txt

Link to post
Share on other sites
TimGuyG

TimGuyG

Posted
  • Author
Posted

Kevin, I also went to MS web site for the KB929777 download. I get the download but the install fails after about 75% completion. I attempted this several times in all modes (normal, safe, safe with command, safe with network, etc). Also note that I can get the DVD drive to wake up with the Dell Monitor driver disk loaded when I start the AVG scan, the Malwarebytes scan, and the ccleaner programs all simultaneously. But this also overwhelms my system and file transfer from the disk drive to my C:\ hangs until I stop these scans, and the malware program then causes a hard crash of my PC.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

I do not see any obvious Malware or Infection in your logs, run the following AV scan to double check your system:

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.



Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Next,

If that log is clean continue:

Download and save to Desktop SP1 https://www.microsoft.com/en-gb/download/confirmation.aspx?id=30

Download and save to Desktop SP2 https://www.microsoft.com/en-us/download/confirmation.aspx?id=16468&cffa64c5-a636-96fc-e97a-0e907fcc4c04=True

Next,

Set your system up for Clean Boot mode, instructions here: https://support.microsoft.com/en-gb/help/929135/how-to-perform-a-clean-boot-in-windows

Expand option for Windows Vista, full instructions at previous link. Reboot when set for clean boot, run SP1, reboot when complete. Then run SP2.... let me know if they install ok...

Thanks,

Kevin

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept