Jump to content
JetWall

Unable to run Malwarebytes, Chameleon only reinstalls or fails

Recommended Posts

FIrst I should note that I am running the free version of Malwarebytes. I received a notification that Malwarebytes detected an issue through my Windows 7 pop-up notification tray. When I clicked on it to see the status of Malwarebytes and the "issue" nothing happened. Now when I attempt to run Malwarebytes the program won't open. A quick Google search led me to Chameleon but that doesn't seem to be helping either. No matter what icon I click on provided in the zip file I can't see the Chameleon program I've seen in screenshots that shows the different Tests. I click on each one and a DOS window appears attempting to either download Malwarebytes or scan. The best result I've had was Chameleon successfully downloading and installing Malwarebytes once more but the issue persists. The program will not open. I wouldn't be surprised if there is some user error behind troubleshooting this issue, but any help would be greatly appreciated.

Edited by JetWall

Share this post


Link to post
Share on other sites

Hello and Welcome!

Let's try this first.... (Malwarebytes clean removal tool will backup your license information and then re-enter the license to the new install)

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - Malwarebytes mb-clean tool (NOTE: After uninstalling with the mb-clean tool you will be asked to reboot. Once you reboot it will ask you if you want to re-install Malwarebytes, you can select YES (it will download the latest version) or you can download the latest version manually (currently v3.3.1.2183 CU 1.0.262) to re-install from HERE)
  2. If that does not correct the issue, then please read the following and attach to your next reply the requested logs - Diagnostic Logs (after you run all the tools requested, all the logs will be combined into one log file named: mb-check-results.zip located on your Desktop (which will include the FRST logs inside the zip file))
  3. NOTE: More info about the latest Malwarebytes 3.2.2 HERE; MB 3 User Guide ONLINE; MB 3 User Guide PDF; MB 3 FAQ: Malwarebytes 3.0 - Frequently Asked Questions


Please let us know how it goes.


Thank You,

Firefox

Share this post


Link to post
Share on other sites

Thanks for the reply. I downloaded and ran the mb-clean tool. The program was reinstalled but it did not correct the issue. I then attempted to download FRST through the link provided but the browser crashes before I can download the recovery tool. No matter what browser I use it crashes as soon as I click on the link. Should I post the mb-clean results file anyway?

Share this post


Link to post
Share on other sites

You can post the results, however we will need those logs to be able to see what is going on.  Can you try downloading the tools in Safe Mode, or on a different computer?

Share this post


Link to post
Share on other sites

I will continue attempting to download the tools. Just found it really odd that the browsers are denying me access to the download link. My computer seems to be going out of it's way to prevent me from accessing Malwarebytes or any related troubleshooting help. Anyway, I am attaching the initial results.

mb-clean-results.txt

2018-01-03 17:23:27.643   Warning!!! license key is empty.
2018-01-03 17:23:27.643   mb-clean:3.1.0.1031  @ Malwarebytes. All rights reserved.
2018-01-03 17:23:28.491   Malwarebytes self-protection module is not installed.
2018-01-03 17:23:28.491   Launching process:"C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /LOG /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\Hellbot\AppData\Local\Temp\Mbam3x.log"
2018-01-03 17:23:30.088   >>>>>> Starting 2nd phase cleanup for Malwarebytes version 3.3.1.2183 <<<<<<
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2018-01-03 17:23:30.088   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2018-01-03 17:23:30.603   Trying to delete path C:\ProgramData\Malwarebytes\
2018-01-03 17:23:30.603   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-01-03 17:23:30.603   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2018-01-03 17:23:30.603   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-01-03 17:23:30.603   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2018-01-03 17:23:30.603   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
2018-01-03 17:23:30.603   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll, reason:(Access is denied.(error=5))
2018-01-03 17:23:30.603   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll on reboot
2018-01-03 17:23:30.603   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2018-01-03 17:23:30.603   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The directory is not empty.(error=145))
2018-01-03 17:23:30.603   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2018-01-03 17:23:30.603   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService
2018-01-03 17:23:30.603   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService
2018-01-03 17:23:30.603   --------BEGINNING OF THE UNINSTALLER LOG FILE ----------
2018-01-03 17:23:28.555   Log opened. (Time zone: UTC-05:00)
2018-01-03 17:23:28.555   Setup version: Inno Setup version 5.5.8 (u)
2018-01-03 17:23:28.555   Original Uninstall EXE: C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe
2018-01-03 17:23:28.555   Uninstall DAT: C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat
2018-01-03 17:23:28.555   Uninstall command line: /SECONDPHASE="C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /FIRSTPHASEWND=$5026C /LOG /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\Hellbot\AppData\Local\Temp\Mbam3x.log"
2018-01-03 17:23:28.555   Windows version: 6.1.7601 SP1  (NT platform: Yes)
2018-01-03 17:23:28.555   64-bit Windows: Yes
2018-01-03 17:23:28.555   Processor architecture: x64
2018-01-03 17:23:28.555   User privileges: Administrative
2018-01-03 17:23:28.555   64-bit install mode: Yes
2018-01-03 17:23:28.555   Created temporary directory: C:\Users\Hellbot\AppData\Local\Temp\is-HF10R.tmp
2018-01-03 17:23:28.571   Uninstalling service
2018-01-03 17:23:29.900   Installed service, result 0
2018-01-03 17:23:29.900   Uninstall service complete
2018-01-03 17:23:29.915   Uninstall from Security Center , result 0
2018-01-03 17:23:29.931   Removing mbshlext.dll
2018-01-03 17:23:29.931   Spawning 64-bit RegSvr32: "C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll"
2018-01-03 17:23:29.946   Remove mbshlext.dll on reboot
2018-01-03 17:23:29.946   Starting the uninstallation process.
2018-01-03 17:23:29.993   Deleting file: C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-03 17:23:30.009   Deleting file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk
2018-01-03 17:23:30.009   Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-03 17:23:30.009   Failed to delete directory (145). Will retry later.
2018-01-03 17:23:30.040   Deleting file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk
2018-01-03 17:23:30.040   Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\zlib.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\ssleay32.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\libeay32.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\7z.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionSdk.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionShim.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\rtp.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\RtpShim.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Swissarmy.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\SwissarmyShim.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MwacLib.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MwacSdkShim.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MBAMCore.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\arwlib.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\ArwSdkShim.dll
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbae-api-na.dll
2018-01-03 17:23:30.040   Deleting file: C:\Windows\system32\drivers\mbae64.sys
2018-01-03 17:23:30.040   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\AeShim.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\SPControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\AEControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\RTPControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\ArwControllerImpl.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_bg.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sk.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sl.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hr.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ro.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ko.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_zh_TW.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_cs.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hu.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ja.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fi.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_no.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_da.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sv.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_es.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ru.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_PT.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_BR.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pl.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_nl.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_it.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fr.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_de.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_US.qm
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_GB.qm
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\Languages
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\qtquickextrasplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qmldir
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\qmldir
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtQml
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmldir
2018-01-03 17:23:30.056   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\plugins.qmltypes
2018-01-03 17:23:30.056   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\Qt
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\softwarecontext.dll
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\platforms
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qdds.dll
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\imageformats
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\iconengines
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qmldir
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\plugins.qmltypes
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListSeparator.qml
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListLink.qml
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListDestination.qml
2018-01-03 17:23:30.071   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbshlext_proto
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbamwow.exe
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll
2018-01-03 17:23:30.071   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\changes.txt
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\config
2018-01-03 17:23:30.071   Failed to delete directory (145). Will retry later.
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\logs
2018-01-03 17:23:30.071   Failed to delete directory (145). Will retry later.
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService
2018-01-03 17:23:30.071   Failed to delete directory (145). Will retry later.
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes
2018-01-03 17:23:30.071   Failed to delete directory (145). Will retry later.
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\AeDetections
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\ArwDetections
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\clean.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\telemetry.json
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
2018-01-03 17:23:30.071   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\config
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\dbmanifest.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\dbmanifest2.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\dbupdate.log
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\dynconfig.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\exclusions.txt
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot.mbdb
2018-01-03 17:23:30.071   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
2018-01-03 17:23:30.087   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\lkg_db
2018-01-03 17:23:30.087   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.LOG
2018-01-03 17:23:30.087   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\logs
2018-01-03 17:23:30.087   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\mbdigsig.dat
2018-01-03 17:23:30.087   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\mbdigsig2.dat
2018-01-03 17:23:30.087   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections
2018-01-03 17:23:30.087   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\prot.mbdb
2018-01-03 17:23:30.088   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\rdefs.mbdb
2018-01-03 17:23:30.088   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections
2018-01-03 17:23:30.088   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\rules.mbdb
2018-01-03 17:23:30.088   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\scan.mbdb
2018-01-03 17:23:30.088   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService\ScanResults
2018-01-03 17:23:30.088   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\tids.mbdb
2018-01-03 17:23:30.088   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\wprot.mbdb
2018-01-03 17:23:30.088   Deleting file: C:\ProgramData\Malwarebytes\MBAMService\wprot2.mbdb
2018-01-03 17:23:30.088   Deleting directory: C:\ProgramData\Malwarebytes\MBAMService
2018-01-03 17:23:30.088   Deleting file: C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
2018-01-03 17:23:30.088   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware
2018-01-03 17:23:30.088   Failed to delete directory (145). Will retry later.
2018-01-03 17:23:30.088   Deleting Uninstall data files.
2018-01-03 17:23:30.603   Deleting directory: C:\ProgramData\Malwarebytes
2018-01-03 17:23:30.603   Deleting directory: C:\Program Files\Malwarebytes\Anti-Malware
2018-01-03 17:23:30.603   Failed to delete directory (145).
2018-01-03 17:23:30.603   Uninstallation process succeeded.
2018-01-03 17:23:30.603   Removed all? Yes
2018-01-03 17:23:30.603   Need to restart Windows? No
2018-01-03 17:23:30.603   Log closed.
2018-01-03 17:23:31.912   --------END OF LOG FILE ----------
2018-01-03 17:24:09.259   >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.3.1.2183 <<<<<<<<.
2018-01-03 17:24:09.259   Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2018-01-03 17:24:09.259   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2018-01-03 17:24:10.178   Trying to delete path C:\ProgramData\Malwarebytes\
2018-01-03 17:24:10.178   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-01-03 17:24:10.178   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2018-01-03 17:24:10.178   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-01-03 17:24:10.178   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2018-01-03 17:24:10.178   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2018-01-03 17:24:10.178   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The directory is not empty.(error=145))
2018-01-03 17:24:10.178   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2018-01-03 17:24:39.266   Malwarebytes v3.x was installed successfully.
2018-01-03 17:24:39.266   Launching process:"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
2018-01-03 17:24:43.790   --------END OF LOG FILE ----------

Edited by JetWall

Share this post


Link to post
Share on other sites

Ok, I was able to download FRST in Safe Mode. I switched back to normal mode but then FRST wouldn't remain open. So I had to run that in Safe Mode as well. After I received the text documents from that scan I attempted to run mb-check while sitll in Safe Mode but it kept telling me it wasn't responding. Switched back to normal and noticed mb-check still created a results .txt file. I hope I did everything correctly so far. I am attaching the files. Let me know if it would be easier if I copied and pasted them to this post.

Addition.txt

FRST.txt

mb-check-results.txt

Edited by JetWall

Share this post


Link to post
Share on other sites
1 hour ago, JetWall said:

I am attaching the files.

I would suggest booting to safe mode again with networking and try to open Malwarebytes and if it opens run a scan with rootkit scanning enabled.

 

Rootkit main.png

Share this post


Link to post
Share on other sites

I use Safe Mode to download and run FRST and it never occurs to me to try and run Malwarebytes in Safe Mode. :blush:

Anyway, thanks, Porthos. Was able to run Malwarebytes and found 5 threats. Should I be concerned about any of my passwords being compromised with these rootkits?

 

rootkit report.jpg

rootkitsummary.txt

Edited by JetWall

Share this post


Link to post
Share on other sites
4 minutes ago, JetWall said:

Should I be concerned about any of my passwords being compromised with these rootkits?

First I would consider purchasing MB so you have real-time protection.  Can you run the same scan in regular mode now, please. Post the results

Share this post


Link to post
Share on other sites

Here is the 1st scan in reg mode.

1stpostrootsummary.txt

Definitely considering upgrading now. Would just be concerned submitting any more credentials to purchase the upgrade if I still have a rootkit problem. I seemingly don't according to the last 2 scans though.

Edited by JetWall

Share this post


Link to post
Share on other sites
22 minutes ago, JetWall said:

If still have a rootkit problem.

You are welcome to start a topic in the malware removal section so they can get a better look. (We are not allowed to do full blown removal in this section>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.