Jump to content

Recommended Posts

I've had this issue for a bit now....

I run malwarebytes and after the scan runs for a bit I get a bluescreen. (yes i have the most upto date version)

Since that initial run I updated avira ran a scan and then re-ran the mbam scan and saw got a blue screen again.

I then followed the instructions in the sticky topic ... ran defogger, DDS and then GMER. After several hours of running GMER the machine bluescreened again.

Here's the mbam log followed by the DDS.txt.... let me know what else is needed. Appreciate the help!

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4736

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.18943

10/3/2010 5:44:38 PM

mbam-log-2010-10-03 (17-44-38).txt

Scan type: Full scan (C:\|F:\|)

Objects scanned: 728059

Time elapsed: 2 hour(s), 32 minute(s), 20 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

F:\Public2\Downloads\itrci.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

********************************

DDS.text

******************************

DDS (Ver_10-11-27.01) - NTFSx86

Run by verdin77 at 7:53:32.58 on Wed 12/01/2010

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_11

Microsoft

Link to post
Share on other sites

Hello verdin77! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

I run malwarebytes and after the scan runs for a bit I get a bluescreen. (yes i have the most upto date version)

No, you don't. The latest program version is 1.50 and the latest databse version is 5229 .

Step 1

Windows Vista and Windows 7:

  • Click on the Start vista-7-start.png button and select Control Panel
  • Click on Programs and Features
  • Uninstall Malwarebytes' Anti-Malware
  • Restart your computer very important
  • Download and run mbam-clean.exe from here
  • NOTE: If you get SHGetValue failed with error code 0, that only means that the tool has nothing to perform, continue on with the next step....
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask me and I'll explain how to do it.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. Malwarebytes' Anti-Malware log
  2. a new fresh DDS log with Attach.txt

Link to post
Share on other sites

oops... thanks for the catch... note I may have also posted the wrong logs as well. The following should all be correct this time.

Ok...I did the uninstall and clean. Reinstalled a fresh updated version of mbam as indicated and updated the DB.

I added exceptions to Avira as both object and process exceptions for Guard for all 3 of the mbam items indicated. Reboots were done as indicated.

Ran mbam and received an error (first time I've actually seen the error dialog box) indicating that "the instruction at 0x68c1a5d6 referenced memory at 0x00000000. The memory uold not be written. Click on OK to terminate." I clicked ok and the machine blue screened and rebooted. No log from mbam was generated. The DDS and attach are attached below.

On a whim I disabled Avira Guard and ran mbam. The run succeed and indicated no infections. Go figure.

Here's the log from that successful mbam run followed by the DDS.txt

Malwarebytes' Anti-Malware 1.50

www.malwarebytes.org

Database version: 5237

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18975

12/3/2010 7:22:37 AM

mbam-log-2010-12-03 (07-22-37).txt

Scan type: Quick scan

Objects scanned: 257882

Time elapsed: 12 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

*************************

*************************

DDS.txt

*************************

***********************************************************

DDS (Ver_10-11-27.01) - NTFSx86

Run by tcooley at 6:58:22.43 on Fri 12/03/2010

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_11

Microsoft

Attach.txt

Link to post
Share on other sites

Step 1

I also see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.


  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

Step 2

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

Un-installed viewpoint (thanks for pointing this out)

turned off virus protection.

Downloaded combofix as combo-fix and ran.

Allowed combofix to update to most recent version.

Combofix restarted after updating.

Machine rebooted.

Log follows.....

******************************

ComboFix 10-12-04.06 - verdin77 12/06/2010 8:17.1.2 - x86

Microsoft

Link to post
Share on other sites

Perform a full scan with Avira and let it delete everything it is finding.

Then reboot.

After reboot, open your Avira and select "reports".

There doubleclick the report from the Full scan you have done. Click the "Report File" button and copy and paste this report in your next reply.

Link to post
Share on other sites

Updated Avira.... Ran Scan....Reboot...

Log below:

************************************

Avira AntiVir Personal

Report file date: Monday, December 06, 2010 14:15

Scanning for 3124289 virus strains and unwanted programs.

The program is running as an unrestricted full version.

Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows Vista

Windows version : (Service Pack 2) [6.0.6002]

Boot mode : Normally booted

Username : verdin77

Computer name : HORNET

Version information:

BUILD.DAT : 10.0.0.596 31825 Bytes 11/16/2010 15:57:00

AVSCAN.EXE : 10.0.3.1 434344 Bytes 8/2/2010 21:09:56

AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04

LUKE.DLL : 10.0.2.3 104296 Bytes 8/2/2010 21:10:00

LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 12:35:52

VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 14:35:43

VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 14:35:53

VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 14:35:57

VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 14:36:04

VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 13:51:53

VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 21:06:20

VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 17:00:15

VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 21:44:36

VBASE009.VDF : 7.10.13.80 2265600 Bytes 11/2/2010 21:44:44

VBASE010.VDF : 7.10.13.81 2048 Bytes 11/2/2010 21:44:44

VBASE011.VDF : 7.10.13.82 2048 Bytes 11/2/2010 21:44:44

VBASE012.VDF : 7.10.13.83 2048 Bytes 11/2/2010 21:44:44

VBASE013.VDF : 7.10.13.116 147968 Bytes 11/4/2010 21:44:45

VBASE014.VDF : 7.10.13.147 146944 Bytes 11/7/2010 21:44:46

VBASE015.VDF : 7.10.13.180 123904 Bytes 11/9/2010 21:44:46

VBASE016.VDF : 7.10.13.211 122368 Bytes 11/11/2010 21:44:48

VBASE017.VDF : 7.10.13.243 147456 Bytes 11/15/2010 21:44:48

VBASE018.VDF : 7.10.14.15 142848 Bytes 11/17/2010 21:44:49

VBASE019.VDF : 7.10.14.41 134144 Bytes 11/19/2010 21:44:50

VBASE020.VDF : 7.10.14.63 128000 Bytes 11/22/2010 21:44:51

VBASE021.VDF : 7.10.14.87 143872 Bytes 11/24/2010 21:44:52

VBASE022.VDF : 7.10.14.116 140800 Bytes 11/26/2010 21:44:53

VBASE023.VDF : 7.10.14.147 150528 Bytes 11/30/2010 21:44:55

VBASE024.VDF : 7.10.14.175 126464 Bytes 12/3/2010 13:52:47

VBASE025.VDF : 7.10.14.176 2048 Bytes 12/3/2010 13:52:47

VBASE026.VDF : 7.10.14.177 2048 Bytes 12/3/2010 13:52:47

VBASE027.VDF : 7.10.14.178 2048 Bytes 12/3/2010 13:52:47

VBASE028.VDF : 7.10.14.179 2048 Bytes 12/3/2010 13:52:47

VBASE029.VDF : 7.10.14.180 2048 Bytes 12/3/2010 13:52:48

VBASE030.VDF : 7.10.14.181 2048 Bytes 12/3/2010 13:52:48

VBASE031.VDF : 7.10.14.201 119296 Bytes 12/6/2010 19:11:40

Engineversion : 8.2.4.120

AEVDF.DLL : 8.1.2.1 106868 Bytes 7/31/2010 17:00:40

AESCRIPT.DLL : 8.1.3.48 1286524 Bytes 12/2/2010 22:32:26

AESCN.DLL : 8.1.7.2 127349 Bytes 12/1/2010 21:45:10

AESBX.DLL : 8.1.3.2 254324 Bytes 12/1/2010 21:45:13

AERDL.DLL : 8.1.9.2 635252 Bytes 12/1/2010 21:45:10

AEPACK.DLL : 8.2.4.1 512375 Bytes 12/2/2010 22:32:24

AEOFFICE.DLL : 8.1.1.10 201084 Bytes 12/1/2010 21:45:07

AEHEUR.DLL : 8.1.2.52 3109238 Bytes 12/4/2010 13:53:07

AEHELP.DLL : 8.1.16.0 246136 Bytes 12/2/2010 22:32:18

AEGEN.DLL : 8.1.5.0 397685 Bytes 12/2/2010 22:32:18

AEEMU.DLL : 8.1.3.0 393589 Bytes 12/1/2010 21:45:00

AECORE.DLL : 8.1.19.0 196984 Bytes 12/2/2010 22:32:17

AEBB.DLL : 8.1.1.0 53618 Bytes 4/24/2010 13:33:33

AVWINLL.DLL : 10.0.0.0 19304 Bytes 8/2/2010 21:09:56

AVPREF.DLL : 10.0.0.0 44904 Bytes 8/2/2010 21:09:55

AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 20:27:13

AVREG.DLL : 10.0.3.2 53096 Bytes 8/2/2010 21:09:55

AVSCPLR.DLL : 10.0.3.1 83816 Bytes 8/2/2010 21:09:56

AVARKT.DLL : 10.0.0.14 227176 Bytes 8/2/2010 21:09:54

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 8/2/2010 21:09:55

SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 20:27:22

AVSMTP.DLL : 10.0.0.17 63848 Bytes 8/2/2010 21:09:56

NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 20:27:21

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20

RCTEXT.DLL : 10.0.58.0 97128 Bytes 8/2/2010 21:10:08

Configuration settings for the scan:

Jobname.............................: Local Drives

Configuration file..................: C:\program files\avira\antivir desktop\alldrives.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:, D:, F:, G:, H:, I:, J:, E:,

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: Intelligent file selection

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Skipped files.......................: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe, C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe, C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe,

Start of the scan: Monday, December 06, 2010 14:15

Starting search for hidden objects.

The scan of running processes will be started

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'vssvc.exe' - '1' Module(s) have been scanned

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'WLCrdpuser.exe' - '1' Module(s) have been scanned

Scan process 'WLCrdpsystem.exe' - '1' Module(s) have been scanned

Scan process 'WerCon.exe' - '1' Module(s) have been scanned

Scan process 'wuauclt.exe' - '1' Module(s) have been scanned

Scan process 'wlcomm.exe' - '1' Module(s) have been scanned

Scan process 'MOE.exe' - '1' Module(s) have been scanned

Scan process 'iPodService.exe' - '1' Module(s) have been scanned

Scan process 'hpqSTE08.exe' - '1' Module(s) have been scanned

Scan process 'Spyder3Utility.exe' - '1' Module(s) have been scanned

Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned

Scan process 'GetRight.exe' - '1' Module(s) have been scanned

Scan process 'WLSync.exe' - '1' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned

Scan process 'FileZilla Server Interface.exe' - '1' Module(s) have been scanned

Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned

Scan process 'sttray.exe' - '1' Module(s) have been scanned

Scan process 'QTTask.exe' - '1' Module(s) have been scanned

Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned

Scan process 'wpcumi.exe' - '1' Module(s) have been scanned

Scan process 'mobsync.exe' - '1' Module(s) have been scanned

Scan process 'RoxMediaDB9.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned

Scan process 'WLIDSvcM.exe' - '1' Module(s) have been scanned

Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned

Scan process 'WLIDSVC.EXE' - '1' Module(s) have been scanned

Scan process 'wlcrasvc.exe' - '1' Module(s) have been scanned

Scan process 'Explorer.EXE' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'VServ.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned

Scan process 'slserv.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'Dwm.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'RoxWatch9.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'NBService.exe' - '1' Module(s) have been scanned

Scan process 'Iaantmon.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'FileZilla Server.exe' - '1' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned

Scan process 'avshadow.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'SLsvc.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'lsm.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'wininit.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

Master boot sector HD2

[iNFO] No virus was found!

Master boot sector HD3

[iNFO] No virus was found!

Master boot sector HD4

[iNFO] No virus was found!

Master boot sector HD5

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!

Boot sector 'F:\'

[iNFO] No virus was found!

Boot sector 'G:\'

[iNFO] In the drive 'G:\' no data medium is inserted!

Boot sector 'H:\'

[iNFO] In the drive 'H:\' no data medium is inserted!

Boot sector 'I:\'

[iNFO] In the drive 'I:\' no data medium is inserted!

Boot sector 'J:\'

[iNFO] In the drive 'J:\' no data medium is inserted!

Starting to scan executable files (registry).

The registry was scanned ( '1863' files ).

Starting the file scan:

Begin scan in 'C:\' <OS>

Begin scan in 'D:\' <RECOVERY>

Begin scan in 'F:\' <New Volume>

Begin scan in 'G:\'

Search path G:\ could not be opened!

System error [21]: The device is not ready.

Begin scan in 'H:\'

Search path H:\ could not be opened!

System error [21]: The device is not ready.

Begin scan in 'I:\'

Search path I:\ could not be opened!

System error [21]: The device is not ready.

Begin scan in 'J:\'

Search path J:\ could not be opened!

System error [21]: The device is not ready.

Begin scan in 'E:\'

Search path E:\ could not be opened!

System error [21]: The device is not ready.

End of the scan: Monday, December 06, 2010 19:44

Used time: 5:29:50 Hour(s)

The scan has been done completely.

67296 Scanned directories

1326786 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

1326786 Files not concerned

26897 Archives were scanned

0 Warnings

0 Notes

205947 Objects were scanned with rootkit scan

0 Hidden objects were found

Link to post
Share on other sites

Ran mbam in safe mode and it worked fine with no positives. (BTW, I also attempted to run a full scan with mbam one disk/partition at a time after a normal boot. Each time I got a blue screen and no log.)

Here's the log. for the successful run in safe mode.....

******************************************

Malwarebytes' Anti-Malware 1.50

www.malwarebytes.org

Database version: 5263

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.18975

12/7/2010 1:32:51 PM

mbam-log-2010-12-07 (13-32-51).txt

Scan type: Quick scan

Objects scanned: 223300

Time elapsed: 4 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Let's try to re-install it:

Step 1

Windows Vista and Windows 7:

  • Click on the Start vista-7-start.png button and select Control Panel
  • Click on Programs and Features
  • Uninstall Malwarebytes' Anti-Malware
  • Restart your computer very important
  • Download and run mbam-clean.exe from here
  • NOTE: If you get SHGetValue failed with error code 0, that only means that the tool has nothing to perform, continue on with the next step....
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask me and I'll explain how to do it.

Step 2

Perform a full scan.

Link to post
Share on other sites

Glad I could help! :)

Last steps:

Step 1

  1. Go to Start => Run... and copy & paste next command in the field:
    ComboFix /uninstall


  2. Then hit Enter button.

This procedure will do the following:

  • Uninstall ComboFix
  • Delete its related folders and files
  • Reset your clock settings
  • Hide file extensions
  • Hide the system/hidden files
  • Resets System Restore again

P.S.: Make sure there's a space between ComboFix and /uninstall

Step 2

Please manually delete DDS, GMER, mbam-clean and mbam-setup.

Step 3

Keep your software up-to-date:

http://www.bleepingcomputer.com/tutorials/tutorial174.html

Some malware preventions:

http://forums.malwarebytes.org/index.php?showtopic=9365

Safe surfing! :)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.