Jump to content

MBAM freezes when removing files


Recommended Posts

Hi there.

I warn any good Samaritans in advance - I'm horribly ignorant and incompetent with these sorts of things.

I have a Dell Inspiron 6000 with XP on it, and at the moment I can only access IE in safe mode as an administrator. My Norton AV has been turned off and won't come on; also some other software won't open, and I can't search for files (in normal running mode, at least - I can in safe mode).

I got the Virus Response Lab 2009 virus and a few other malware friends came along for the ride; I seem to have gotten rid of most of avrlab with Norton (back when it worked) and MBAM, though there are some stragglers left. When I run MBAM now, it tells me that there are between 8 and 11 infected files left, mostly trojan.zlob), but when I try to remove them, the program freezes, generally while the status bar at the bottom tells me that it is trying to quarantine this file: KEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avrlabs

Here is the log I saved from this morning's attempt.

I'm not really sure what to do, and I would really appreciate any advice that anyone might be able to give me. There are a number of posts on here that seem to be similar, but I don't know enough about my system to feel confident deleting files or wiping system restore points etc (even if I knew how to do any of that).

Again, eternal gratitude if anyone could point me in the right direction.

-A Doofus

Memory Processes Infected: 0

Memory Modules Infected: 1

Registry Keys Infected: 4

Registry Values Infected: 4

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\Documents and Settings\Tony Antoniades\0E513D7E8235ADE0\0E513D7E8235ADE0.x86 (Rootkit.Zlob) -> No action taken.

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64466b8e-20a7-4a4a-aff4-aad9ca68b52c} (Trojan.Zlob) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d695b871-8020-4041-a6d2-59f922e1b2e2} (Trojan.Zlob) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\avrlabs (Rogue.AntiVirusLab) -> No action taken.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avrlabs (Rogue.AntiVirusLab) -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Tony Antoniades\0E513D7E8235ADE0\0E513D7E8235ADE0.x86 (Rootkit.Zlob) -> No action taken.

Link to post
Share on other sites

Greetings and welcome to Malwarebytes'. Please read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs in a new topic here: http://www.malwarebytes.org/forums/index.php?showforum=7 If some of the scans won't function, just do the ones you can.

Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. I hope I was helpful. Good luck and safe surfing.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.