Jump to content

Recommended Posts

Hello,

Malwarebytes had been installed and successfully scanning on my PC for several months. Yesterday, I tried to start a scan for the first time in about a month and nothing happened. I did a re-install today and, same thing, nothing happens when I try to start Malwarebytes. Renaming mbam.exe to xxxx.exe does not help. I was able to run Ad-Aware which deleted 31 tracking cookies, but that did not help with my Malwarebytes issue. Below is the output from a Hijack This run, can someone tell me what is going on:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:06:38 PM, on 8/20/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

I:\WINDOWS\System32\smss.exe

I:\PROGRA~1\AVG\AVG10\avgchsvx.exe

I:\WINDOWS\system32\winlogon.exe

I:\WINDOWS\system32\services.exe

I:\WINDOWS\system32\lsass.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\System32\svchost.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\system32\spoolsv.exe

I:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

I:\Program Files\AVG\AVG10\avgwdsvc.exe

I:\Program Files\Juniper Networks\Common Files\dsNcService.exe

I:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

I:\WINDOWS\Explorer.EXE

I:\Program Files\AVG\AVG10\avgnsx.exe

I:\Program Files\AVG\AVG10\avgemcx.exe

I:\Program Files\ATI Technologies\ATI.ACE\cli.exe

I:\Program Files\AVG\AVG10\avgtray.exe

I:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

I:\Program Files\Napster\napster.exe

I:\WINDOWS\system32\ctfmon.exe

I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE

I:\Documents and Settings\Michael\Application Data\Dropbox\bin\Dropbox.exe

I:\WINDOWS\system32\svchost.exe

I:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

I:\Program Files\ATI Technologies\ATI.ACE\cli.exe

I:\PROGRA~1\AVG\AVG10\avgrsx.exe

I:\Program Files\AVG\AVG10\avgcsrvx.exe

I:\Program Files\Internet Explorer\iexplore.exe

I:\Program Files\Internet Explorer\iexplore.exe

I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

I:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

I:\WINDOWS\system32\wuauclt.exe

I:\WINDOWS\system32\wuauclt.exe

I:\WINDOWS\system32\wuauclt.exe

I:\WINDOWS\system32\msiexec.exe

I:\Program Files\Internet Explorer\iexplore.exe

I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

I:\WINDOWS\SoftwareDistribution\Download\Install\NDP20SP2-KB2518864-x86.exe

i:\a1168e984245a2d16fc1\HotFixInstaller.exe

i:\WINDOWS\system32\MsiExec.exe

\?\I:\WINDOWS\system32\WBEM\WMIADAP.EXE

I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG10\avgssie.dll

O4 - HKLM\..\Run: [ATICCC] "I:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [AVG_TRAY] I:\Program Files\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [EEventManager] I:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

O4 - HKLM\..\Run: [NapsterShell] I:\Program Files\Napster\napster.exe /systray

O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Epson Stylus NX510(Network)] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE /FU "I:\WINDOWS\TEMP\E_S75.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-21-1214440339-1715567821-839522115-1004\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe (User 'Manya')

O4 - Startup: Dropbox.lnk = I:\Documents and Settings\Michael\Application Data\Dropbox\bin\Dropbox.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://goto.saccounty.net/dana-cached/sc/JuniperSetupClient.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG10\avgpp.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - I:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - I:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

--

End of file - 5495 bytes

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes,

Please do the following:

  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

Link to post
Share on other sites

Hi Chris,

I ran mbam-clean.exe, restarted my PC, disabled AVG, and then downloaded and installed Malwarebytes again. At the very end of the installation, it asks if I want to launch and update Malwarebytes. I leave both checkboxes checked and click 'OK'...nothing happens, Malwarebytes just goes away.

Any idea how I can determine what is keeping Malwarebytes from running?

Thanks,

Mike

Link to post
Share on other sites

Oh, OK. Actually, I rebuilt my PC about 9 months ago and put in a new hard drive. The new drive got mapped to I: drive for some reason. Never really bothered me until now. Is this something that just started recently? Because I could have sworn I was able to scan with Malwarebytes until about a month ago.

Anyway, thanks for your time. You can go ahead and close this issue now.

Thanks,

Mike

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.