Software > Computer viruses and spyware
Help please! Malwarebytes won't run. SAS and HJT Logs included...
caytidid:
I created all of them while attempting to re-download mbam, except for the last one "lmxiyi". I don't recognize that one at all and noticed it was created on a different day than the rest. My apologies for the, ummm, colorful file names. It was a frustrating day. *blushing* I can delete them now if you would like me to since they didn't work anyway.
evilfantasy:
--- Quote ---My apologies for the, ummm, colorful file names.
--- End quote ---
I'v eseen worse... ;D
--- Quote ---I can delete them now if you would like me to since they didn't work anyway.
--- End quote ---
We can do it with ComboFix since we need to run it again anyway.
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C
--- Code: ---KillAll::
File::
c:\program files\xxxx.exe
c:\program files\mw-upfucker.exe
Folder::
c:\program files\Attempt 6 SM
c:\program files\Attempt 5
c:\program files\Attempt 4
c:\program files\Attempt 3
c:\program files\please work
c:\program files\MF
c:\program files\MW-upfucker
c:\program files\lmxiyi
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
--- End code ---
3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze
----------
Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop.
Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)
* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
1) DDS.txt
2) Attach.txt
* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.
Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.
----------
Next post please add:
ComboFix log
Both DDS logs
caytidid:
Done and done! I attached the Combofix, DDS, and Attach logs rather than copy and pasting them since they are apparently too large to add to the message body. I hope that's alright. :)
[Saving space, attachment deleted by admin]
evilfantasy:
Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.
Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.
Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.
Exit out of MessengerDisable then delete the two files that were put on the desktop.
----------
Download JavaRa
* Unzip the file and open the JavaRa.exe
* Click Remove Older Versions
* JavaRa will search for and remove any outdated version of Java and remove any that are found.
* Click Additional Tasks
* Place a check next to Remove Useless JRE Files and click Go
* Exit JavaRa
* Delete the JavaRa files from the desktop
----------
Go to Add or Remove Programs and uninstall:
- Viewpoint Manager (Remove Only)
- Viewpoint Media Player
----------
We need to use ComboFix again.
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C
--- Code: ---KillAll::
DDS::
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
Folder::
C:\Program Files\Viewpoint
c:\program files\Malwarebytes' Anti-Malware Attempt 2
--- End code ---
3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze
----------
I think we deleted Malwarebytes in that last fix. If it is still installed then update it and run a scan.
Post the log it creates.
If you need to download it again be sure to update it before the scan. Malwarebytes' Anti-Malware (MBAM)
Also let me know how the computer is running now.
caytidid:
Good Morning!
I have attached the most recent combofix log as well as the mbam log. While I was running combofix, i got the following notification "PEV.cfxxe has encountered a problem and needs to close...". I left it alone because combofix seemed to be running ok. As far as I can tell, everything seems to be running normally now :) Yay! (hopefully that's not a premature celebration) Let me know if you need anything else and thanks!
- Cayti
[Saving space, attachment deleted by admin]
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version