Jump to content

villandra

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Much of this was also posted on the hijack logs board. Evidently if one has or had a virus infection one must post certain logs and they can only be posted in one location which isn't the general discussion location. I may still have an active virus infection and don't have time to spend days doing one strangely organized post at a time. I just reinstalled Malawrebytes Anti-Malware, after purchasing the $25 or $30 personal version. I've read all your instructions about install and run problems. I've tried both installers. I've tried mbam-clean. I've tried Rkill. I've tried Chameleon. I've done all my computer shut downs between each step. I've tried directly clicking on the mbamservice file that's not installing. I can't get the mbamservice to appear in the service lists in services.msc or msconfig. So the service isn't running and the program won't work. I had an infection with one of the fake antivirus viruses. Vipre found and removed two pieces of it, and identified it as Trojan.Win32.FakeAV.oq(v). I understand there are hundreds of variations of that virus. The process that ran the virus was ATA.EXE, and every time I ran any EXE it ran. It also hijacked my browsers to give me a message about IE being infected and needing to do this and that to fix it. To fix it I booted into safe mode, and manually removed as much of the virus as possible. I deleted every file that was created when the virus appeared. Then I deleted ATA.EXE, which was not previously found nor deleted, even though the search feature is set to find hidden files and folders, and system files. I searched the registry but didn't find anything more of this virus except the registry line that Vipre deleted. That would be unusual for this virus, particularly as it altered the registry to change the exe file association. In my experience, malawarebytes is better at finding registry changes, but of course I can't run it. Next I couldn't run any EXE file. I ran three fixes, including the one here http://www.dougknox.com/xp/file_assoc.htm, and Malawarebytes' exeHelper. All exe files are now working, except the one that installs MBAMservice on my computer. I also had trouble with my shortcuts, and I ran the fix for that on http://www.doughknox.com, and they are now pretty much working. I now have Malwarebytes installed, but the service won't install. It doesn't appear in services.msc nor in the services tab of msconfig when it runs at startup. I am running Windows XP Pro, service pack 3. I have a home built computer with a Gigabyte motherboard and Intel I3 processor, which came with some unique processes like daemons and a couple of oddly named things that run the system clock. I've not had trouble installing anything else. I built the computer myself, in September, and installed everything myself. I previously had the trial version of Malabytes' antimalware installed - and it wouldn't run. I bought the paid version and installed it over it, thinking maybe it wouldn't work after the trial version ran out. I have now, several times, uninstalled it using the add/remove programs, rebooted computer, ran MBAM-clean, rebooted, and installed the MBAM-setup-bunchofnumbers version of the installer, and rebooted the computer. Didn't help. The MBAM service still does not appear in services.msc or in services in msconfig. When I double click the mbamservice file in the program folder, the first time it opened an empty command window, and since then an empty command window flashes briefly and then disappears. I've tried both versions of the install file (the other is the mbam-consumer one), so I don't think it's a corrupt file. I've also tried Rkill, didn't help. I do think that's the one that told me it stopped windows/explorer.exe (which is currently running). I tried a half dozen of the chameleon fixes, but of course that didn't help - the service isn't running. I completely refreshed the definitions of Vipre and reran it, and it found nothing. I installed the free Microsoft antivirus program, and it found one piece of medium grade malware somewhere else (a game I've never run, on my USB drive) and removed it. Both programs seem to be running at the moment and impossible to completely shut off, or, rather, I didn't want to stop the services. However, the trial version of Malabyte ran with Vipre. I have shut down Vipre before my efforts to uninstall, clean up and reinstall Malabyte. The Microsoft program wasn't yet installed. I did read wehre I needed to set up the Microsoft antivirus program to exclude Malabyte, and I excluded Vipre while I was at it. I have my hijack this log and the dds.scr output in the hijack this forum.
  2. I'll be posting more detail on the main forum, but I understand this is where to post information on running processes. I had an infection with one of the fake antivirus viruses. Vipre found and removed two pieces of it, and identified it as Trojan.Win32.FakeAV.oq(v). I understand there are hundreds of variations of that virus. The process that ran the virus was ATA.EXE, and every time I ran any EXE it ran. It also hijacked my browsers to give me a message about IE being infected and needing to do this and that to fix it. To fix it I booted into safe mode, and manually removed as much of the virus as possible. I deleted every file that was created when the virus appeared. Then I deleted ATA.EXE, which was not previously found nor deleted, even though the search feature is set to find hidden files and folders, and system files. I searched the registry but didn't find anything more of this virus except the registry line that Vipre deleted. That would be unusual for this virus, particularly as it altered the registry to change the exe file association. In my experience, malawarebytes is better at finding registry changes, but of course I can't run it. Next I couldn't run any EXE file. I ran three fixes, including the one here http://www.dougknox.com/xp/file_assoc.htm, and Malawarebytes' exeHelper. All exe files are now working, except the one that installs MBAMservice on my computer. I also had trouble with my shortcuts, and I ran the fix for that on http://www.doughknox.com, and they are now pretty much working. I now have Malwarebytes installed, but the service won't install. It doesn't appear in services.msc nor in the services tab of msconfig when it runs at startup. I am running Windows XP Pro, service pack 3. I have a home built computer with a Gigabyte motherboard, which came with some unique processes like daemons and a couple of oddly named things that run the system clock. I previously had the trial version of Malabytes' antimalware installed - and it wouldn't run. I bought the paid version and installed it over it, thinking maybe it wouldn't work after the trial version ran out. I have now, several times, uninstalled it using the add/remove programs, rebooted computer, ran MBAM-clean, rebooted, and installed the MBAM-setup-bunchofnumbers version of the installer, and rebooted the computer. Didn't help. The MBAM service still does not appear in services.msc or in services in msconfig. When I double click the mbamservice file in the program folder, the first time it opened an empty command window, and since then an empty command window flashes briefly and then disappears. I've tried both versions of the install file (the other is the mbam-consumer one), so I don't think it's a corrupt file. I've also tried Rkill, didn't help. I do think that's the one that told me it stopped windows/explorer.exe (which is currently running). I tried a half dozen of the chameleon fixes, but of course that didn't help - the service isn't running. I ran dds.scr. I am attaching the smaller file. I don't have a way to zip the larger one - attach.txt (and it cannot now be found on my computer). Here are the processes I noticed that I didn't recognize. There was nothing else in it that made no sense. Aioscan, Aiosoftware, BufferChm, CP_AtenaShokunin1Config, CueTour, InstantShare, OfotoXMI, Product Context, SFR, SHASTA, staticer, speccy (not the first I've seen of speccy), Tray App, and QFolder. Tray App could conceivably be the system tray. BufferChm looks like a system process. hijackthis.logdds.txt Thanks! I also searched the registry for mbam. All references to mbam looked normal; I didn't see anything that looked to me like it should specifically block a file whose name contains mbam from running, not that I have much expertise in the Windows registry.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.