Jump to content


Photo
- - - - -

Infected, Malwarebytes and mbam-clean.exe not run


  • This topic is locked This topic is locked
10 replies to this topic

#1 andrewb2

andrewb2

    New Member

  • Members
  • Pip
  • 5 posts

Posted 03 November 2011 - 07:24 AM

Hi,

I appear to be infected with Malware. My computer is running very slow or not at all in IExplorer. Mozilla works fine for internet access. Malwarebytes Anti-Malware does not run. I can download Malwarebytes Anti-Malware per the various notes on this site, but once downloaded (seems to be supported) and run the program, it appears to be set-up, but once I try to scan, it activates for 3-4 seconds then exits. It will not execute (start the program) and it is like the exe file no longer exists. Message is Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item. I downloaded m-bam-clean.exe and then downloaded Malwarebytes Anti-Malware and no change in above position. It does not run and same message appears. I downloaded DDS and have saved the DDS.txt and Attach.Txt and attached to this note. Please help and I thank you in advance.

Attached Files



#2 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 06 November 2011 - 08:42 PM

Hi and welcome to Malwarebytes.


Don't attach any logs unless otherwise specified.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).
The log is like UtilityName.Version_Date_Time_log.txt.
for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.


Please update MBAM, run a Quick Scan, and post its log.


Next, please visit this webpage for instructions for running ComboFix:
http://www.bleepingc...to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.


-screen317
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 andrewb2

andrewb2

    New Member

  • Members
  • Pip
  • 5 posts

Posted 08 November 2011 - 09:42 AM

Hi and thanks for your response.

I downloaded tdsskiller.zip, scanned and the log attached. It did not appear to finish. I completed it three times. Only when I reviewed the log did I realise it was completed 3 times. Each log is attached.

Updated MBAM, but not able to log - similar problem to 1st post. No log attached.

Ran ComboFix: Log Combofix.txt attached.

Cannot access IExplorer or execute DDS file.

I now cannot run anything on the system. The message as follows appears:- "Illegal operation attempted on a registry key that is marked for deletion"

Please review and advise what to do.

Thanks

andrew

Attached Files



#4 andrewb2

andrewb2

    New Member

  • Members
  • Pip
  • 5 posts

Posted 08 November 2011 - 10:01 AM

Hi,

I rebooted the computer and appears I am working again. Remaining files are attached as requested. Please review and advised.

Thanks

Andrew

Attached Files



#5 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 12 November 2011 - 08:54 PM

Hi,

Do not attach anything unless otherwise indicated-- use multiple posts if necessary.


Please grab fresh copies of TDSSKiller and ComboFix, run them, and post their logs.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#6 andrewb2

andrewb2

    New Member

  • Members
  • Pip
  • 5 posts

Posted 13 November 2011 - 03:50 AM

Hi,

I sourced fresh copies of TDSSKiller and ComboFix, run them, and posted their logs.


I look forward to further advice. It appears we may be Attached File  TDSSKiller.2.6.18.0_13.11.2011_19.42.04_log.txt   142.55KB   8 downloadsAttached File  ComboFix.txt   13.04KB   15 downloadsok.

Thanks

Andrew

#7 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 17 November 2011 - 05:26 PM

Hi,

I suggest uninstalling StopZilla. It is a borderline rogue antispyware program.


How are things running now?
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#8 andrewb2

andrewb2

    New Member

  • Members
  • Pip
  • 5 posts

Posted 20 November 2011 - 05:19 AM

Hi Screen317,

All appears to be running okay. I thank you for your assistance.

Regards

Andrew

#9 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 24 November 2011 - 01:13 AM

Hi,

Next, please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Next, download my Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#10 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 06 December 2011 - 02:34 PM

Are you still with us? This topic will be closed in a few days if we do not hear back from you.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#11 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 19 December 2011 - 05:54 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users