-
-
HI
Please download Malwarebytes from Here or Here
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected .
- When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
- Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
-
malwarebyte is already on the computer. I tried to update but I have an error message: PROGRAM_ERROR_UPDATING (12029,0,WinHttpSendRequest)
I am performing a quick scan, even if I can't update...
-
malwarebyte log (remember, I can't update...)
and in attachment a picture discribing the red shield (windows security alert) in the sytem tray
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6507
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
5/10/2011 9:09:43 PM
mbam-log-2011-05-10 (21-09-43).txt
Scan type: Quick scan
Objects scanned: 161182
Time elapsed: 12 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
Here is a log of malware byte in march (when I suspected the computer to be infected) the bad files are still in the quarantine of malware byte
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6273
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
3/9/2011 7:03:32 PM
mbam-log-2011-03-09 (19-03-32).txt
Scan type: Full scan (C:\|)
Objects scanned: 246594
Time elapsed: 2 hour(s), 13 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Owner\Local Settings\Application Data\xab.exe" -a "firefox.exe -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: ("%1" %*) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\Owner\local settings\Temp\0.15814519441371833.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Owner\local settings\Temp\0.7980388780355354.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
-
I finaly succed in updating malwarebyt after disabling the antivirus (McAfee)
here is the log after the update
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6551
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
5/10/2011 9:45:09 PM
mbam-log-2011-05-10 (21-45-09).txt
Scan type: Quick scan
Objects scanned: 161877
Time elapsed: 7 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules