Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What do I do?


  • Please log in to reply
3 replies to this topic

#1 Tothboy

Tothboy

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 04 May 2009 - 08:05 PM

Alright, I'll try to explain in the greatest details that I can...


When trying to update my anti-virus/Update via Windows Update, it says that it is unable to connect to the server, and that I should check my internet connection/firewall. Along with that, I am often "greeted" with popups sometimes when I even click on the interface of my internet browser (Mozilla Firefox.) Even trying to update my antivirus through the browser does not work! I have tried using SmitfraudFix and Malewarebytes', using safe-mode and I have still had no success. What should I do to try and fix this problem?
:thumbsup:





Here's an example of Malewarebytes' not updating: http://i296.photobucket.com/albums/mm169/m...NotUpdating.jpg

Here's an example of Windows not updating: http://i296.photobucket.com/albums/mm169/m...ck6/Windows.jpg

I hope this is a little bit of help towards finding your solution for me!

Edited by Tothboy, 04 May 2009 - 08:38 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,069 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:10 PM

Posted 05 May 2009 - 08:16 AM

If you cannot update through the program's interface (preferable method), try to manually download the definition updates and just double-click on mbam-rules.exe to install. If necessary, download mbam-rules from another computer, save to a USB stick or CD, transfer the file to the infected machine and then doubl-click on it to install.Mbam-rules.exe is not updated daily. Another way to get the most current database definitions if you're having problems updating, is to install MBAM on a clean computer, launch the program, update through MBAM's interface, copy the definitions (rules.ref) to a USB stick or CD and transfer that file to the infected machine. Copy rules.ref to the location indicated for your operating system. If you cannot see the folder, then you may have to Reconfigure Windows to show it.
  • XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
  • Vista: C:\Documents and Settings\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware
Next download and scan with Dr.Web CureIt.
Follow these Instructions for scanning with Dr.WebCureIt in "safe mode".
If you cannot boot into safe mode, then perform your scan in normal mode. Please be patient as this scan could take a long time to complete.
-- Post the log in your next reply.

When done, then perform a new Quick Scan with MBAM in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Tothboy

Tothboy
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 06 May 2009 - 02:23 PM

I will have to get the Dr. Web CureIt log because when I tried to save it, my computer crashed. But here's the mbam log...


Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 6.0.6001 Service Pack 1

5/5/2009 19:03:02
mbam-log-2009-05-05 (19-02-59).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 170014
Time elapsed: 35 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.238 1.2.3.4 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a229a33e-237f-47b2-9d9d-a9c9f6cf15df}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.238 1.2.3.4 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.238 1.2.3.4 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a229a33e-237f-47b2-9d9d-a9c9f6cf15df}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.238 1.2.3.4 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.238 1.2.3.4 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{a229a33e-237f-47b2-9d9d-a9c9f6cf15df}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.91 85.255.112.238 1.2.3.4 -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,069 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:10 PM

Posted 06 May 2009 - 08:49 PM

Your Malwarebytes Anti-Malware log indicates you are using an extremely outdated database version. Please update it through the program's interface (preferable method) or manually download the definition updates and just double-click on mbam-rules.exe to install.Your database shows 1945. Last I checked it was 2083.

As I said previously, Mbam-rules.exe is not updated daily. Another way to get the most current database definitions if you're having problems updating, is to install MBAM on a clean computer, launch the program, update through MBAM's interface, copy the definitions (rules.ref) to a USB stick or CD and transfer that file to the infected machine. Copy rules.ref to the location indicated for your operating system. If you cannot see the folder, then you may have to Reconfigure Windows to show it.
  • XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
  • Vista: C:\Documents and Settings\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware
Then perform a new Quick Scan in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users