Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rundll problems and other errors


  • This topic is locked This topic is locked
2 replies to this topic

#1 Xael

Xael

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 03 September 2009 - 10:42 PM

So my parents' computer was having huge amounts of problem and i ran a virus scanner (several times) to try and remove everything. But the computer still seems to have some problems. Also im having problem with the RootRepeal i tried using it 5 times but it keeps on having an error.

problem 1.
Rundll error loading G:\WINDOWS\System32\vwpbipra.dll
Rundll error loading tapi.info
Both of these errors occur when I load up the computer.

problem2.
A little less major but the computer takes several minutes to start up.

problem 3.
I do not understand why (and my be something wrong with the computer itself not caused by malware) but after the computer is on for about 15 minutes the internet just stops working. The little network icon shows that it's still connected and other computers still access the internet but this one doesnt.

So in general im just trying to figure out how to solve these problems and see if i was able to remove all the problems. The main virus scanner I use is SuperAntiSpyware and the computer is Windows XP.

DDS log:


DDS (Ver_09-07-30.01) - NTFSx86
Run by Michael at 20:50:56.35 on Thu 09/03/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1365 [GMT -5:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

G:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
G:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Winamp\winampa.exe
G:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
G:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
G:\WINDOWS\RTHDCPL.EXE
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
G:\Program Files\Java\jre6\bin\jusched.exe
G:\Program Files\Winamp Remote\bin\OrbTray.exe
D:\DAEMON Tools Pro\DTProAgent.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\Program Files\Winamp Remote\bin\Orb.exe
G:\Program Files\Logitech\SetPoint\SetPoint.exe
G:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
G:\Program Files\Symantec AntiVirus\DefWatch.exe
G:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
G:\Program Files\Java\jre6\bin\jqs.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
G:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Opera\opera.exe
G:\Program Files\Symantec AntiVirus\Rtvscan.exe
G:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
G:\Program Files\Viewpoint\Common\ViewpointService.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\Documents and Settings\Michael\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://isohunt.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\yahoo!\companion\installs\cpn\yt.dll
mWinlogon: Shell=Explorer.exe rundll32.exe tapi.nfo beforeglav
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - g:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - g:\program files\askbardis\bar\bin\askBar.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - g:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - g:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - g:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - g:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - g:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - g:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - g:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - g:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\yahoo!\companion\installs\cpn\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - g:\program files\askbardis\bar\bin\askBar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - g:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - g:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MsnMsgr] "g:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [Orb] "g:\program files\winamp remote\bin\OrbTray.exe" /background
uRun: [DAEMON Tools Pro Agent] "d:\daemon tools pro\DTProAgent.exe"
uRun: [ctfmon.exe] g:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] g:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "g:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [80AA308DD7246D35F4BFC0DF9C7B6C34] g:\program files\a360\av360.exe
mRun: [NvCplDaemon] RUNDLL32.EXE g:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [ccApp] "g:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] g:\progra~1\symant~1\VPTray.exe
mRun: [NeroFilterCheck] g:\windows\system32\NeroCheck.exe
mRun: [WinampAgent] c:\winamp\winampa.exe
mRun: [amd_dc_opt] g:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [LogitechCommunicationsManager] "g:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LVCOMSX] "g:\program files\common files\logishrd\lcommgr\LVComSX.exe"
mRun: [Adobe Reader Speed Launcher] "g:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE g:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [ArcSoft Connection Service] g:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [d6004ef3] rundll32.exe "g:\windows\system32\vwpbipra.dll",b
mRun: [SunJavaUpdateSched] "g:\program files\java\jre6\bin\jusched.exe"
mRun: [systme] c:\windows\system32\8D.exe
mRun: [JavaCpl] g:\program files\java\jre1.6.2\java.exe
StartupFolder: g:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - g:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: g:\docume~1\alluse~1\startm~1\programs\startup\photof~1.lnk - d:\camera pics\PhAutoRun.exe
IE: &Clean Traces - g:\program files\dap\privacy package\dapcleanerie.htm
IE: E&xport to Microsoft Excel - c:\micros~1\office11\EXCEL.EXE/3000
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - g:\program files\paltalk messenger\Paltalk.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - g:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\micros~1\office11\REFIEBAR.DLL
DPF: DirectAnimation Java Classes - file://g:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://g:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197765635765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197765630625
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: !SASWinLogon - g:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - g:\program files\common files\logitech\bluetooth\LBTWlgn.dll
Notify: NavLogon - g:\windows\system32\NavLogon.dll
Notify: wvUkIXnn - wvUkIXnn.dll
AppInit_DLLs: bvdauy.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - g:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - g:\program files\superantispyware\SASSEH.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

================= FIREFOX ===================

FF - ProfilePath - g:\docume~1\michael\applic~1\mozilla\firefox\profiles\mlypzrx1.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10591&gct=&gc=1&q=
FF - plugin: c:\divx\divx content uploader\npUpload.dll
FF - plugin: c:\divx\divx player\npDivxPlayerPlugin.dll
FF - plugin: c:\divx\divx web player\npdivx32.dll
FF - plugin: c:\opera\program\plugins\npdsplay.dll
FF - plugin: c:\opera\program\plugins\NPSWF32.dll
FF - plugin: c:\opera\program\plugins\NPSWF32_back.dll
FF - plugin: c:\opera\program\plugins\npwmsdrm.dll
FF - plugin: g:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: g:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: g:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;g:\program files\superantispyware\SASDIFSV.SYS [2008-9-3 9968]
R1 SASKUTIL;SASKUTIL;g:\program files\superantispyware\SASKUTIL.SYS [2008-9-3 55024]
R1 SAVRT;SAVRT;g:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]
R1 SAVRTPEL;SAVRTPEL;g:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]
R2 ccEvtMgr;Symantec Event Manager;g:\program files\common files\symantec shared\ccEvtMgr.exe [2005-4-8 185968]
R2 ccSetMgr;Symantec Settings Manager;g:\program files\common files\symantec shared\ccSetMgr.exe [2005-4-8 161392]
R2 Nups;Nups;g:\windows\system32\drivers\nups.sys [2009-8-10 20096]
R2 SeaPort;SeaPort;g:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R2 Symantec AntiVirus;Symantec AntiVirus;g:\program files\symantec antivirus\Rtvscan.exe [2005-4-17 1706176]
R2 Viewpoint Manager Service;Viewpoint Manager Service;g:\program files\viewpoint\common\ViewpointService.exe [2007-12-15 24652]
R3 NAVENG;NAVENG;g:\progra~1\common~1\symant~1\virusd~1\20090807.007\naveng.sys [2009-8-7 87888]
R3 NAVEX15;NAVEX15;g:\progra~1\common~1\symant~1\virusd~1\20090807.007\navex15.sys [2009-8-7 875728]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;g:\windows\system32\drivers\nvhda32.sys [2008-11-18 39456]
R3 P0630VID;Creative WebCam Live!;g:\windows\system32\drivers\P0630Vid.sys [2008-1-8 67968]
R3 SASENUM;SASENUM;g:\program files\superantispyware\SASENUM.SYS [2008-9-3 7408]
R3 TNET1130;802.11 WLAN;g:\windows\system32\drivers\TNET1130.sys [2005-9-4 386688]
S2 Darkness;Darkness;g:\windows\system\svchost.exe --> g:\windows\system\svchost.exe [?]
S2 ntndis;ntndis;\??\c:\windows\system32\drivers\ntndis.sys --> c:\windows\system32\drivers\ntndis.sys [?]
S3 ccPwdSvc;Symantec Password Validation;g:\program files\common files\symantec shared\ccPwdSvc.exe [2005-4-8 83568]
S3 NetWlan5;Symbol Based 802.11b Wireless LAN Card Driver;g:\windows\system32\drivers\NetWlan5.sys [2008-1-16 132695]
S3 SavRoam;SAVRoam;g:\program files\symantec antivirus\SavRoam.exe [2005-4-17 124608]

=============== Created Last 30 ================

2009-08-10 14:02 20,096 a--sh--- g:\windows\system32\drivers\nups.sys
2009-08-05 21:26 43,520 a------- g:\windows\system32\CmdLineExt03.dll
2009-08-05 18:12 <DIR> --d----- g:\documents and settings\michael\.maptool
2009-08-05 18:12 <DIR> --d----- g:\documents and settings\michael\.chartool
2009-08-05 18:12 <DIR> --d----- g:\documents and settings\michael\.inittool
2009-08-05 18:10 <DIR> --d----- g:\documents and settings\michael\.tokentool

==================== Find3M ====================

2009-09-02 07:14 3 a------- g:\program files\common files\time.cv
2009-02-22 01:19 4,137 a--sh--- g:\windows\system32\UFNUutwa.ini2
2009-02-27 00:42 16,384 a--sh--- g:\windows\temp\cookies\index.dat
2009-02-27 00:42 16,384 a--sh--- g:\windows\temp\history\history.ie5\index.dat
2009-02-27 00:42 32,768 a--sh--- g:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 20:51:32.68 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:46 PM

Posted 17 September 2009 - 01:31 PM

Hello Xael,

I see you running Symantec AntiVirus Corporate Edition. :(
Is this a work, company or corporate computer?


Also im having problem with the RootRepeal i tried using it 5 times but it keeps on having an error.



Download and run RootRepeal

Please download RootRepeal from the following location and save it to your desktop.
  • Unzip the RootRepeal.zip file it to it's own folder. (If you did not use the "Direct Download" mirror to download RootRepeal).
  • Close/Disable all other programs especially your security programs (anti-spyware, anti-virus, and firewall) Refer to this page, if you are unsure how.
  • Physically disconnect your machine from the internet as your system will be unprotected.
  • Double-click on RootRepeal.exe to run it. If you are using Vista, please right-click and run as Administrator...
  • Click the Posted Image tab at the bottom.
  • Now press the Posted Image button.
  • A box will pop up, check the box beside Drivers
    Posted Image
  • Now click OK.
  • Another box will open, check the boxes beside all the drives, eg : C:\, then click OK.
  • The scan will take a little while to run, so let it go unhindered.
  • Once it is done, click the Save Report button. Posted Image
  • Save it as RepealScan and save it to your desktop
  • Reconnect to the internet.
  • Post the contents of that log in your reply please.
Post those logs back in your next reply.

**********************

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Please download Java Version 6 Update 16
  • Click the "Free Java Download" button.
  • Click "Free Java Download" again
  • Save the file jxpiinstall.exe to your desktop
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    Examples of older versions in Add or Remove Programs:
    Java™ 6 Update 14
    Java™ 6 Update 2
    Java™ 6 Update 3
    Java™ 6 Update 5
    Java™ 6 Update 7

  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jxpiinstall.exe to install the newest version.
**********************


Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.

**********************

Note: If you already have Malwarebytes' Anti-Malware, then update, run it, then do a "Perform Full Scan"

Please download Malwarebytes' Anti-Malware from one of these places:
http://download.cnet.com/Malwarebytes-Anti...&tag=button
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Edited by SifuMike, 17 September 2009 - 01:42 PM.
typo

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:46 PM

Posted 26 September 2009 - 02:22 PM

Due to inactivity, this thread will now be closed.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users