Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirects AVG won't run


  • Please log in to reply
3 replies to this topic

#1 rambrush

rambrush

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 12 September 2009 - 09:49 AM

Upon trying to run DDS the screen comes up blank then goes away with no report, Tried root repeal it was running and went away, now when I click on the icon it tells me I don't have authority to run it. deleted both and reloaded from memory stick no go. So far I am running into dead ends with the things I have tried. I have gone and disabled scripts but still no luck. This is on a laptop running windows Vista Home edition
here is a log I was able to run
Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...



Found mount point : C:\Windows\AppPatch\Custom\Custom

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\AppPatch\Custom\Custom

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP251D.tmp\ZAP251D.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP251D.tmp\ZAP251D.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2633.tmp\ZAP2633.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2633.tmp\ZAP2633.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3725.tmp\ZAP3725.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3725.tmp\ZAP3725.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp\ZAP81A.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp\ZAP81A.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp\ZAPE752.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp\ZAPE752.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp\ZAPEEF0.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp\ZAPEEF0.tmp

Found mount point : C:\Windows\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\temp\temp

Found mount point : C:\Windows\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\tmp\tmp

Cannot access: C:\Windows\bthservsdp.dat

Attempting to restore permissions of : C:\Windows\bthservsdp.dat

[1] 2009-09-12 08:46:51 12 C:\Windows\bthservsdp.dat ()

Edited by rambrush, 12 September 2009 - 11:15 AM.
Moved from HJT to a more appropriate forum. Tw


BC AdBot (Login to Remove)

 


#2 rambrush

rambrush
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 12 September 2009 - 12:02 PM

Here is the MBR log still unable to run rootrepeal and malware and superantivirus tired in safemode as well


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

Edited by rambrush, 12 September 2009 - 12:07 PM.


#3 rambrush

rambrush
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 12 September 2009 - 12:36 PM

Just tried Dr Web started running then closed and won't run again. Running out of Ideas now
To Recap
I have attempted
Dr Web
Win32 Diagnostics
Superantivirus
Malwareby
MBR
DDS

Edited by rambrush, 12 September 2009 - 12:40 PM.


#4 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:09:38 AM

Posted 12 September 2009 - 02:00 PM

I do not know who move you from the HJT forum
If you cannot run a DDS scan, a Win32diabg scan is acceptable
Please repost in the HJT forum:
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/
Give a brief description of what is happening
Once post, do not continue to post to it. That will only push you back further in the rotation
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users