Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM not running, popups, defender disabled, gipunowe.dll error


  • Please log in to reply
9 replies to this topic

#1 Suckxlt

Suckxlt

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 26 October 2009 - 02:47 PM

Hello. First off, I noticed that MBAM will not run or even load up. Also, through Firefox I get occasional popups in new windows for spam sites. I also noticed windows defender keeps getting shut down. I ran SuperAntiSpyware and removed the recommended. I ran Spybot and did the same. I ran Combofix, it removed a bunch and restarted. After startup I get a rundll error. It states, "gipunowe.dll error module not found". I have yet to run Hijackthis. I have a dell computer and XP is O/S. Let me know what else I can run. Thanks for helping!

Nick

Edited by Suckxlt, 26 October 2009 - 03:15 PM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:05 AM

Posted 26 October 2009 - 10:42 PM

Download this file and save it to your desktop:

http://download.bleepingcomputer.com/grinler/rkill.scr

Double-click the file to run it. A command window will open briefly. Then run a quick scan with Malwarebytes. Post the Malwarebytes log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Suckxlt

Suckxlt
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 26 October 2009 - 11:06 PM

Ok good to see it still works. Here's the log:

Malwarebytes' Anti-Malware 1.41
Database version: 3037
Windows 5.1.2600 Service Pack 3

10/26/2009 10:04:56 PM
mbam-log-2009-10-26 (22-04-56).txt

Scan type: Quick Scan
Objects scanned: 96883
Time elapsed: 9 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nizeyaposi (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Thank you for looking at this.

Nick

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:05 AM

Posted 26 October 2009 - 11:11 PM

Now please run a scan with SUPERAntiSpyware in Safe Mode and post the log.

How to start Windows in Safe Mode
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Suckxlt

Suckxlt
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 26 October 2009 - 11:13 PM

I have not been able to get my computer to run in safe mode for some time now. I know how to do it, but everytime I try it gives me a blue screen and crashes. Can I run it in normal mode?

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:05 AM

Posted 26 October 2009 - 11:15 PM

Run this file and see if it fixes the Safe Mode problem:

http://download.bleepingcomputer.com/sUBs/...otKeyRepair.exe
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 Suckxlt

Suckxlt
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 27 October 2009 - 12:00 AM

Thanks for getting me back into safe mode. There were no threats detected and no log was created however.

Edited by Suckxlt, 27 October 2009 - 12:02 AM.


#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:05 AM

Posted 27 October 2009 - 12:05 AM

So how's your computer running now?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 Suckxlt

Suckxlt
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 27 October 2009 - 12:06 AM

Everything seems fine. There were no more errors on startup and mbam and defender are working. Thanks for helping me out.

Nick

#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:05 AM

Posted 27 October 2009 - 12:09 AM

If you’re clean, you should create a new Restore Point to prevent possible re-infection from an old one.

Go Start > Programs > Accessories > System Tools and click System Restore. Choose the radio button marked Create a Restore Point on the first screen then click Next. Give the Restore Point a name and then click Create. Then use Disk Cleanup to remove all but the most recently created Restore Point. Go Start > Run and type: "Cleanmgr" (without the quotes). Click Ok > More Options tab > Clean Up in the System Restore section to remove all previous restore points except the newly created one.

Also, go Start > Control Panel and double-click Add or Remove Programs. Post back and report any Java or JS2E entries that you have.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users