Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


System Lockups

  • This topic is locked This topic is locked
2 replies to this topic

#1 L_user


  • Members
  • 7 posts
  • Local time:11:56 AM

Posted 27 December 2009 - 03:57 PM

I have an increasing problem.

I somehow got a Malware Defender pop up saying my computer was infected and I needed to buy this product. Internet query advised this to be a hoax.

Along with this popup were many desktop icons for porntube. I never heard of prontube and never clicked on any of the icons.

I found on bc that malwarebytes should get rid of this and downloaded a free version which wouldn't run.

I then put a virus and malware software on this computer.

The PC tools removed all of the porntube stuff and the popups went away.

The next thing was that I got a window to report to MS that I had a google update error. The report from MS said that I had a problem with UACD.sys and I should run a malware program, which I had already done. and done and done.

Other net entries said I should go to a reg location and remove UACD.sys but the entry wasn't there.

I continue to get the google update error and at times the system locks up. There is also a startup entry in msconfig for mdefense that I can't seem to find.

attached are the logfiles. Thanks for any help

:( :(



While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take several days, up to two weeks perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

Thank you for understanding.

Orange Blossom ~ forum moderator

Attached Files

Edited by garmanma, 29 December 2009 - 08:11 PM.

BC AdBot (Login to Remove)


#2 L_user

  • Topic Starter

  • Members
  • 7 posts
  • Local time:11:56 AM

Posted 01 January 2010 - 03:42 PM

Happy New Year,

I appreciate your position and difficulty in getting to everyone. As an FYI I would like to post how I fixed the problem.

This bug which was balled up with some files that were in system32 and started with extensions H8SRT...

Actually caused Malwarebytes MBAm.exe and Combofix.exe not to run.

I changed the name of the MBAm.exe and ran a scan and it got 22 other infections that PCtools did not find.

I then changed the name of Combofix.exe to bronco.exe (ha!) and it found the extensions above and two others Kr132mainweq.dd and srcr.dat

Problem went away and I was able to reload Google Earth and Chrome.

Thanks again for the fourm and the work you guys do I learn a lot from this site and I hope the information I shared was useful.

#3 Elise


    Bleepin' Blonde

  • Malware Study Hall Admin
  • 61,316 posts
  • Gender:Female
  • Location:Romania
  • Local time:10:56 PM

Posted 06 January 2010 - 04:13 PM

Since this issue seems to be resolved, this topic will be closed.

regards, Elise

"Now faith is the substance of things hoped for, the evidence of things not seen."


Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome


Malware analyst @ Emsisoft

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users