Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Detected infections


  • This topic is locked This topic is locked
9 replies to this topic

#1 infected mqan

infected mqan

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:definitely somewhere
  • Local time:04:10 PM

Posted 29 June 2011 - 01:05 PM

Hello all,
Back again!, this time having problems with one of my laptops. I'll get right to it:
Hp Pavilion dv6700 - windows vista - sp2

edit:mbam won't update
I share this laptop with the family, and haven't been able to run a scan in a few weeks. So I ran Hitmanpro and it detected all these problems with my drivers- then it failed to upload them to the cloud or something. So no action was taken on any of the detections that popped up.. I have used hitman pro multiple times and it never detects those, so my first thought was that i'm infected.

The laptop has been running unusually sluggish, and I don't know if it is related, but my internet is constantly dropping on me at random times.

edit: Mbam won't update now... error:
An error has occured. Please report this error code to our support team.
Program_error_updating(12163, 0 IsInternetConnected)

Kindest Regards,
Mitch

Edited by infected mqan, 29 June 2011 - 01:19 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 29 June 2011 - 02:45 PM

They are working on a fix... For now see post 4
http://forums.malwarebytes.org/index.php?showtopic=86352&st=0&p=437003&#entry437003

This is the free version correct?



Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.



If needed.. How to Run a Program as an Administrator in Windows 7

Edited by boopme, 29 June 2011 - 02:46 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 infected mqan

infected mqan
  • Topic Starter

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:definitely somewhere
  • Local time:04:10 PM

Posted 29 June 2011 - 03:44 PM

This is the free version correct?

Yes

On completion of the scan click "Save log", save it to your desktop and post in your next reply:

I was scanning.... I looked away for one minute, when I look back the computer is restarting....?
I think it detected stuff, i'm not certain how to read this program though. Should I start the scan again???
edit: I tried again... and the computer restarted again. I don't know if it finished or what..


Regards,
Mitch

Edited by infected mqan, 29 June 2011 - 04:49 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 29 June 2011 - 07:46 PM

Try once more from safe mode

Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


To check your system for System File errors run SFC.
Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 infected mqan

infected mqan
  • Topic Starter

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:definitely somewhere
  • Local time:04:10 PM

Posted 29 June 2011 - 07:55 PM

Try once more from safe mode

I will try right now in safe mode.

To check your system for System File errors run SFC.
Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'

I will do this after I attempt the scan in safe mode. Do I need the OS cd to do this?, because I don't have it.


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.

I don't have my OS cd. Is there another way?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 29 June 2011 - 08:05 PM

you may not need it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 infected mqan

infected mqan
  • Topic Starter

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:definitely somewhere
  • Local time:04:10 PM

Posted 30 June 2011 - 10:37 AM

On completion of the scan click "Save log", save it to your desktop and post in your next reply:

aswMBR version 0.9.7.675 Copyright© 2011 AVAST Software
Run date: 2011-06-29 20:01:11
-----------------------------
20:01:11.048 OS Version: Windows x64 6.0.6002 Service Pack 2
20:01:11.048 Number of processors: 2 586 0xF0D
20:01:11.048 ComputerName: MITCH-PC UserName: Mitch
20:01:11.797 Initialize success
20:01:20.299 AVAST engine defs: 11062900
20:01:34.620 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:01:34.620 Disk 0 Vendor: TOSHIBA_ LV01 Size: 238475MB BusType: 3
20:01:34.667 Disk 0 MBR read successfully
20:01:34.667 Disk 0 MBR scan
20:01:34.667 Disk 0 unknown MBR code
20:01:34.667 Service scanning
20:01:38.192 Disk 0 trace - called modules:
20:01:38.223 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys iaStor.sys hal.dll
20:01:38.223 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d4f790]
20:01:38.223 3 CLASSPNP.SYS[fffffa6000fccc33] -> nt!IofCallDriver -> [0xfffffa8004b73e40]
20:01:38.223 5 acpi.sys[fffffa60008c4fde] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004b72050]
20:01:43.699 AVAST engine scan C:\Windows
00:42:16.411 AVAST engine scan C:\Users\Mitch
01:06:12.313 AVAST engine scan C:\ProgramData
01:18:04.157 Scan finished successfully
01:55:56.094 Disk 0 MBR has been saved successfully to "C:\Users\Mitch\MBR.dat"
01:55:56.125 The log file has been saved successfully to "C:\Users\Mitch\aswMBR.txt"

To check your system for System File errors run SFC.
Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'

Done.
"Verifcation 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
C:\Windows\Logs\CBS\CBS.log"
I tried to open the log but it says "Access is Denied"

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 01 July 2011 - 08:07 PM

Click Start > type cmd in the searchbox

Right-click cmd in the results above > click Run as administrator
At the prompt type notepad c:\windows\logs\cbs\cbs.log then press enter
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 01 July 2011 - 09:15 PM

Per your PM.

We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 01 July 2011 - 10:01 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users