Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't scan in anything (MBAM, Avast!, Roguekiller, etc.)


  • Please log in to reply
5 replies to this topic

#1 necro2003

necro2003

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 27 July 2015 - 04:47 PM

I've been dealing with this problem for a while, at first with only a couple of things but now it's gotten to the point where I cannot scan my computer in almost anything at all. Everything either stops responding and crashes itself or my whole computer, or stays at a single point and never goes beyond. This has been happening for well over a year  and a half now and no matter what I've tried, nothing seems to work. Before when a few scanning things did work, it never showed anything suspicious, but that's kind of hard to believe...

Am I infected with something? :(



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:01 AM

Posted 28 July 2015 - 08:11 AM

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

After running CCleaner...post the three lists mentioned below using CCleaner:

 

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.

 

If you are unable to download CCleaner then try using RKill. Once you have successfully run RKill DO NOT reboot. Try to run a scan using MBAM after updating it.

 

RKill Download Link Download Now iExplore.exe

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 necro2003

necro2003
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 28 July 2015 - 03:49 PM

Hi! CCleaner was able to work, thankfully. Here are the logs.

 

Windows Startup:

 

Yes HKCU:Run AdobeBridge
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\Cash America\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
No HKCU:Run Messenger (Yahoo!) "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
No HKCU:Run Spotify Web Helper "C:\Users\Cash America\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
Yes HKCU:RunOnce Report C:\AdwCleaner\AdwCleaner[S7].txt
No HKLM:Run Adobe Creative Cloud "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
Yes HKLM:Run AdobeAAMUpdater-1.0 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
No HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
No HKLM:Run LogitechQuickCamRibbon "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
Yes HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
No HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
No HKLM:Run SoftEther VPN Client UI Helper SoftEther VPN Project at University of Tsukuba, Japan. "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
No HKLM:Run SunJavaUpdateSched Sun Microsystems, Inc. "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
No Startup Common SoftEther VPN Client Manager Startup.lnk SoftEther VPN Project at University of Tsukuba, Japan. C:\PROGRA~1\SOFTET~1\VPNCMG~1.EXE /startup
Yes Startup User Dropbox.lnk Dropbox, Inc. C:\Users\Cash America\AppData\Roaming\Dropbox\bin\Dropbox.exe
 
Scheduled Tasks:
 
(none)
 
Programs Installed:
 
7-Zip 9.22 (x64 edition) Igor Pavlov 8/16/2014 4.75 MB 9.22.00.0
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 7/14/2015 17.1 MB 18.0.0.209
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 7/15/2015 17.6 MB 18.0.0.209
Adobe Photoshop CS6 © The Computer Guy Tony 2/2/2014 516 MB 13.0.0.0
Adobe Shockwave Player 11.6 Adobe Systems, Inc. 1/6/2012 11.6.3.633
Apple Application Support (64-bit) Apple Inc. 3/2/2015 107 MB 3.1.2
Apple Mobile Device Support Apple Inc. 3/2/2015 27.9 MB 8.1.1.3
Avast Free Antivirus AVAST Software 7/27/2015 10.3.2223
Bonjour Apple Inc. 7/28/2014 2.00 MB 3.0.0.10
CCleaner Piriform 7/28/2015 5.08
Combined Community Codec Pack 2011-11-11 CCCP Project 1/6/2012 34.7 MB 2011.11.11.0
Dropbox Dropbox, Inc. 7/22/2015 3.6.9
GIMP 2.8.10 The GIMP Team 6/24/2014 267 MB 2.8.10
Google Chrome Google Inc. 12/25/2013 44.0.2403.107
Intel® Rapid Storage Technology Intel Corporation 7/28/2015 10.5.0.1029
IrfanView (remove only) Irfan Skiljan 2/3/2015 2.00 MB 4.38
iTunes Apple Inc. 3/2/2015 234 MB 12.1.1.4
Java™ 6 Update 43 Oracle 1/17/2014 97.9 MB 6.0.430
Logitech Unifying Software 2.10 Logitech 1/24/2014 4.59 MB 2.10.37
Logitech Webcam Software Driver Package Logitech Inc. 1/4/2015 12.10.1110
Microsoft .NET Framework 4.5 Microsoft Corporation 6/20/2014 38.8 MB 4.5.50709
Microsoft AppLocale MS 1/5/2014 3.61 MB 1.0.0
Microsoft Office Enterprise 2007 Microsoft Corporation 1/6/2012 12.0.6425.1000
Microsoft Silverlight Microsoft Corporation 3/2/2015 149 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 6/20/2015 1.72 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 3/14/2015 298 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 3/14/2015 570 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 3/14/2015 788 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 3/14/2015 590 KB 9.0.30729.4148
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 3/14/2015 12.4 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 3/14/2015 9.98 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 6/21/2014 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 6/21/2014 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 3/14/2015 17.1 MB 12.0.21005.1
Microsoft Windows Application Compatibility Database 1/5/2014
Microsoft WSE 3.0 Runtime Microsoft Corp. 6/29/2014 942 KB 3.0.5305.0
Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 6/21/2014 7.55 MB 3.1.10527.0
Mozilla Firefox 39.0 (x86 en-US) Mozilla 7/20/2015 84.5 MB 39.0
OpenSSL 0.9.8l Light (32-bit) OpenSSL Win32 Installer Team 6/21/2014 2.67 MB
Oracle VM VirtualBox 5.0.0 Oracle Corporation 7/18/2015 161 MB 5.0.0
osu! ppy Pty Ltd 10/25/2014 123 MB latest
osu! 3/3/2014
puush Dean Herbert 2/9/2015 537 KB 1.0.0.0
QuickTime 7 Apple Inc. 3/14/2015 70.2 MB 7.76.80.95
RGSS-RTP Standard Enterbrain 2/21/2014 1.04
RPG Maker 2000 -  Toilet in Wonderland Ver.2.2e 2/22/2014
RPG Maker 2003 v1.08 Enterbrain, Inc. 1/2/2014
RPGƒcƒN[ƒ‹2000 ƒ‰ƒ“ƒ^ƒCƒ€ƒpƒbƒP[ƒW 1/5/2014
sdrt(5.0, 64bit) Paltiosoft Inc. 1/3/2014 4.07 MB 5.0.3.0
Skype Click to Call Microsoft Corporation 6/16/2015 9.94 MB 7.4.0.9058
Skype™ 6.20 Skype Technologies S.A. 10/12/2014 26.6 MB 6.20.104
SoftEther VPN Client SoftEther VPN Project 2/2/2015 4.14.9529
Sony ATRAC3 Audio Codec (remove only) 1/2/2014
System Requirements Lab CYRI Husdawg, LLC 6/20/2014 618 KB 6.0.12.5
VLC media player VideoLAN 8/16/2014 2.1.5
Wacom Tablet Wacom Technology Corp. 7/11/2015 6.3.11w3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 7/11/2015 2.1.0.7
Windows Live Essentials Microsoft Corporation 2/15/2014 16.4.3508.0205
WorldsPlayer Worlds.com 7/2/2015 143 MB 1.19.20.01
Yume Nikki 0.10 English 1/2/2014
 


#4 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:01 AM

Posted 28 July 2015 - 04:30 PM

Is Avast updating its files/ active?

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

The only suggestion I see to make would be to uninstall Java™ 6 Update 43 Oracle 1/17/2014 97.9 MB 6.0.430 from those lists.

 

I see MBAM is no longer installed. Go ahead and run RKIll and then attempt to install and run a scan using MBAM using the directions below.

 

Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 necro2003

necro2003
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 30 July 2015 - 01:34 PM

Sorry for the late response! My computer has been slow and it takes multiple resets over about 1-2 hours for it to start up right for once. I'm using safe mode right now as I've been unable to today...

Anyway, MBAM ran for a bit and got to the second to last step as it used to do, but crashed as it used to do/still does. I was able to get checkup.txt, though. Here's the contents:

 

 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 18.0.0.209  
 Mozilla Firefox (39.0) 
 Google Chrome (43.0.2357.134) 
 Google Chrome (44.0.2403.107) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#6 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:01 AM

Posted 30 July 2015 - 02:49 PM

You can get an expert opinion and help for removing malware by following the directions below. Once you have posted the new topic

DO NOT bump it....wait for a response which could be several days.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users