Author Topic: [Resolved K] Malwarebytes will not open, Avast firewall will not run,  (Read 6236 times)

0 Members and 1 Guest are viewing this topic.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #15 on: January 10, 2012, 12:34:20 pm »
We need to run RogueKiller one more time, make sure to choose option 2 this time:

Quit all running programs and run RogueKiller once again.

  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 2 and validate by tapping Enter
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next Reply.

Kevin

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #16 on: January 10, 2012, 05:45:37 pm »
Roguekiller log

RogueKiller V6.2.3 [01/09/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: ibn [Admin rights]
Mode: Remove -- Date : 01/10/2012 18:32:08

Bad processes: 0

Registry Entries: 7
[SUSP PATH] {5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}.job : C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

Particular Files / Folders:

Driver: [NOT LOADED]

Infection : 

HOSTS File:
127.0.0.1       localhost
::1             localhost

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #17 on: January 10, 2012, 05:50:30 pm »
How is your system responding now, any improvement?

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #18 on: January 10, 2012, 06:02:28 pm »
System is running a bit faster compared to two days ago. Will not about the internet problem I mentioned for probably a day or so. I won't be online tonight. 

Other than that, it's running great.

Were any of the infections we found lethal or just adware?

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #19 on: January 10, 2012, 06:14:17 pm »
What about your Avast Firewall, is that running? one last scan, after that if you have no issues we`ll clean up. I`d recommend that you change all passwords on your system, to include email accounts also...

Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Thanks,

Kevin
« Last Edit: January 10, 2012, 06:18:23 pm by kevinf80 »

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #20 on: January 10, 2012, 07:42:43 pm »
Security Check log

Results of screen317's Security Check version 0.99.30 
 Windows 7  x64 (UAC is enabled) 
 Internet Explorer 9 
``````````````````````````````
Antivirus/Firewall Check:

 Windows Firewall Enabled! 
 avast! Free Antivirus   
 ESET Online Scanner v3   
 WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

 Java(TM) 6 Update 26 
 Java(TM) 6 Update 22 
 Java version out of date!
 Adobe Flash Player    11.1.102.55 
 Adobe Reader X (10.1.1)
 Mozilla Firefox (9.0.1)
````````````````````````````````
Process Check: 
objlist.exe by Laurent

 Malwarebytes' Anti-Malware mbamservice.exe 
 Malwarebytes' Anti-Malware mbamgui.exe 
 Alwil Software Avast5 AvastSvc.exe 
 Alwil Software Avast5 AvastUI.exe 
``````````End of Log````````````


Avast Firewall now reads "Firewall not available" when clicked.  Maybe not available in the FREE version?

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #21 on: January 10, 2012, 09:13:03 pm »
Ok. Strangest thing just happened. New icons on my desktop. My user file (ibn), computer and recycle bin shortcut, just appeared. I don't know what I could have done for that to happen.

See attached screen shot.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #22 on: January 11, 2012, 01:47:58 am »
You do not get a Firewall with Avast free version, make sure your Windows Firewall is active.  Regarding the extra icons that have appeared on the Desktop, put cursor on each in turn, press and hold the left mouse button, drag to the Recycle Bin, release the button.
Give update on any other issues/concerns...

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #23 on: January 11, 2012, 04:21:40 pm »
Seems to be running fine. I have been on the system for about hours without any strange occurrences.
A good sign.


Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #24 on: January 11, 2012, 04:40:23 pm »
OK, clean up as follows :-

Step 1

  • Re-open to run it. (Vista and Win 7 users, right click on OTL and "Run as administrator")
  • Click on the button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes

If any of the following remain on your Desktop either delete or drag to the recycle bin:

RogueKiller
RKQuarantine
RKreport.txt
aswMBR
MBR.dat
MBR.zip
SystemLook + logs
Security Check + logs


Step 2

Remove ESET online scanner:

  • Click Start, type Uninstall a Program into the Search programs and files box, and then press ENTER.
  • Click to select ESET Online Scanner from the listing of installed products, and then click Uninstall/Change from the bar that displays the available tasks. Uninstall ESETonline Scanner, only re-boot if prompted.
Whilst in "Uninstall a Program" also remove Java 6 update 22

Step 3

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version.
For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system.
The most current version of Sun Java is: Java Runtime Environment Version 6 Update 30.

  • Go to Sun Java
  • Select Windows 7/XP/Vista/2000/2003/2008 If using 64 bit OS Select Information about the 64-bit Java plug-in and follow prompts
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
  • Reboot your computer

Step 4

Create a new restore point:

   1. Right-click on Computer and go to Properties.
   2. Next click on the System Protection link.
   3. The System Properties dialog screen opens up and you will want to click on Create.
   4. Type in a description for the restore point which will help you remember the point at which is was created. Click on create.
   5. You should see the message "The restore point was  created successfully

To remove all but the most recent restore point do the following:

   1.      Open Disk Cleanup by clicking the Start button . In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
   2.      If prompted, select the drive that you want to clean up, and then click OK.
   3.      In the Disk Cleanup for (drive letter) dialog box, click Clean up system files. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
   4.      If prompted, select the drive that you want to clean up, and then click OK.
   5.      Click the More Options tab, under System Restore and Shadow Copies, click Clean up.
   6.      In the Disk Cleanup dialog box, click Delete.
   7.      Click Delete Files, and then click OK. ReBoot.

Let me know if those steps complete OK, also if any remaining issues or concerns...

Kevin

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #25 on: January 11, 2012, 08:03:11 pm »
Ok. All of the cleanup is complete.

So far so good. Everything seems to be running fine.

I have one concern, I have a second computer that is networked to this one.  Do I need to run these processes on that system.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #26 on: January 11, 2012, 08:21:16 pm »
SIGH, you really should have made me aware of that fact, OK disconnect the system we have just worked, run the following scans from your second system and post the logs:

Step 1

Download RogueKiller to your desktop

  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 1 and validate by tapping Enter
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.

Step 2

Download OTL from any of the following links and save to your Desktop:

Link 1
Link 2
Link 3
Link 4
  • Double click on the icon to run it, Vista  or Windows 7 users right click and select Run as Administartor. Make sure all other windows are closed and to let it run uninterrupted.
       
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
       
  • Select Scan all users
       
  • Under the Extra Registry section, check Use SafeList
       
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
       
  • Under the Custom Scan box paste this in:
Code: [Select]
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
       
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them in your reply

Let me see the following in your reply :-

  • Log from RogueKiller
  • OTL.txt
  • Extras.txt

If the logs from OTL exceed the charcter limit either split the logs and use multiple replies or zip them up and attach them..

Kevin
« Last Edit: January 11, 2012, 08:35:03 pm by kevinf80 »

Offline Kaz

  • Bronze Member
  • Posts: 29
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #27 on: January 11, 2012, 08:34:44 pm »
Sorry abut that Kevin. It really just dawned on me.  I am not at home. I will have to run these new scans tomorrow.

PS. The only sharing I have set for the two computers is iTunes. And I haven't shared anything between them in months. If that makes a difference.

I'll send the new logs tomorrow.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #28 on: January 11, 2012, 08:38:14 pm »
Thats OK, just post the logs when you`re ready, I`m sure our guardian angel will keep us safe....

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7245
Re: [Resolved K] Malwarebytes will not open, Avast firewall will not run,
« Reply #29 on: January 12, 2012, 04:16:38 pm »
Test.....Test......Test