Free Malware Removal Forum

[brokenarrow_jeff]

melboy:

I downloaded the mbr.exe and placed it in my C: root directory ... when I executed it, the kaspersky program said it was trying to load some driver that was suspicious ... the mbr.exe did bring up a dos window but when I told kaspersky to allow the driver load, the dos window went away ... now when I start mbr.exe a dos window comes up for a flash and then it's gone ... what now?

[melboy]

Are you starting it via the Run command I gave you?

Code: Select all

cmd /c \mbr.exe -t >log.txt&start log.txt

Make sure you copy/paste it into the run box.

A notepad file should open entitled Log.txt

[brokenarrow_jeff]

melboy:

sorry I didn't read/understand what you meant about how to run mbr.exe ... it worked when I copied the text into the run box

I have enclosed both logs ... I think my machine is running better thanks to you


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
kernel: MBR read successfully
user & kernel MBR OK

Malwarebytes' Anti-Malware 1.44
Database version: 3825
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/4/2010 10:39:50 PM
mbam-log-2010-03-04 (22-39-50).txt

Scan type: Full Scan (C:\|)
Objects scanned: 343045
Time elapsed: 1 hour(s), 35 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[melboy]

Hi Jeff

Thanks for that, we got there in the end.

Other than the two minor detections by MBAM. At this stage your machine looks to be clean of malware, so any continued problems you may be experiencing are not likely to be malware related. As this forum specializes in malware removal I think the best and fastest solution for you is to post on a general PC troubleshooting forum if you are having further issues.

These sites have a variety of experts, that are better equipped to investigate and resolve these kinds of issues.

Below are some recommended sites, registration is free, it only takes a few minutes.

The Elder Geek on Windows
BleepingComputer.com
WhattheTech

If you have any questions or require any other assistance with malware related issues, please let me know.
As previously requested, in the information below there are some suggestions for (free) security software if you decide against keeping Kaspersky once the trial ends.



OTC by OldTimer

Download OTC by Old Timer and save it to your Desktop.

• Double-click OTC.exe
• Click the CleanUp! button
• Select Yes when the Begin cleanup Process? Prompt appears
• If you are prompted to Reboot during the cleanup, select Yes
• The tool will delete itself once it finishes, if not delete it by yourself

======================================================


Below are some recommendations for helping keep you safe online.

• Make sure that you keep your antivirus updated
  New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
  Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
  Uninstall Tools for Major Antivirus Products
  
• Security Updates for Windows, Internet Explorer & Microsoft Office
  Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
  Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
• Update Non-Microsoft Programs
  Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.
  
  
  Recommended Programs
  
  I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.
  
  
  • WinPatrol
    As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.
    
  • Malwarebytes' Anti-Malware
    As you already have Malwarebytes' Anti-Malware on board I would keep it regularly updated and run regular quick scans with it. (TIP: Cleaning out temp files can reduce scanning times.)
    Malwarebytes' Anti-Malware is an anti-malware application that can thoroughly remove even the most advanced malware. The Full version includes a number of features, including a built in protection monitor that blocks malicious processes before they even start.
    
  • Hosts File
    For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.
    
  • Install and use a firewall with outbound protection
    The Windows firewall only monitors incoming traffic, NOT outgoing. Using a software firewall in its default configuration to replace the Windows firewall greatly reduces the risk of your computer being hacked. Make sure your firewall is always enabled while your computer is connected to the internet.
    Note: You should only have one firewall installed at a time. Having more than one firewall installed at once is likely to cause conflicts and may well decrease your overall protection as well as seriously impairing the performance of your PC.
    Suggestions:
    
    • Online Armor Free
    • PcTools Firewall (Free)
    • Outpost Firewall Free
    
    
  • Suggestions for Free antivirus software
    
    • Antivir PersonalEdition Classic - Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.
    • avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for non-commercial users.
    • Microsoft Security Essentials - Free anti-malware solution that helps protect against viruses, spyware, and other malicious software
      
      It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts, system instability and false virus alerts.
      
      [Please note that trial pay is not needed to get any product for free.]

Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy surfing and stay clean!

[jmw3]

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.