New
#11
Okay, VEW.txt is attached.
Okay, VEW.txt is attached.
Please download Malwarebytes' Anti-Malware:
http://www.malwarebytes.org/mbam-download-exe.php
Save to the Desktop.
MBAM may make changes to the Registry as part of its disinfection routine.
If using other security programs that detect Registry changes, they may interfere or alert you.
Temporarily disable such programs as shown, or permit them to allow the changes:
http://www.bleepingcomputer.com/forums/topic114351.html
Right-click the MBAM file, and select: Run as Administrator
When the installation begins, follow the prompts.
At the last prompt of the Setup routine, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
However, uncheck: Enable free trial of Malwarebytes Anti-Malware PRO
Click: Finish
MBAM automatically starts and you are asked to update the program.
If an update is found, the program automatically updates itself.
Press the OK button to close the box and continue.
On the Scanner tab:
Make sure the Perform Full Scan option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected.
Click on the Start Scan button.
The scan may take some time to complete, so please be patient.
When the scan is finished, a message box shows The scan completed successfully. Click 'Show Results' to display all objects found
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
Click on the Show Results button to see a list of any malware found.
Make sure everything is checked, and click: Remove Selected
When removal is completed, a report opens in Notepad.
The log is automatically saved and is viewed by clicking the Logs tab.
Please copy/paste the entire contents of the MBAM report in your reply.
Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you are asked to reboot the computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) prevents MBAM from removing all the malware.
Also download Security Check:
http://screen317.spywareinfoforum.org/
Save to your Desktop.
Double-click SecurityCheck.exe
Follow the onscreen instructions inside the black box...
When done, a Notepad report opens automatically, called: checkup.txt
Please post the checkup.txt in your reply.
(Please do not take any corrective actions!)
MBAM Log:
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download
Database version: v2013.06.20.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
PAYZANPW :: LTUARB028 [administrator]
20/06/2013 7:05:12 PM
mbam-log-2013-06-20 (19-05-12).txt
Scan type: Full scan (C:\|E:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 610319
Time elapsed: 52 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Security Check Log:
Results of screen317's Security Check version 0.99.67
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
SlimCleaner
JavaFX 2.1.1
Java 7 Update 21
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````
Let's see what's running on your computer. Download DDS from one of these links:
DDS.com
DDS.pif
- Disable any script blocking protection
- Double click the dds icon to run the tool.
- When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt <--- will be minimized in the task tray
- Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
GoodOldDad,
What happens if you disable the Resident feature of Spybot-Search and Destroy?
Run Spybot, select Mode > Advanced Mode
Select Tools in the navigation bar on the left
Select: Resident
Uncheck the boxes for: SDHelper and TeaTimer
Go to the Services console and set Startup type to: Automatic (Delayed start)
Make sure the Service status is set to: Started
Does Action Center/Security Center still shut off on its own?
If it does, please create new Restore Point before proceeding:
System Restore Point - Create
Next, download the following Windows 7 Registry key:
http://download.bleepingcomputer.com.../7/Winmgmt.reg
Save to the Desktop
Double-click on winmgmt.reg file and confirm the prompt to merge.
Restart the computer.
Does Action Center/Security Center still shut off on its own?
Last edited by cottonball; 20 Jun 2013 at 23:17.
Jacee: I took a quick look at those two logs and I don't think I want all that info publicly available. Thanks, and I don't wish to be an ingrate for your help, but I'd rather not post the logs here.
Cottonball, I'll try your Spybot suggestion and get back within the next day or two.
Apparently, the new version of Spybot mad some changes.
See if the following helps:
how to disable 'resident' functionality?
Nope, everything suggested in that thread is already turned off or disabled.