Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cant run Malwarebytes [Closed]


  • This topic is locked This topic is locked

#16
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Thank you!! I'll pass that on to my instructor as well. If he didn't approve my posts quickly it would have taken a lot longer. Will you be posting the contents of the Malwarebytes log as well?


  • 1

Advertisements


#17
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Well i would, but how do I do that, since I didnt get the usual log? :D

I mean should I take SS or? :D


Edited by MARKOCARS, 04 September 2014 - 12:59 PM.

  • 0

#18
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

So I assume the scan ran successfully and you just weren't able to get the log. If that's the case, see if this works
 
1. Open up the Malwarebytes program again. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".

    Don't double-click on the mbam-setup file as the program is already installed.
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Put a check mark next to Scan Log as shown in the picture below.
5. Click the view button as shown in the picture below. Copy and paste into your next post. Thank you.
GetLog.JPG


  • 0

#19
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 4.9.2014
Scan Time: 20:24:26
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.04.07
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x86
File System: NTFS
User: Dexi
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 293488
Time Elapsed: 6 min, 25 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Quarantined, [4b5cffeafd7e4ee833b285f47e84ac54], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#20
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Excellent job. Only two things left to do and then I can provide you with some follow-up recommendations.

 

Step#1 - Rootkit Scan
1. Download aswMBR to your desktop.
2. Right-click on aswMBR.exe and select Run as administrator to run it.
3. If you get a question about Virtualization Technology, answer Yes.
4. If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
5. Click the "Scan" button to start scan.
6. On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

 

Step#2 - ChkDsk Scan

You are recording some errors on your hard drive. We should do a scan so that any bad blocks can be repaired.

1. Click your Start button.

2. Type cmd and the hold your left CTRL & SHIFT buttons down while you hit enter on the keyboard.

3. Answer Yes to the prompt if asked to Allow.

4. You should now have a black window open that you can type in to.

5. Please type chkdsk /R and then press enter.

6. You may get a message that says the volume is locked and that you need to reboot for this to work. Answer OK then reboot your computer.

    Note: This may take awhile to run. Let it finish.

 

 

Step#3 - Retrieve ChkDsk Results

1. Click the start menu and type eventvwr and then hit enter on the keyboard.

2. Navigate to the Application Event Log

EventVwr.JPG

 

3. Right-click on the Application event log and chose Filter Current Log...

4. In the Event Sources Drop Down box select Wininit and then click OK.

5. You will find an entry that references ChkDsk. I need you to copy the text and paste into your next post. An example of what you are looking for is shown below.

 

UserInitSource.JPG

 

  

 

Step#4- Items for your next post

1. Rootkit Scan log

2. Chkdsk Results


  • 0

#21
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-04 23:11:31
-----------------------------
23:11:31.803    OS Version: Windows 6.1.7600 
23:11:31.803    Number of processors: 2 586 0x6B02
23:11:31.806    ComputerName: DEXI-PC  UserName: Dexi
23:11:32.139    Initialize success
23:11:32.139    VM: initialized successfully
23:11:32.143    VM: Amd CPU virtualization not supported 
23:11:50.742    The log file has been saved successfully to "C:\Users\Dexi\Desktop\aswMBR.txt"
23:12:16.125    AVAST engine defs: 14090401
23:12:24.973    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-6
23:12:24.976    Disk 0 Vendor: Hitachi_HDT721032SLA360 ST2OA31B Size: 305245MB BusType: 3
23:12:25.074    Disk 0 MBR read successfully
23:12:25.077    Disk 0 MBR scan
23:12:25.094    Disk 0 Windows 7 default MBR code
23:12:25.105    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
23:12:25.125    Disk 0 Boot: NTFS     code=2
23:12:25.144    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        84906 MB offset 206848
23:12:25.152    Disk 0 Partition - 00     0F Extended LBA            220233 MB offset 174095936
23:12:25.174    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       110115 MB offset 174095955
23:12:25.184    Disk 0 Partition - 00     05     Extended            110117 MB offset 399612864
23:12:25.213    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       110117 MB offset 399612883
23:12:25.223    Disk 0 scanning sectors +625134048
23:12:25.389    Disk 0 scanning C:\Windows\system32\drivers
23:12:33.421    Service scanning
23:12:44.721    Service KDHacker c:\program files\kingsoft\kingsoft antivirus\security\kxescan\kdhacker.sys **LOCKED** 5
23:12:45.083    Service KUsbGuard C:\Program Files\kingsoft\kingsoft antivirus\kusbquery.sys **LOCKED** 5
23:12:58.444    Modules scanning
23:13:05.555    Disk 0 trace - called modules:
23:13:05.568    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 
23:13:05.575    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a41650]
23:13:05.581    3 CLASSPNP.SYS[88fa259e] -> nt!IofCallDriver -> [0x855ad348]
23:13:05.587    5 ACPI.sys[88a113b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-6[0x855ac908]
23:13:05.980    AVAST engine scan C:\Windows
23:13:07.323    AVAST engine scan C:\Windows\system32
23:16:11.847    AVAST engine scan C:\Windows\system32\drivers
23:16:24.335    AVAST engine scan C:\Users\Dexi
23:17:17.333    Disk 0 MBR has been saved successfully to "C:\Users\Dexi\Desktop\MBR.dat"
23:17:17.405    The log file has been saved successfully to "C:\Users\Dexi\Desktop\aswMBR.txt"

  • 0

#22
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

To be honest i dont know is this full log, but ive gotta go to sleep, so I will provide more info tomorrow...


  • 0

#23
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

That's all I need to see on that log. Just need the chkdsk results tomorrow when you get a chance. Thanks.


  • 0

#24
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

I did want to mention to you that the chkdsk process could take hours to run depending on how big and how fast your hard drive is so if you need to use the computer all day it may be something you want to start and let run overnight.

 

Just want to ensure that your hard drive errors below are addressed.

 

Error: (08/22/2014 05:27:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.
 
Error: (08/22/2014 05:26:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

 

Also if you didn't start the chkdsk process yet I'd like you to do the following and let me see the results before starting the process.

1. Download WinObj.exe from here and save it to your desktop.

2. Right-click on WinObj.exe and select Run as administrator. Allow the program to continue if prompted.

3. Answer Yes to the EULA when prompted.

4. Navigate to the GLOBAL?? node on the left and then locate the C:, D: & E: drives in the Name column on the right. Reply back with what the SymLink column says for each of these.

WinObj.JPG

 

Thank you.


  • 0

#25
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Im not sure if I did it right but here you go...

C: /Device/HarddiskVolume2

D: /Device/HarddiskVolume3

E: /Device/HarddiskVolume4


  • 0

Advertisements


#26
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Excellent. Are your D & E drives external USB drives that are plugged into your computer or are they all internal to the computer?


  • 0

#27
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

They are all internal to the computer..


  • 0

#28
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Excellent. Then proceed with the chkdsk instructions. Again this could take awhile to run.

 

Thanks.


  • 0

#29
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Well I probably wont do it now becouse im gonna use computer... I will probably do it tonight...


  • 0

#30
MARKOCARS

MARKOCARS

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Well im kinda stuck at this one. So yeah ive rebooted my computer and it showed black screen with some letters on it (ones that you get when you open the command prompt) and the computer rebooted normally. So my question is, did I do everything right and if I did how can I know when its done (i mean chkdsk check)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP