Can't update avg, spybot or malwarebytes

View previous topic View next topic Go down

Re: Can't update avg, spybot or malwarebytes

Post by Belahzur on Sat May 30, 2009 1:19 am

Hello.
Uninstall both of them.
Spybots removal methods aren't that great and MBAM has a new version out, so lets start from scratch with this.

First, uninstall MBAM/Spybot, then run this MBAM cleaner to remove any traces left of MBAM.
[You must be registered and logged in to see this link.]

Download the free version of 1.37 from here:
[You must be registered and logged in to see this link.]

Install it again and see if you can update it then.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by mattie-z on Sat May 30, 2009 5:44 am

I removed both programs, but those links are both broken for me. Same "Oops! This link appears to be broken" message. Not surprising, because my initial inability to access the malwarebytes site was definitely a red flag for me, leading me to believe my computer was infected. On a different note, thank you so much for your extemely quick replies!

mattie-z
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
Gender Gender : Male
OS OS : xp
Points Points : 27553
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by Belahzur on Sat May 30, 2009 12:35 pm

Okay, lets get an upto date Combofix log.
Re-run Combofix for me please.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by mattie-z on Sat May 30, 2009 2:29 pm

Here's the latest one. Is it normal for it to be considerably shorter than the first one?

ComboFix 09-05-29.01 - Mattie Z 05/30/2009 9:07.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.602 [GMT -5:00]
Running from: c:\documents and settings\Mattie Z\Desktop\Combo-Fix.exe
AV: avast! antivirus 4.8.1335 [VPS 090529-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-30 )))))))))))))))))))))))))))))))
.

2009-05-29 18:38 . 2009-05-29 18:38 -------- d-----w c:\documents and settings\Mattie Z\Application Data\vlc
2009-05-25 23:16 . 2009-02-05 20:06 51376 ----a-w c:\windows\system32\drivers\aswTdi.sys
2009-05-25 23:16 . 2009-02-05 20:06 23152 ----a-w c:\windows\system32\drivers\aswRdr.sys
2009-05-25 23:16 . 2009-02-05 20:05 26944 ----a-w c:\windows\system32\drivers\aavmker4.sys
2009-05-25 23:16 . 2009-02-05 20:04 97480 ----a-w c:\windows\system32\AvastSS.scr
2009-05-25 23:16 . 2009-02-05 20:07 114768 ----a-w c:\windows\system32\drivers\aswSP.sys
2009-05-25 23:16 . 2009-02-05 20:07 20560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
2009-05-25 23:16 . 2009-02-05 20:08 93296 ----a-w c:\windows\system32\drivers\aswmon.sys
2009-05-25 23:16 . 2009-02-05 20:08 94032 ----a-w c:\windows\system32\drivers\aswmon2.sys
2009-05-25 23:16 . 2009-02-05 20:11 1256296 ----a-w c:\windows\system32\aswBoot.exe
2009-05-25 23:15 . 2009-05-25 23:15 -------- d-----w c:\program files\Alwil Software
2009-05-24 07:06 . 2009-05-24 07:06 -------- d-----w c:\documents and settings\Mattie Z\Application Data\Malwarebytes
2009-05-24 07:05 . 2009-05-24 07:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-14 04:16 . 2009-05-14 04:16 -------- d-----w c:\windows\system32\config\systemprofile\Local Settings\Application Data\Google
2009-05-14 04:14 . 2009-05-14 04:14 127877 ----a-w c:\documents and settings\Mattie Z\Application Data\Move Networks\uninstall.exe
2009-05-14 04:14 . 2009-05-14 04:14 1685856 ----a-w c:\documents and settings\Mattie Z\Application Data\Move Networks\MoveMediaPlayerWin_071500000347.exe
2009-05-13 03:08 . 2009-05-27 03:38 0 ----a-w c:\documents and settings\Mattie Z\Local Settings\Application Data\prvlcl.dat
2009-05-04 14:12 . 2009-05-04 14:12 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-05-03 23:10 . 2009-05-03 23:10 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-05-03 23:09 . 2009-05-30 02:28 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-05-01 06:30 . 2009-05-01 06:30 97144 ----a-w c:\documents and settings\Mattie Z\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-30 05:35 . 2008-11-20 19:45 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-30 05:35 . 2008-11-20 19:45 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-30 01:07 . 2008-07-11 17:34 -------- d-----w c:\program files\Sun
2009-05-30 01:07 . 2009-01-25 18:06 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-30 01:07 . 2007-12-11 04:17 -------- d-----w c:\program files\Java
2009-05-29 16:47 . 2009-03-31 15:26 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-05-26 21:24 . 2007-11-09 11:50 -------- d-----w c:\program files\Diablo II
2009-05-26 21:24 . 2007-12-09 20:21 43520 ----a-w c:\windows\system32\CmdLineExt03.dll
2009-05-20 00:32 . 2008-02-19 02:23 -------- d-----w c:\documents and settings\Mattie Z\Application Data\Move Networks
2009-05-14 04:16 . 2007-12-12 06:41 -------- d-----w c:\program files\Google
2009-03-22 01:39 . 2009-03-22 01:39 503808 ----a-w c:\documents and settings\Mattie Z\Application Data\Sun\Java\Deployment\cache\6.0\38\39ba6e6-1dbf8c95-n\msvcp71.dll
2009-03-22 01:39 . 2009-03-22 01:39 499712 ----a-w c:\documents and settings\Mattie Z\Application Data\Sun\Java\Deployment\cache\6.0\38\39ba6e6-1dbf8c95-n\jmc.dll
2009-03-22 01:39 . 2009-03-22 01:39 348160 ----a-w c:\documents and settings\Mattie Z\Application Data\Sun\Java\Deployment\cache\6.0\38\39ba6e6-1dbf8c95-n\msvcr71.dll
2009-03-19 05:02 . 2007-08-13 16:23 39792 ----a-w c:\documents and settings\Mattie Z\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-08 20:36 . 2009-03-08 20:36 0 ----a-w c:\windows\PowerReg.dat
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-30 13:55 . 2009-05-30 13:55 16384 c:\windows\Temp\Perflib_Perfdata_6fc.dat
+ 2009-05-30 13:55 . 2009-05-30 13:55 16384 c:\windows\Temp\Perflib_Perfdata_238.dat
+ 2009-05-30 01:07 . 2009-05-30 01:07 148888 c:\windows\system32\javaws.exe
- 2009-01-25 18:06 . 2009-03-22 01:38 148888 c:\windows\system32\javaws.exe
+ 2009-05-30 01:07 . 2009-05-30 01:07 144792 c:\windows\system32\javaw.exe
- 2009-01-25 18:06 . 2009-03-22 01:38 144792 c:\windows\system32\javaw.exe
+ 2009-05-30 01:07 . 2009-05-30 01:07 144792 c:\windows\system32\java.exe
- 2009-01-25 18:06 . 2009-03-22 01:38 144792 c:\windows\system32\java.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-18 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-29 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-02-28 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-02-28 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-30 148888]
"P17Helper"="SPIRun.dll" - c:\windows\system32\SPIRun.dll [2006-07-03 10752]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-09-22 14854144]

c:\documents and settings\Mattie Z\Start Menu\Programs\Startup\
PowerReg Scheduler.exe [2009-3-8 256000]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
NETGEAR WG311T Wireless Assistant.lnk - c:\program files\NETGEAR\WG311T\wlancfg5.exe [2004-12-17 7708672]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NovaLogic\\Delta Force Black Hawk Down\\dfbhd.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Acrobat3\\Reader\\AcroRd32.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/25/2009 6:16 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/25/2009 6:16 PM 20560]
S2 gupdate1c9cc445acf6fda;Google Update Service (gupdate1c9cc445acf6fda);c:\program files\Google\Update\GoogleUpdate.exe [5/3/2009 6:10 PM 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-05-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 22:57]

2009-05-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-12 23:09]

2009-05-30 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 23:10]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-05-30 09:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
P17Helper = Rundll32 SPIRun.dll,RunDLLEntry?

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(868)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2968)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-30 9:13
ComboFix-quarantined-files.txt 2009-05-30 14:13
ComboFix2.txt 2009-05-29 16:38
ComboFix3.txt 2009-05-28 04:49
ComboFix4.txt 2009-05-27 04:05

Pre-Run: 327,178,457,088 bytes free
Post-Run: 327,408,279,552 bytes free

148 --- E O F --- 2009-01-26 05:06

mattie-z
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
Gender Gender : Male
OS OS : xp
Points Points : 27553
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by Belahzur on Sat May 30, 2009 4:34 pm

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\documents and settings\Mattie Z\Start Menu\Programs\Startup\PowerReg Scheduler.exe

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "P17Helper"=-


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by mattie-z on Sat May 30, 2009 6:57 pm

========== FILES ==========
c:\documents and settings\Mattie Z\Start Menu\Programs\Startup\PowerReg Scheduler.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\P17Helper deleted successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05302009_135642

mattie-z
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
Gender Gender : Male
OS OS : xp
Points Points : 27553
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by Belahzur on Sat May 30, 2009 8:03 pm

Hello.
One more script to remove a leftover AVG folder.

  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\documents and settings\All Users\Application Data\avg8


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by mattie-z on Sun May 31, 2009 8:30 am

========== FILES ==========
c:\documents and settings\All Users\Application Data\avg8\update\prepare moved successfully.
c:\documents and settings\All Users\Application Data\avg8\update\backup moved successfully.
c:\documents and settings\All Users\Application Data\avg8\update moved successfully.
c:\documents and settings\All Users\Application Data\avg8\Temp moved successfully.
c:\documents and settings\All Users\Application Data\avg8\scanlogs moved successfully.
c:\documents and settings\All Users\Application Data\avg8\Log moved successfully.
c:\documents and settings\All Users\Application Data\avg8\emc moved successfully.
c:\documents and settings\All Users\Application Data\avg8\Dumps moved successfully.
c:\documents and settings\All Users\Application Data\avg8\CfgAll moved successfully.
c:\documents and settings\All Users\Application Data\avg8\Cfg moved successfully.
c:\documents and settings\All Users\Application Data\avg8\AvgApi moved successfully.
c:\documents and settings\All Users\Application Data\avg8\AvgAm moved successfully.
c:\documents and settings\All Users\Application Data\avg8\admincli moved successfully.
c:\documents and settings\All Users\Application Data\avg8 moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05312009_032947

mattie-z
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
Gender Gender : Male
OS OS : xp
Points Points : 27553
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by Belahzur on Sun May 31, 2009 12:54 pm

We can remove OTMoveIt now.

  • Please double-click OTMoveIt3.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't update avg, spybot or malwarebytes

Post by mattie-z on Sun May 31, 2009 2:01 pm

The machine is running fine, except for my inability to go to malwarebytes' website, so I can not download from the link you gave me. I re-installed v.1.37, and it still could not update itself. If I didn't delete spybot and avg, they still woudln't be able to update themselves either... It appears something is blocking the ability of these programs to update themselves. I'm going to be away from my computer for a week, but I'll bump this when I come back. Thank you very much for your time, and quick responses Smile I look forward to continuing this in a week, thanks again!

mattie-z
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
Gender Gender : Male
OS OS : xp
Points Points : 27553
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum