Is there somewhere other than http://www.gt500.org/malwarebytes/database to download the malwarebytes update? I need this because i have a virus blocking me from their web site as well as every other anti-virus website. It is also restricting access to Microsoft.com. I am trying to save this drive without reformatting if at all possible. Though i suppose i could just download it from another computer???? But that option isn't readily available to me at this time. Any help would be greatly appreciated.
Thanks
Also here is my log file from MWB
Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 6.0.6001 Service Pack 1
10/2/2009 9:43:40 PM
mbam-log-2009-10-02 (21-43-40).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 281532
Time elapsed: 55 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 13
Registry Values Infected: 11
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\btwsrv (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\btwsrv (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwsrv (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\protection system (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\FirstInstallFlag (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\security center (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
C:\Users\Matty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
Files Infected:
c:\program files\windows live\messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\windows live\messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Windows\System32\BtwSrv.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\program files\protection system\mal.db (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
c:\program files\protection system\psystem.exe (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
c:\program files\protection system\uninst.exe (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
c:\Users\Matty\AppData\Roaming\microsoft\Windows\start menu\Programs\protection system\Live Support.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
c:\Users\Matty\AppData\Roaming\microsoft\Windows\start menu\Programs\protection system\Protection System.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
c:\Users\Matty\AppData\Roaming\microsoft\Windows\start menu\Programs\protection system\Uninstall.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
C:\Windows\System32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows\sc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Hi, Evan2ually. Welcome to LandzDown!
Please see Log Posting Instructions (http://www.landzdown.com/index.php?topic=423.0) and post the requested logs as a reply to this thread.
Thanks.
I tried to download the Random's System Information Tool (RSIT) but I get the Server not found Firefox can't find the server at images.malwareremo* Check the address for typing errors such as
ww.example.com instead of
www.example.com
* If you are unable to load any pages, check your computer's network
connection.
* If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.
message as I do when I try to access all anti-virus and microsoft web sites???
Are you able to run RootRepeal?