Jump to content

exile360

Experts
  • Posts

    31,301
  • Joined

  • Last visited

  • Days Won

    41

Everything posted by exile360

  1. Yes, if MBAM has detected and disabled it, it is safe to uninstall it.
  2. This is quoted from one of the forum moderators. Many have been having this issue. Welcome to Malwarebytes Please try the following routine to see if you can get Malwarebytes to run. Click on Start, click Run, and then type devmgmt.msc and click OK On the View menu click on Show hidden devices Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys Highlight that driver and right click on it and select DISABLE Now RESTART your computer. Download a copy of Malwarebytes but DO NOT run it yet. Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it. Once the program is installed go to the UPDATE tab and try to update the program if you can. Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found. If that does work then please follow the routine below and post a new topic in the listed forum with the requested information. Please read and follow the instructions provided here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 When ready please post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7 Someone will be happy to assist you further with cleaning your system. During this scan and cleanup process you should not install any other software unless requested to do so.
  3. Trying to conceal their warez no doubt.
  4. MBAM works fine with Kaspersky because MBAM (Malwarebytes' Anti-Malware) isn't an anti-virus. To ensure you get the best performance I would recommend opening Kaspersky by clicking on the K tray icon then clicking on settings on the top right. Then click on Threats and Exclusions on the left and click the lower button that says Trusted Zone. Once there, click on the Trusted Applications tab on the upper right and click the small link on the lower left that says Add. 2 options should drop down, you want the second one that says Applications with an arrow next to it (this is assuming that MBAM is currently running), and click on the list where it shows C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe. A new window from Kaspersky will pop up saying Exclusions with a list and some boxes next to each item. Check all 3 boxes and click OK. Click OK on the Trusted Zone window, then click Apply on the lower right of the Settings window, then click OK to close it. You can then close the main Kaspersky window by clicking the red x at the top. You're done. This prevents the 2 programs from interfering with one another while having realtime protection active for both. I highly recommend doing the same for any other anti-malware\anti-spyware programs you choose to run in realtime. I hope I have been helpful. Good luck and safe surfing.
  5. Greetings and welcome to the forum. Sounds like there's probably a trojan redownloading/installing the program that MBAM is missing. To get you fixed up please read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7 Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. I hope I was helpful. Good luck and safe surfing.
  6. Excellent, I'm glad I could help. Don't forget though, you may still have a lingering infection so to be safe I would recommend reading the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7 One of the experts here will have a look at your logs (be patient, it takes time they are busy), and they will let you know if you are clean.
  7. If you are still checking this thread Gdgee, here's some more info for you to make sure you are clean please read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7 Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. Good luck and safe surfing.
  8. Yes, if you see my post above, the developers are working on a 64bit compatible version but there is currently no time frame that I am aware of. The nice thing is, you have a lifetime subscription if you purchased the program so you don't have to worry about wasted license fees and the scheduled scanning and auto-updater do function in x64 as far as I know, which you don't get with the free version.
  9. Yeah, that info was actually in the link that was posted here for me, as well as a slew of other command line options (it has LOADS!). I've already created a batch file that automates how it scans, where it scans and what it does with what it finds which was exactly what I needed, thank you to all who replied here, I do appreciate it.
  10. Yeah, I'm running Malwarebytes' on my Vista x64 box as an on-demand scanner and it works like a charm. From what I hear, they are working on compatibility for x64 but it's pretty complicated thanks to the way MS did x64.
  11. If you are using xp you can try this program, it's called dial-a-fix: http://djlizard.net/software/Dial-a-fix-v0.60.0.24.zip Unzip it to your desktop and then double click on dial-a-fix.exe and when it opens, click on the Policies button at the bottom. As long as you are logged on as an administrator it should show and allow you to remove policy restrictions. If no restrictive policies are found, the window that pops up will be blank and it will say no restrictive policies found at the bottom, if they are found you can click the remove button to remove the restrictions. If that doesn't fix you up then it could be caused by a nasty infection and you should read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7 One of the experts here will assist you in cleaning your machine. Good luck and safe surfing.
  12. Could be similar to what's been happening with Antivirus 2009, you can check your device manager (right click on My Computer, then click Manage, then select Device Manager on the left). Click on view, show hidden devices and check under non-plug and play drivers for anything called TDSSERV or anything similar. If it's there, disable it. It's a rootkit that has been blocking MBAM and many other tools from loading. You may also try renaming the installer for MBAM as well as the executable for MBAM if you do get it installed so it can run. edit: You may also want to refer to this post by AdvancedSetup, he's one of the experts here: http://www.malwarebytes.org/forums/index.p...ost&p=35680
  13. As far as updating MBAM, you can download the definitions to install them manually here: http://www.gt500.org/malwarebytes/database.jsp although they may be slightly outdated as the definitions installer isn't updated as frequently as when using MBAM's internal updater. To remove Norton completely, you probably need to get the Norton removal tool from Symantec which you can download here: ftp://ftp.symantec.com/public/english_us_...emoval_Tool.exe As far as your ISP goes, I higly doubt they are infected, but if you used some sort of crack to get Norton going it could have contained a trojan (they often do) and if you use any peer to peer filesharing programs like bittorrent or limewire for downloads, those are also likely targets. It is possible that some trojan got into one of your computers and changed your router's settings to hijack your browsing, but that will be determined once you get into the Malwarebyte's HijackThis forum. Good luck and safe surfing.
  14. There is, it's on the lower right of your post, it presents 2 options: Full Edit and Quick Edit. I used quick edit to add this. NICE!
  15. Oh, hey, just found this post. Your best bet would be to create a new topic here: http://www.malwarebytes.org/forums/index.php?showforum=7 Like I said before. The experts there should be able to get you fixed up. I replied to your post in the general forum as well explaining how to paste the link to that thread in your new topic in the HJT forum.
  16. Hey Hardhead, are you using dreamscene? I am and was wondering if maybe that was causing it. I don't see why it would but who knows. I can't scan again now as I'm at work, but I will turn off dreamscene when I get home and give MBAM another go and see what happens.
  17. I was thinking the same thing Jean, that's why I pointed it out.
  18. That depends, I've seen people get infected by a keylogger/trojans etc and they never actually had anything happen (ie no identity theft, no unauthorized charges to their accounts etc). Just keep an eye on things, and if you want to make sure you're safe, you can just change all your passwords after you are certain that your machine is clean.
  19. No problem, don't worry you are not a nuissance, just a user in distress and we've all been there. Basically what you need to do is post in the forum here: http://www.malwarebytes.org/forums/index.php?showforum=7 Simply tell them what you have done so far and explain the symptoms you are experiencing (can't boot). And post a link to this thread in the message for their reference. The link to this thread is: http://www.malwarebytes.org/forums/index.php?showtopic=7605 You can just copy and paste that link in your post so they can refer to the thread here. And please feel free to ask for help and ask questions, it's what we're here for. I just hope your issue is fixed quickly and completely. If you need anything else just let us know.
  20. Yeah, I have a batch file that does exactly that (ie installs MBAM silently, copies the rules.ref file to that directory, then starts MBAM and runs a quick scan).
  21. Yeah, and no worries, if your system does get hosed somehow after a removal by MBAM, the experts on the forum here offer their support for free and I can assure you they are very knowlegable.
  22. Naturally Spybot won't find it. They are way behind now with current malware as they update their definitions very infrequently, understandably so as they don't charge for their app. But if you put MBAM, SUPERAntiSpyware, Kaspersky, or Avira to the task, they will most likely find it, delete it, and remove your useful rogue as well. By the way, if you're using the software on many PC's to remove infections, does that mean you are charging your client for it each time it's used, or do you pay for it yourself? It only removes stuff if you pay for it after all. Personally, I'd much rather have a tool like MBAM in my toolkit.
  23. Greetings and welcome to the forum. To get you fixed up please read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7 Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. Good luck and safe surfing.
  24. Interesting, I'm on Vista Ultimate x64 and have never seen this detection with an MBAM scan. I'll have to run a quick scan when I get home (currently at work) and see what I come up with. I'll post back and let you know. edit: Just got home, updated to database 1414 and did a quick scan. Mine came back with the same result. Malwarebytes' Anti-Malware 1.30 Database version: 1414 Windows 6.0.6001 Service Pack 1 11/21/2008 11:08:10 AM mbam-log-2008-11-21 (11-08-04).txt Scan type: Quick Scan Objects scanned: 36814 Time elapsed: 1 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.