Jump to content

Search the Community

Showing results for tags 'anti-rootkit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 13 results

  1. After running the anti-rootkit scanner, going through the normal procedure and restarting my computer, my keyboard and mouse suddenly and randomly stop working. I have uninstalled and reinstalled the USB root hubs, and different mice and keyboards do not resolve the issue forcing me to reboot. Please help.
  2. Malwarebytes Anti-Rootkit is over 4 years old now, yet it's still in the BETA version, why?
  3. Hello i would like some help getting to the bottom of this isse. I get a pop up message from malwarebytes when i start up my computer, open chrome and when i assume it trys to scan somthing because i downloaded the mbam check that was on another forum (to give you guys further information that i may not be able to provide) and i got the pop up then tas well. the computer i run is a windows 7 64 bit. any help would be greatly apperciated, thanks in advance, Misaki CheckResults.txt
  4. Today when I try to run "Malwarebytes Anti-Rootkit I get a message that says: "This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue." I use Malwarebytes Anti-Virus Premium Edition. I have run some reports [see Attached] but I do not know how to read them in order to identify the problem and to implement a cure. If further information is required from me please let me know. Could someone please assist me is this matter? Thank you attach.txt dds.txt CheckResults.txt
  5. My malewarebytes was working great on my desktop and laptop until last week. The desktop is still working great but this error started about a week ago when I start a scan. I think it was after an update. I uninstalled malewarebytes and rebooted and then downloaded the installer again and reinstalled. I restored my laptop to a date before I first installed malewarebytes and started the process over. The error is still there. "ERROR: Malewarebytes was unable to load the Anti-Rootkit Driver. Error Code 20025. Do you want to scan without anti-rootkit support?" If I click yes to scan without the anti-rootkit it just hangs in prescan mode and doesn’t want to stop. What does this mean? Help
  6. I seem to be having an issue similar to izoold (back in June 2014, on this thread). Today, my issue became persistent, in that I cannot seem to load the rootkit DDA driver, and thus, my search which turned up the noted thread. I have attached a jpg of the error message. Anyway, I downloaded the Anti-Rootkit software (MBAR) suggested in the reference thread, and executed it. Attached are the resulting logs from that program. FWIW, MBAR said it did not find anything, and I do not see anything in my look at the logs. But still the Anti-Rootkit fails to load on each reboot. Thanks in advance for any help you can give me. -pvs system-log.txt mbar-log-2014-08-24 (14-39-10).txt
  7. I am a Premium User (from version 1), installed the latest version last night and get this error screen: http://i61.tinypic.com/nwn86x.png Malwarebytes Anti-Malware --------------------------- Malwarebytes was unable to load the Anti-Rootkit DDA Driver, this error may be caused by rootkit activity. Do you want to reboot the system and attempt to install the Driver? --------------------------- (If you don't choose to reboot, Anti-Rootkit scanning will be disabled for this session). Rebooted and it did not say it again, but I have no way (or do not know the way) to check if it is actually operational. The message came up only once (on new install/upgrade). I re-created the message by uninstalling Malwarebytes, and re-installing it. The message comes up again, but I will guess on reboot, it will not mention again, and I still do not know how to check if it is installed. Any ideas?
  8. I didn't see this particular error listed here in the forums yet so, here it is. When I try to run Malware Bytes Anti- Rootkit, I receive the following error: "An error has occured: Scan Failed!" ...with a secondary popup error window of: "Error - This version of Malwarebytes Anti-rootkit requires you to completely exit the Malwarebytes Anit-Malware application to continue." The problem is, I don't have any Malwarebytes software running accept Anti-Rootkit... so there is nothing to stop. I have checked: Task manager: No MB Application, Processes, or ServiceC:/Windows/Programs: No old software files​ Still working on the problem. I am going to try to boot into Safe Mode and see if that works.
  9. After installing MBAR and executing the application, I am able to update the definitions successfully to today's date and then when I start a full scan (all objects selected) it says Initializing and then blue screens my system. (Windows 7 64bit SP1 - Lenovo T430s). Never had this issue with any previous versions of MBAR. Any ideas what changed between 1008 and 1009 that is causing this issue?
  10. Win32:Malware-gen PSW.Delf.HZZ Trojan.Generic.7213934 HW32.CDB.C4d9 Hello! I was running RootKit and a DIY page popped up, screen started flickering, Google popped up, CMD prompt popped up, computer got slow, Mal Ware anti-virus (not responding), etc,....... I thought I got it cleaned out but it must have attached to my Schools website! Exited all tried agian and the same happened. Did a shut down and then wouldnt even power up! After 4 or 5 tries new computer booted up. I was attemping to download some literature and I am pretty sure I downloaded Fast Format Converter of some sort, it attached to my school website and I didnt know it at the time. My school website have all kind of pop ups, so I allowed it throw my virus protection by mistake and WOW is it nasty!!! Can you please help me? Thank you in advance for your consideration, P.S.Sorry about the format I copy/paste, I got the list from the following link: https://www.virustotal.com Trojan.DR.Agent2!9BZRxHcc6JM Trojan.Generic.7213934 (B) PHP/PSW.Phishack.AO Trojan.Generic.7213934 Trojan.Generic.7213934 Win32.SuspectCrc TrojanDropper.Agent.awfa Win32.Troj.Agent.(kcloud) Trojan.Generic.7213934 Agent.VCJD Trojan.Gen
  11. Hi, Mbam anti-rootkit detect driver ALCXWDM.SYS as "Unknown rootkit driver" i had this file tested with the software Farbar by Emsisoft employee and told it was part of REALTEK GbE & FE Ethernet PCI NIC Driver mbar-log-2013-08-10 (16-52-40).txt
  12. Hey, I am trying to run a Malwarebytes Anti-Rootkit scan on my computer, but I get a message saying "The system volume seems inaccessible or encrypted. Scan can't continue." The program updates fine and everything goes well until I try to run the scan and I get that error message.
  13. Hi, I'm having an issue that is driving me crazy. C:\Documents and Settings\RMK\Application Data\AVG shows on my desktop everytime I start my PC. I have checked my startup & done a clean boot. Per Microsoft Support, I have done sfc /scannow to no avail I attempted to run MB Anti-RootKit Beta It ran for 5 hours & failed to reach Cleanup: The log looks like this... --------------------------------------- Malwarebytes Anti-Rootkit BETA © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_37 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 1.594000 GHz Memory total: 1341046784, free: 786096128 ------------ Kernel report ------------ 01/24/2013 03:09:26 ------------ Loaded modules ----------- \WINDOWS\system32\ntoskrnl.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll ACPI.sys \WINDOWS\System32\DRIVERS\WMILIB.SYS pci.sys isapnp.sys compbatt.sys \WINDOWS\System32\DRIVERS\BATTC.SYS pciide.sys \WINDOWS\System32\DRIVERS\PCIIDEX.SYS pcmcia.sys MountMgr.sys ftdisk.sys ACPIEC.sys \WINDOWS\System32\DRIVERS\OPRGHDLR.SYS PartMgr.sys Shockprf.sys VolSnap.sys atapi.sys disk.sys \WINDOWS\System32\DRIVERS\CLASSPNP.SYS fltmgr.sys sr.sys PxHelp20.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys ohci1394.sys \WINDOWS\System32\DRIVERS\1394BUS.SYS Mup.sys avgrkx86.sys avglogx.sys avgmfx86.sys avgidshx.sys agp440.sys \SystemRoot\System32\DRIVERS\nic1394.sys \SystemRoot\System32\DRIVERS\intelppm.sys \SystemRoot\System32\DRIVERS\ati2mtag.sys \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS \SystemRoot\System32\DRIVERS\usbuhci.sys \SystemRoot\System32\DRIVERS\USBPORT.SYS \SystemRoot\System32\DRIVERS\usbehci.sys \SystemRoot\System32\DRIVERS\e1000325.sys \SystemRoot\System32\DRIVERS\ar5211.sys \SystemRoot\System32\DRIVERS\i8042prt.sys \SystemRoot\System32\DRIVERS\kbdclass.sys \SystemRoot\System32\DRIVERS\SynTP.sys \SystemRoot\System32\DRIVERS\USBD.SYS \SystemRoot\System32\DRIVERS\WDFLDR.SYS \SystemRoot\System32\Drivers\wdf01000.sys \SystemRoot\System32\DRIVERS\mouclass.sys \SystemRoot\System32\DRIVERS\fdc.sys \SystemRoot\System32\DRIVERS\serial.sys \SystemRoot\System32\DRIVERS\serenum.sys \SystemRoot\System32\DRIVERS\parport.sys \SystemRoot\System32\DRIVERS\nscirda.sys \SystemRoot\System32\DRIVERS\irenum.sys \SystemRoot\System32\DRIVERS\CmBatt.sys \SystemRoot\System32\DRIVERS\ibmpmdrv.sys \SystemRoot\System32\DRIVERS\imapi.sys \SystemRoot\System32\DRIVERS\cdrom.sys \SystemRoot\System32\DRIVERS\redbook.sys \SystemRoot\System32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\drivers\smwdm.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\aeaudio.sys \SystemRoot\System32\DRIVERS\AGRSM.sys \SystemRoot\System32\Drivers\Modem.SYS \SystemRoot\System32\DRIVERS\audstub.sys \SystemRoot\System32\DRIVERS\rasirda.sys \SystemRoot\System32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\rasl2tp.sys \SystemRoot\System32\DRIVERS\ndistapi.sys \SystemRoot\System32\DRIVERS\ndiswan.sys \SystemRoot\System32\DRIVERS\raspppoe.sys \SystemRoot\System32\DRIVERS\raspptp.sys \SystemRoot\System32\DRIVERS\psched.sys \SystemRoot\System32\DRIVERS\msgpc.sys \SystemRoot\System32\DRIVERS\ptilink.sys \SystemRoot\System32\DRIVERS\raspti.sys \SystemRoot\System32\Drivers\pcouffin.sys \SystemRoot\System32\DRIVERS\rdpdr.sys \SystemRoot\System32\DRIVERS\termdd.sys \SystemRoot\System32\DRIVERS\swenum.sys \SystemRoot\System32\DRIVERS\update.sys \SystemRoot\System32\DRIVERS\mssmbios.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\i2omgmt.SYS \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\DRIVERS\rasacd.sys \SystemRoot\System32\DRIVERS\ipsec.sys \SystemRoot\System32\DRIVERS\tcpip.sys \SystemRoot\system32\DRIVERS\avgtdix.sys \SystemRoot\System32\DRIVERS\ipnat.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbios.sys \SystemRoot\System32\drivers\TSMAPIP.SYS \SystemRoot\System32\drivers\Tppwr.sys \SystemRoot\System32\Drivers\TPHKDRV.SYS \SystemRoot\System32\drivers\TDSMAPI.SYS \SystemRoot\System32\drivers\Smapint.sys \SystemRoot\System32\DRIVERS\rdbss.sys \SystemRoot\System32\DRIVERS\mrxsmb.sys \SystemRoot\System32\drivers\IBMBLDID.SYS \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\System32\DRIVERS\arp1394.sys \SystemRoot\system32\DRIVERS\avgldx86.sys \SystemRoot\system32\DRIVERS\avgidsshimx.sys \SystemRoot\system32\DRIVERS\avgidsdriverx.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\ati2dvag.dll \SystemRoot\System32\ati2cqag.dll \SystemRoot\System32\atikvmag.dll \SystemRoot\System32\ati3duag.dll \SystemRoot\System32\ativvaxx.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys \SystemRoot\System32\DRIVERS\irda.sys \SystemRoot\System32\DRIVERS\mdc8021x.sys \SystemRoot\System32\DRIVERS\ndisuio.sys \SystemRoot\System32\DRIVERS\mrxdav.sys \SystemRoot\System32\Drivers\ParVdm.SYS \SystemRoot\System32\DRIVERS\srv.sys \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS \SystemRoot\System32\Drivers\ShockMgr.SYS \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\System32\Drivers\HTTP.sys \SystemRoot\system32\drivers\kmixer.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys \WINDOWS\system32\ntdll.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff8a0e0ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\ Lower Device Object: 0xffffffff8a0c8d98 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Load Function returned 0x0 Downloaded database version: v2013.01.24.04 Downloaded database version: v2013.01.23.01 Initializing... Done! <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff8a0e0ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a0c6e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a12e918, DeviceName: \Device\Shockpf0\, DriverName: \Driver\Shockprf\ DevicePointer: 0xffffffff8a0e0ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8a0bd9e8, DeviceName: \Device\00000084\, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff8a0c8d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\ ------------ End ---------- Upper DeviceData: 0xffffffffe2cf8f80, 0xffffffff8a0e0ab8, 0xffffffff89591ab8 Lower DeviceData: 0xffffffffe2d762a0, 0xffffffff8a0c8d98, 0xffffffff892b4340 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\WINDOWS\system32\drivers... The directory C:\WINDOWS\system32\drivers seems inaccessible or encrypted. Drivers scan is aborted. Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: CCCDCCCD Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 110179377 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 56419345408 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-110174034-110194034)... Done! Performing system, memory and registry scan... Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158} --> [Adware.GamePlayLab] --------------------------------------- Malwarebytes Anti-Rootkit BETA © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_37 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 1.594000 GHz Memory total: 1341046784, free: 759234560 ======================================= Any assistance is appreciated. Thanks, Dwayne
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.