Jump to content
fmarinonj

Latest update marking critical system files as Trojan.Downloader.ED

Recommended Posts

Thanks, but I've decide to bite the bullet and restore my acronis image from last night and lose my entire day's work on top of the 3 hrs I've been screwing with this thing now. I'll also be uninstalling malwarebytes as the worst "malware/virus" incident I've ever had has been FROM your software and not from something that was actually designed to be malicious. Money well spent ...

Share this post


Link to post
Share on other sites

Posted this other places, just restored a system that could not even get into safe mode:

To open the System Recovery Options menu on your computer


  • Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer using the computer's power button.

  • Do one of the following:

    • If your computer has a single operating system installed, press and hold the F8 key as your computer restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.

    • If your computer has more than one operating system, use the arrow keys to highlight the operating system you want to repair, and then press and hold F8.

    [*]

    On the Advanced Boot Options screen, use the arrow keys to highlight Repair your computer, and then press Enter. (If Repair your computer isn't listed as an option, then your computer doesn't include preinstalled recovery options, or your network administrator has turned them off.)

    [*]

    Select a keyboard layout, and then click Next.

    [*]

    On the System Recovery Options menu, click a tool to open it.

Share this post


Link to post
Share on other sites

So, is the take-away from this fiasco that we should un-check the option to have MBAM automatically quarantine suspected files?

Share this post


Link to post
Share on other sites

So, is the take-away from this fiasco that we should un-check the option to have MBAM automatically quarantine suspected files?

I have always had that as my preferred choice...I investigate before I allow anything detected to be quarantined.

Share this post


Link to post
Share on other sites

OMFG it gave me like 11000 infected files. I thought something was wrong with my Norton internet security since it couldn't find all of these. It deleted so many important files, internet explorer, firefox etc. I couldn't connect to internet so i did a system restore for my ssd drive with windows but all my other programs were on my other drive and i couldn't restore that. It reverted mbam to an earlier version but then i realized clicking restore on the quarantined files might work. So i had to undo the system restore to get back to latest version. It deleted some windows file and it wouldn't boot into the windows when i undid the system restore. Then it deleted it's own files so i had to redownload mbam -___-. I lost a bunch of files and will have to probably restore to factory settings unless it deleted files for that too -____-. censored man, i haven't used this program in 197 days and the day i do they put out a catastophic update :(

Share this post


Link to post
Share on other sites

OMFG it gave me like 11000 infected files. I thought something was wrong with my Norton internet security since it couldn't find all of these. It deleted so many important files, internet explorer, firefox etc. I couldn't connect to internet so i did a system restore for my ssd drive with windows but all my other programs were on my other drive and i couldn't restore that. It reverted mbam to an earlier version but then i realized clicking restore on the quarantined files might work. So i had to undo the system restore to get back to latest version. It deleted some windows file and it wouldn't boot into the windows when i undid the system restore. Then it deleted it's own files so i had to redownload mbam -___-. I lost a bunch of files and will have to probably restore to factory settings unless it deleted files for that too -____-. censored man, i haven't used this program in 197 days and the day i do they put out a catastophic update :(

Share this post


Link to post
Share on other sites

So, is the take-away from this fiasco that we should un-check the option to have MBAM automatically quarantine suspected files?

I normally have MBAM set up this way as well. Late last night, I noticed that the automatic quarantine option had the check placed back in, probably after the newest program version was downloaded and installed. I removed the check. It just so happens that I didn't update the database today because I wasn't home, and I don't have MBAM set to do it automatically (I have a longstanding issue with my entire system freezing solid and needing a reboot occasionally after a MBAM update, so I always do it manually). Whew!

I do always investigate before I allow a quarantine.

Share this post


Link to post
Share on other sites

That's probably good advice all around, particularly for those who like to let it update automagically when we're not around.

Share this post


Link to post
Share on other sites

It really sucks for windows 8 machines. Cant get to safe mode without boot media. Microsoft disabled f8 to save a few seconds boot time. pathetic.

Share this post


Link to post
Share on other sites

That uEFI for you.

But Win8 *does* have the "Make a System Repair Disc" program still, like Win7 does, doesn't it? My advice to everyone here is - make your repair discs ASAP after this gets resolved on your computer so you have a backup way to get into System recovery and other tools that might be needed - a real piece of malware could just as easily have been the cause of all these problems, and everyone would have been in the same boat.

Share this post


Link to post
Share on other sites

Starting on repairing computer number 56 today affected by this catastrophinc screwup. Its 3:15Am and this laptop won't boot to safe mode at first, finally did and NO system restore points. This client is SCREWED. Total rebuild number 17 now. I have so many pc's reloading in my office right now it is like 90 degreees in here now.

Share this post


Link to post
Share on other sites

The restore points should be visible from outside of the windows install itself. For example using a system repair disc.

Share this post


Link to post
Share on other sites

Hi last nite I did update and then a scan, like others I to came up with lots of critical files. Before doing repair I went here to see all the others. So I don't show anything being quartined yet. So is there a way before I reboot to do something that won't affect my computer. I am checking before I get the problems others had with could not get back to computer. Can I just uncheck all and close and not have any issues? If so what should I do after as in uninstall WBAM, how and what do I do to stop this on the next scan.

Share this post


Link to post
Share on other sites

If you only scanned and didnt hit remove then you can uncheck all. and close the program. Reopen the program and update the database and they should no longer show up.

Share this post


Link to post
Share on other sites

If you only scanned and didnt hit remove then you can uncheck all. and close the program. Reopen the program and update the database and they should no longer show up.

Is there anyway to uncheck all or Do I have to do each one separately, that is taking forever

Share this post


Link to post
Share on other sites

see shadow's reply below in the next post

Edited by John L. Galt

Share this post


Link to post
Share on other sites

oops - I tried that but it was not working for me when this happened yesterday - perhaps b/c it was just overloaded with the sheer volume or items and was being slow?

Share this post


Link to post
Share on other sites

Yeah this only works from scan results page. It doesnt work from quaritine unfortunately.

Thanks For all the Help John.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.