Jump to content

Malwarebytes deleted registry and most of my dll's


Recommended Posts

Hello,

I have been using malwarebytes for a long time now and typically do an update daily and scan a couple of times of day. Yesterday, I did an update and scan and it pulled up over 900 trojans. I immediately had the items removed and rebooted. Once I rebooted I discovered that the majority of the programs no longer worked. Malwarebytes had deleted most of my registry and most of my dll's. I see that they are listed in the quarantine log. I tried to restore the items, but nothing seemed to happen. Is there a way to get my items restored to where they were. I wanted to do a system restore, but all my restore points are gone. Please help.

Thanks,

Link to post
Share on other sites

  • Replies 68
  • Created
  • Last Reply

Top Posters In This Topic

Hello and welcome, jackwnoe: :)

VERY sorry to hear that you experienced serious problems with the program yesterday. :(

I am just a home user and forum volunteer.

Until one of the MBAM staffers arrives, please start with the steps recommended in this pinned topic: http://forums.malwar...owtopic=125138.

It contains instructions on how to proceed and, if necessary, how to directly contact the help desk for free, one-on-one assistance.

Thanks very much for your patience and understanding,

daledoc1

Link to post
Share on other sites

It's a bit over my head to say what's involved -- it does vary somewhat, depending on several system variables.

In any event, the support team is working around the clock to assist everyone who was affected by the problem.

Thank you so much for your patience and understanding,

daledoc1

Link to post
Share on other sites

I'm one of those volunteers too - I just happened to come in here last night to report that it was happening and then stay around trying to diffuse the situation left and right.

The one thing I can say more than anything else is: be cool. There is a lot of tension and they (we) understand that this is a frustrating situation. Support may take a while to get to you but this is a huge problem, and they've been working steadily since ~6 PM EDT last night - so, please, be patient. They have not forgotten, there are just literally thousands others in a similar predicament.

Link to post
Share on other sites

I am glad to know that I am not alone and its not localized. I really love using malwarebytes so this was a bit of a surprise.

I'm betting that the staff here are wishing it *WAS* localized - this is a nightmare.

Should I still try to use the fixer that was posted in a link above or just wait?

My personal suggestion is to go ahead and use it - I'm betting shadow and mainard would agree with me, and it won't hurt anything if those are duplicate files.

Link to post
Share on other sites

Should I still try to use the fixer that was posted in a link above or just wait?

Hello jackwnoe,

Yes, please use the fix tool to have your items restored from quarantine. That should leave your system in a state that can still be used.

Thank you for your patience.

Link to post
Share on other sites

Just to be clear, I have read countless messages in here. I originally had the black screen with cursor and used a recovery disk to get past that. Now I have 900 files in quarantine. I just want to make sure I have the steps right. I should go into safemode and use the mbam-repair 1.02.0.1000 and run the "Run This" as administrator. What should I do after I do that or do I have to do anything?

Do I need to do a quarantine restore in safemode or go back to normal mode and do a restore or do I even have to do that now.

Do I need to use the mbam setup 1.75.01300?

Link to post
Share on other sites

I have a LAN with 3 computers that I leave on 24/7 and access remotely. I logged into that LAN via RDP today and Malwarebytes is going apesnit on one of the PC's, throwing up pseudo random quarantine alerts for virtually anything/everything, even taskmgr, etc. I could not run any tools to forcibly stop mbam.exe from executing. When I tried to bring it up, it appeared to block and quarantine itself. It would not allow a shutdown /r reboot - so I logged off the RDP session and tried to do a remote shutdown w/admin credentials - came back access denied and the machine goes black screen on RDP - it appears to be connecting but it is no longer transmitting the screen info. As near as I can tell - any program that one attempts to execute (and the associated dll's and/or ocx's) is getting blocked and apparently quarantined. The only reason I was able to initially see the desktop is that I remote to that PC from the primary port routed target for RDP and I usually leave the remote desktop connection window open so that was up and running when Malwarebytes started biting itself to death. For the interim - since this appears to be an auto-update gone ballistically bad, I have used the router's firewall to block that system's IP from having Internet access (in case the PC is now a slave bot and this is being caused by an external hack of mbam or something).

Now I have to worry about the rest of my computers - I have at least six Malwarebytes licenses floating around in my cyberspace. Fortunately, a couple of them were installed on laptops that are no longer in frequent use. That leaves me with at least 3 or 4 PC's I need to check on. Plus I've recommended the software to dozens of people - clients, friends, family. It will be at least two, maybe three days before I can arrange to travel to the remote site and deal with the PC that is knowned to be whacked. At a minimum, I am looking at travelling nearly 1,000 miles; this means either 16 hours of driving or spending $300 or so on air travel and a car rental, plus at least 6 hours of going to the airport, checking in, security checks, air travel time, take the shuttle to the car rental, driving to the location, etc) - then reverse the sequence.

I've used Malwarebytes for years - the worst headache it has ever given me in the past was to glitch up in a way that requred, de-install, re-install, then download the updates.

Obviously, at this point in time, I am a disgruntled customer. Hopefully by the time I get to the location, there will be a solid recovery procedure available that averts a worst case scenario of significant data loss, and potential loss of certain applications that are not longer available and that do not reinstall gracefully (required online authentication/validation of registration info and the company is no longer around).

Support team - you have my email associated with this forum login. There is nothing you can do for me until 4/18 at the earliest - but please include me in the loop for any official updates/remedial procedures, etc.

I've worked several years providing systems support myself - I'm not a happy camper but I sincerely empathize with the nightmare this must be turning into for your team and Malwarebytes. If you can determine who is 'at fault' or who did this - please - kick him/her once for me? <sigh - I guess I'm kidding... sort of>

Link to post
Share on other sites

The fixit did not work for me. It made no changes that I can tell at all.

Sorry to hear that.

Please contact support via the following links and they will assist you directly in getting your system functioning properly again:

Home User Support

Business Support

Please be sure to include the following information to expedite the repair process:

  • OS installed (i.e. XP, Vista, 7, 8 etc.)
  • Whether you have restarted your computer yet or not
  • Whether or not the system is bootable if you have attempted a restart of your system yet
  • Whether or not you have your Windows installation media (CD, DVD, recovery discs etc.)

Thanks for your ongoing patience and understanding,

daledoc1

Link to post
Share on other sites

Hello,

I have been using malwarebytes for a long time now and typically do an update daily and scan a couple of times of day. Yesterday, I did an update and scan and it pulled up over 900 trojans. I immediately had the items removed and rebooted. Once I rebooted I discovered that the majority of the programs no longer worked. Malwarebytes had deleted most of my registry and most of my dll's. I see that they are listed in the quarantine log. I tried to restore the items, but nothing seemed to happen. Is there a way to get my items restored to where they were. I wanted to do a system restore, but all my restore points are gone. Please help.

Thanks,

Just a piece of advice if it's more then a few hundred infections or even a few thousand then it's highly possible it's a false positive. Especially if you had no symptoms or anything out of the normal. This can happen with any security software For future reference if you don't know or feel like the detections are not normal you can always post on this forum under the False Positives section to be sure. Somebody will take a look and let you know if this in error and make a correction to future updates if needed. :) Always welcome to ask if you don't know. :)

Link to post
Share on other sites

Freemont PC- I finally located the restore cd. The computer doesn't recognize it. Same error happens. My computer won't even let me get to the windows 7 log on. I feel its fried beyond repair. I was basically told by support there isn't a fix yet. I have lost all data. I am losing business. I understand they are overwhelmed, but it is beyond frustrating to not have answers. I feel they need to admit in many cases like mine there is no fix. Am I going to have to pay hundreds of $$$ to have someone look at my computer to try to restore the data?

Link to post
Share on other sites

Val, if it comes to Data Recovery, I have a resource for you, but let's try less drastic means first, at least explore the current state of affairs without making changes so much.

That way, when MBAM support gets back to you, perhaps you'll have some extra info for them that could help speed things along. What brand/model of system do you have and is your recovery cd one that came with the system or one that you created (a Win7 System Repair CD)?

Also, what size hard drive is installed in your system and how much of it is used?

Link to post
Share on other sites

Good deal, Jackwnoe. Are you able to make a system image backup of your disk at this point? Is System Restore available now?

It is next on my list. I just need to find and replace my missing four dll files. Hopefully its as easy as downloading and placing them in a folder.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.