Jump to content

Some persistent malware and the "error '-2147024769 (8007007f)': Automation error The specified procedure could not be found"


Recommended Posts


recently i've got infected by a pack of rootkits/malware, they did terrible things to me:

1) rewrote all firewall rules, made it wide-open;

1a) then started a lot of very insecure services such as RemoteRegistry and WinTerminalAccess;

1b) so i believe many malware got into later through these doors;

1c) when i've tried to correct these settings they kept restoring them to the very insecure state.

2) then they've turned my display into 4-bit color depth and 320x200 resolution (very creepy)

So i went to a friend; downloaded and burned Kaspersky's bootable linux LiveCD "RescueDisk 10"; but it found none of malware! Very overdone their popularity is. But i was able to browse the Web, so i've got your Anti-Malware, HitmanPro, Emsisoft's Emergency Kit and some more scanners. I was able to install them in a normal or safe-mode. Totally they've found and destroyed about 8 to 10 malicious files.

But your Anti-Malware keeps failing to start, giving me the "Automation error" as in the message https://forums.malwarebytes.org/index.php?showtopic=128732 and some suspicious activity continues. For example, after cleaning everything and living a day almost normally i've started RegistryCleaner and found a "service" named mbr which was attached to a file in the (autocleaned) temporary folder: \??\D:\temp\mbr.sys




Link to post
Share on other sites

I'm attaching a contents of this registry key in the reg_MBR.txt file.
Chameleon doesn't help to start Anti-Malware (same error) and RKill just gave me a BSOD.
Then, Kaspersky's antiviral scanner keeps failing to install with various (!!!) error messages.

I'm including DDS' output and heartily hope that some help is possible in my case? Please, please!

Link to post
Share on other sites



some malicious code prevents my Firefox from accessing google.com; browser tries then says "The server at

google.com is taking too long to respond." Same for encrypted.google.com and forums.malwarebytes.org =(


My proxy and firewall aren't messing with it, in fact, the proxy doesn't see any requests for affected sites. But from the Opera i was able to connect and post this panic message here! =) Malwarebytes' Anti-Malware is unable to start due to the problem described here: https://forums.malwarebytes.org/index.php?showtopic=140731 to which nobody cared to answer. Disabling all the plugins in firefox didn't help. What can i do? Please reply something?

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.