Jump to content

Anti rootkit malware scanning working for Administrator only


Recommended Posts

Hi,

 

First time here.

 

On one of my computers - a laptop, I have 3 accounts.  2 administrators and 1 standard user.

 

Recently, it seems that I have experienced an episode of vanishing files - rootkits?  Since then, I have had a new installation of Malwarebytes free trial and on both administrators accounts, the recent / current scan was clean.  However, when I try to engage Malwarebytes on the standard user account, Malwarebytes will not start unless I disabled rootkit scan.

 

The exact description of the situation is that a pop up window with a message that asks me to either disable rootkit scan or reboot and then try restarting Malwarebytes again after reboot comes up every time.  All this time the standard use is the only user logged onto the computer.  Obviously, after rebooting, Malwarebytes still won't start WITH rootkit scan enabled.

 

I will try the option of attempting to start Malwarebytes without rootkit scan and see what happens after finishing with this message.

 

Questions:

1. Have I completely removed rootkit malware?  If the administrator scan came up empty and I am up to date with all my Windows updates, I should be fine right?

2. If I have removed the rootkit malware, how do I get the standard user account to be fully protected if I cannot get it to engage with rootkit protection?

3. If I have not completely remove the rootkit malware, how should I proceed to get it completely removed - this is when the standard user could not engage rootkit protection and Malwarebyte will only engage with rootkit scan disabled.

 

HELP!

Link to post
Share on other sites

Questions:

1. Have I completely removed rootkit malware?  If the administrator scan came up empty and I am up to date with all my Windows updates, I should be fine right?

We would be dealing with semantics. Even though you may have rid your system of the original rootkit itself, did it deliver a yet to be mitigated payload? What actions did your system's anti-virus application take? That can not be answered yet.

 

2. If I have removed the rootkit malware, how do I get the standard user account to be fully protected if I cannot get it to engage with rootkit protection?

Without additional diagnostic scans (see below), this can not be fully answered yet either.

 

3. If I have not completely remove the rootkit malware, how should I proceed to get it completely removed - this is when the standard user could not engage rootkit protection and Malwarebytes will only engage with rootkit scan disabled.

 

While in the Administrator's account, MBAM Premium must be parametrized early on to protect at its maximum capability.  This will happen if MBAM's default settings remain unchanged.

 

Hello rting and :welcome:

Since your system was, and may still possibly remain infected, and malware removal actions are not permitted in this sub-forum, I recommend following the advice from the topic: Available Assistance for Possibly Infected Computers and have one of the Malware Removal Experts assist you with your issue.

If, as recommended, you do open a topic in Malware Removal Help, please make reference to this thread.

If you would like to get off to a very fast start, the Malware Removal Experts would appreciate it if you would also Copy and Paste (not attach) both the FRST.txt and the Addition.txt output diagnostic reports from only Log Set 1 into your new topic. Please do not tick, nor untick, any FRST categories as they are pre-configured by Farbar.

Thank you. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.