Jump to content

System will not boot after detection by MB anti-ransomware


Recommended Posts

hello,

windows 7 machine running anti-ransomware will not boot after detection of an infection, quarantine and reboot.

Mounted hard drive on another machine and pulled the log and anti-ransomware directories requested for false positive, though i dont know if it is a false positive.

Zip files attached.

system is in a rebooting loop.

any assistance that can be provided would be great.

thank you

logs.zip

Malwarebytes Anti-Ransomware.zip

Link to post
Share on other sites

  • 2 weeks later...

No response from malwarebytes,  I understand it's beta software, but isn't it the point of beta to work out bugs?

I was able to recover data off the drive by mounting it as a slave on a second machine.

Was unable to boot in safe mode (any flavor).  Was able to boot into windows 7 recovery.  tried SFC from command prompt, system state recovery and a bunch of other things i can't even remember at this point, with no success other than i was able to get the machine to hang (movable mouse cursor, black screen, nothing else) instead of rebooting constantly.

Ended up imaging the machine back to factory and restoring the data.  So far, no issues.

Would love to know more about why the software behaved this way, and how to resolve if it happens again.

 

Link to post
Share on other sites

Sorry to hear you had this problem.... as you stated this is a beta and its designed to find bugs...

As mentioned HERE it is recommended you do not install this on a production computer.... 

As this is the very first beta we do encourage beta users to install the product in non-production environments for testing purposes only.

Link to post
Share on other sites

Thank you for the response, and as if have stated, I understand its beta and not going to be perfect.  I love the malwarebytes products and have been very happy with them in the past.  I am also very happy that no files were encrypted and i was able to recover them, so its all good.

All i was indicating is that i submitted the requested logs/directories and heard nothing about them.  It would be nice know if it was an actual infection or just a false positive, not to mention why the machine because unusable (though this would have been better info to know before the machine was rebuilt).  I updated the blog in-case anyone else was having such issues and came across it.

You state that the beta program is designed to find bugs.  Well, I either found an infection or a bug, but i just figured someone there would be interested in the fact that after the product found an "infection" (real or not) and was rebooted at its request, the machine became non functional.  Production machine or not, I don't think that this behavior was by design, correct?  If the behavior is by design, like some kind of lock down mode, it would be nice to have that info going in, maybe have some indication of what is going on when it happens, and maybe a procedure to bring it out of that mode.

I hope the logs i provided will help to avoid such issues in the future, especially when the product comes out of beta.

thank you for your time!

Link to post
Share on other sites

Thanks for the added input.

I can not vouch as to why staff did not respond, as I do not work for Malwarebytes.  Perhaps you may have received better replies in the Beta Section where they are monitoring what is going on with the beta.  It most likely was a false positive as they have had quite a few of those.

Being that you posted in the Malware Removal area (not that it was wrong as you suspected you may have been infected), it may have been over looked.  Not making excuses, I just happened upon this thread and decided to reply to you to give you the added into.

Also always remember you can email support directly for a prompt response as well, they more than likely would have been able to get your computer back up and going without having to do a complete reinstall.

Anywho, that would be for future reference....

 

Link to post
Share on other sites

no problem.

Just so you know, i did contact support (one of my first steps) via email and was told that they do not support the beta anti ransomeware at all, and they referred me to the blogs.

First i posted in the anti-ransomeware blog that they referred me to and i was told that it was out of scope for that blog. They told me to post in the malware removal blog, and i never got anything back.

It could easily be overlooked, i just hope that someone will end up seeing it and it can help improve the product.

Anyway, again, thank you for your responses.  Much appreciated!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.