Jump to content

BSoD when MBAM scan for rootkits

Jimmaki

By Jimmaki
in Resolved Malware Removal Logs

 Share

Recommended Posts

1PW

1PW

Posted
Posted (edited)

Hello @Jimmaki:

Thank you for the data files.  Please attach "C:\Windows\Minidump\042617-14071-01.dmp" to your next reply before an aggressive cleaning utility deletes it.  If this forum's software appears to seemingly reject the .dmp attachment, please use the Windows 7 built-in utility to compress the dump file to a .zip archive.

Thank you.

Edited by 1PW
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello @Jimmaki

Are you running any type of Encryption software or is your hard drive compressed?

 

Please read the following article concerning the use of MSCONFIG
Msconfig Is Not A Startup Manager

 

Next,


Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

 

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please read the following topic and then run the Malwarebytes Clean Removal tool mb-clean

https://forums.malwarebytes.com/topic/196955-malwarebytes-mb-clean-tool/

The download link for the tool is:  https://downloads.malwarebytes.com/file/mb_clean


Restart the computer when done and reinstall Malwarebytes 3 with the latest build again.

Here is the link for the latest installer
https://downloads.malwarebytes.com/file/mb3


Thank you

Ron

 

Link to post
Share on other sites
Jimmaki

Jimmaki

Posted
  • Author
Posted

Hi Ron

I have followed the instructions in the first link you've sent me above up until the 6th step. I then selected YES in order to download, install and activate the latest version (after reboot) and it did nothing at all. 

I made the decision to download MB3 anyway through the link you provide me in your latest response and ran a scan including rootkit ( enabled) check. The result is described in my 1st post. 

Still receiving BSoD

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

No, a web server shouldn't cause an issue. Are you using a RAM drive?

Let's see if the stand alone has the same issue or not.

Please download Malwarebytes Anti-Rootkit from HERE
If needed there is a self help tutorial here: MBAR tutorial

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Also, please note we have posted a new 3.1 beta which has some changes to the anti-rootkit detection driver. If interested you could download and install that version and reboot and then scan again and let me know.

NEW BETA!  Malwarebytes 3.1.0.1716
https://forums.malwarebytes.com/topic/200230-new-beta-malwarebytes-3101716/

Ron

Link to post
Share on other sites
Jimmaki

Jimmaki

Posted
  • Author
Posted (edited)

No @AdvancedSetup, I'm not! 

With regards to encrypted files or folders, I have attached the .txt file below after ran "cipher /s:c:\ >" in CMD and it's negative.

I personally, clean installed W7pro/64 (former W7pro/32) a few months ago and never encrypted anything. No files, neither folders nor drives, nothing & never!

I'll try the B version, hoping will solve the issue

Thank you for getting back to me

encryption.txt

Edited by Jimmaki
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

It's very indicative of a security tool blocking our driver, but just don't really see anything like that on the system that would be causing an issue.

Let me have you run the following, please.

 

Please download and run the following Kaspersky tool to remove any found threats

Kaspersky Virus Removal Tool

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.