Jump to content

Recommended Posts

Downloaded MBAM today.

Installed on a vista (known clean) machine, tested everything well.

Installed on an XP (known infected) machine. Not so well.

Installation and update went fine. Can navigate the UI and change settings.

On starting a scan, timer ticks up Object Count does not go up. After about ~ 15 seconds MBAM just disappears. On trying to restart from the Start menu (or desktop icon) I get "windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." If I try to run from command line, all I get is "access denied"

I am logged as the administrator for this machine.

I have AVG anti-virus, have added the MBAM path to the exclusion list.

Things I have tried to date:

1. Quickscan first: Fail, can't restart, re-install

2. Full scan fist: Fail, can't restart, re-install

3. Repeat above without database update first after install: Fail, can't restart, re-install

4. Repeat above from command line:Fail, can't restart, re-install

5. All of the above in safe mode: Fail

I'm probably not the fist to run into this, but searches on the forum did not turn up anything useful.

XP is on SP3 and up to date.

AVG is probably not a factor, since the behaviour is the same in safe mode, but is up to date.

Help!!!!?

Link to post
Share on other sites

Please review the FAQ for a possible solution.

I have AVG, so McAfee and TrendMicro FAQs irrelevant.

Have added the install directory to AVG exclusions.

Tried the rename trick: FAIL

RootRepeal: Will not start on that machine. Manually scanned for the identified [prefix]*.sys files, found none. Waiting to hear from rootRepeal about suggestions.

New finding: firefox gets killed on start up as well even in safe mode. interestingly IE8 - no addons starts fine.

Tried to restore to a restore point from before issues: no jou.

Further suggestions?

Link to post
Share on other sites

  • Staff

You need to post a HijackThis log into the Malware Removal - HijackThis Logs forum

  • Scan and Log Procedures
  • Please download this program Trend Micro HijackThis to your desktop.
  • Double-click on it to run and install it.
  • Then launch the program and click on Do a system scan and save a logfile. This log file will open in Notepad.
  • Please start a Newtopic here and post the most recent Malwarebytes' Anti-Malware log file and HijackThis log file using Copy/Paste.
  • The Malwarebytes' Anti-Malware log file is located in the Logs tab of the program.

Someone will analyze the logs and give you further instructions.

Prompt responses to instructions and performing the required fixes as soon as possible is always best.

During this scan and cleanup process you should not install any other software unless requested to do so.

NOTE: Please DO NOT post back to your post within the first 48 hours. Replying to your own posts changes the post count and will often cause helpers to think that you're already being helped and thus they won't open and look at your post. If no one has replied within 48 hours then please go ahead and either reply to your post or send a private message to a Moderator and let them know that you're still needing assistance.

As soon as someone is available they will assist you.

Link to post
Share on other sites

  • Root Admin

Hello thesamim,

The issue is that we don't work on logs or support like that here in the General forum. Just open a NEW post in the HJT forum and let them know that none of the scanners seem to run and as soon as they're available they will assist you. Current wait times appear to be about 3 to 5 days though as there are just too many people seeking assistance.

Link to post
Share on other sites

Hello thesamim,

The issue is that we don't work on logs or support like that here in the General forum. Just open a NEW post in the HJT forum and let them know that none of the scanners seem to run and as soon as they're available they will assist you. Current wait times appear to be about 3 to 5 days though as there are just too many people seeking assistance.

Will do.

Thanks for your time Ron and Tom.

Link to post
Share on other sites

Will do.

Thanks for your time Ron and Tom.

Right, this is taking on epic proportions. Posting this here in case anyone else has seen the like. Will keep updating the blog until it's resolved in case that helps anyone with the same problem.

sami_mikhail.posterous.com/virusmalwarespyware-from-hades-anyone-know-wh

Edited by AdvancedSetup
removed hyperlink
Link to post
Share on other sites

Update posted at sami_mikhail.posterous.com/

usual http prefix in front of that. apparently links not ok in posts (sorry about that). I'm not going to post every update from now on, those interested can follow in the blog. those not interested can ignore. i don't want to clutter up this thread with useless information.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.