Jump to content
ED555

BSOD when MBAM scan for rootkit

Recommended Posts

Hi,    :welcome:

My name is Maurice. I will be helping and guiding you, going forward on this case.

 

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

Please only just attach   all report files, etc  that I ask for as we go along.


We need to get  detail   information from this machine in order to have the proper detail to help you forward.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

    Download Malwarebytes Support Tool
    
    
    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support- 1.5.1.681.exe to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.

 

Edited by Maurice Naggar

Share this post


Link to post
Share on other sites

Thanks for the report file from the support tool.

Let us begin with a small cleanup.

This custom script is for ED555   only.

 

Please Close and save any open work files before you start this next step.  It will involve a Windows Restart at the end of it.

I am sending a   custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) to the Downloads  folder

The tool named FRSTENGLISH.exe   tool    is already on the Downloads folder.

Start the Windows Explorer and then, open the Downloads folder.


Double click FRSTENGLISH

  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
Click the Fix button just once, and wait.

 

FRST_Fixl.png.c4c1c0dddcc49b11fa400590f070bd5e.png

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. Some machines take longer than others.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply

We will do more later.

Fixlist.txt

Share this post


Link to post
Share on other sites
On 9/22/2019 at 10:56 PM, Maurice Naggar said:

Thanks for the report file from the support tool.

Let us begin with a small cleanup.

This custom script is for ED555   only.

 

Please Close and save any open work files before you start this next step.  It will involve a Windows Restart at the end of it.

I am sending a   custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) to the Downloads  folder

The tool named FRSTENGLISH.exe   tool    is already on the Downloads folder.

Start the Windows Explorer and then, open the Downloads folder.


Double click FRSTENGLISH

  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
Click the Fix button just once, and wait.

 

FRST_Fixl.png.c4c1c0dddcc49b11fa400590f070bd5e.png

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. Some machines take longer than others.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply

We will do more later.

Fixlist.txt 1.59 kB · 3 downloads

 

Fixlog.txt

Share this post


Link to post
Share on other sites

Thanks for the report.  Just by the way, there is no need to press the Quote button when doing a reply.

This thread is just you and I.

 

Lets have you run these 2 scans.

The Microsoft Safety Scanner  is a free Microsoft stand-alone virus scanner that  can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Let me know the result of this.


[ 2 ]

Let's have you run the Microsoft Malicious Software Removal Tool   (  MS  MSRT ).

This tool is a limited one.  It targets some specific "common" malicious threats.  It is a tool run typically once a month when your Windows does a Windows Update check.

I would just like a one time on demand run.

Point your browser to this MS website link    https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Look to see it matches your language & your version of Windows in terms of 64-bit or 32-bit

Download and save the tool.   Then go to the folder where saved  ( should be the Downloads folder).  

Double click the tool   and allow it to Run.   It should not take more than 12 - 15 minutes.

 

Share this post


Link to post
Share on other sites

Please try uninstalling and reinstalling Malwarebytes for Windows using the Malwarebytes Support tool.

Uninstall and reinstall using the Malwarebytes Support Tool
https://support.malwarebytes.com/docs/DOC-2674

 

Then just do a very plain straightforward Threat scan.

( do NOT change any settings.   do NOT mess with rootkit scan.   We just want a normal scan with default settings.)

https://support.malwarebytes.com/docs/DOC-1156

Share this post


Link to post
Share on other sites

when scanning for rootkits it still freezes((( problem still exists(((

Share this post


Link to post
Share on other sites

Put the system into SAFE mode of Windows.    Then you may try the scan with rootkit.

Rootkit scanning should only just be used if there is a real valid indication of a tough infection.

There is no sign here of infection.

Share this post


Link to post
Share on other sites

Hello    I really need much more detail than that.   Was that like a freeze-up ?   If so, how much time did you wait ?

One needs lots of patience.   I would give it at least 15 minutes before giving up.

Also, what did you last notice ?  what was it frozen on ?

 

I also would like to get a fresh set of logs.  This pc has the report tool  mb-support-1.5.1.681.exe   on the Downloads folder.

open your Downloads folder


    Double-click mb-support- 1.5.1.681.exe to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button       <<<-- - -
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.

Share this post


Link to post
Share on other sites

Thanks for the support-report file.

Where exactly did you see the hang ?   if you recall.

Plus as I say,  did you wait at least 10 minutes   before doing something else ?

Share this post


Link to post
Share on other sites

I waited about two hours... see the hang on 478 , 479 or 480 scan object....

Share this post


Link to post
Share on other sites

Waiting just up to 15 or 20 minutes should be plenty.

Lets do what follows to do cleanups  and to insure all old traces of Malwarebytes for Windows are gone.  The last report indicates it cant find a installed Malwarebytes for Windows.   But the prior reports showed this machine had had version 2 before  and then version 3.

Later on I can guide you to getting the beta Malwarebytes 4.0.1

 

Malwarebytes Support Tool (MBST) Cleanup remove

  • Open your Downloads folder.
  • Right-click on  mb-support-1.5.1.681.exe    and select Run as Administrator  & reply YES to allow to proceed.
  •  
  • You may be presented with a page stating, "Welcome to the Malwarebytes Support Tool!".
  •  
  • Click the Advanced Options link. This is important. Please ensure Advanced Options is clicked.
  • Click the Clean button followed by Yes to proceed.
  • Upon completion, click OK to reboot your computer.
  • After the reboot, please wait for the tool to reopen.
  • You may be presented with the option to install Malwarebytes for Windows. Click NO     ( we do NOT want a new install at this time )

 

[ 2 ]

This is a second phase of cleanup.

This custom script is for ED555   only.

 

Please Close and save any open work files before you start this next step.  It will involve a Windows Restart at the end of it.

I am sending a   custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) to the Downloads  folder

The tool named FRSTENGLISH.exe   tool    is already on the Downloads folder.

Start the Windows Explorer and then, open the Downloads folder.


Double click FRSTENGLISH

  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.

IF Windows prompts you about running this, select YES to allow it to proceed.


Click the Fix button just once, and wait.

 

FRST_Fixl.png.c4c1c0dddcc49b11fa400590f070bd5e.png

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. Some machines take longer than others.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply

 

Fixlist.txt

Share this post


Link to post
Share on other sites

I have received the Fixlog report.   Thanks.

On this next phase, I would like for you to install the beta Malwarebytes for Windows 4.0.1

Be real sure to first SAVE the download-setup file to the Downloads folder.   Do NOT run it out of the browser itself.   Just Save the file first.

 

You can download the Beta installer from this link.

Click the blue-color Download button.

Save.   Then go to where the file is saved.  Right-click on MBsetup.exe   and select Run As Administrator.

Reply YES when prompted by Windows.   Allow it to proceed.

 

Follow all prompts to setup version 4.0.1

 

 

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.