Jump to content

PC Problems


MBova

Recommended Posts

Ok, so I have a computer with an obvious infection, and it is nasty. I cannot install MBAM. I have tried many different ways including, renaming the .exe for installation and mbam.exe to explorer.exe and many other ways. The program will not install. I cannot boot into safe mode, since the safeboot registry has been deleted. I am really trying to stay away from a complete re-image at this time.

My question then is: is there a way to boot an OS straight from CD that will allow me to install MBAM, get updates of definitions through the net and scan and remove infected files from the actual C: drive OS, including the registry, so that I can get to repairing it?

Link to post
Share on other sites

Hello MBova, and welcome to malwarebytes.org

At present, running MBAM in a PE environment is not supported. If you are infected with a 'rogue' security program, and you know the exact name of it, I may be able to direct you to a tutorial written by one of the MBAM forum experts to remove it.

For expert malware removal advice, please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Link to post
Share on other sites

No problem, MBova. We always try to help if we can. :)

Just out of interest, though. Do you know the name of the infection that caused the problems?

The only thing that I could determine was that it was a Mcafee.com worm. The characteristics are pretty similar to Vundo and Netsky given some of the .DLL's I was able to find by hand. If you think about it the name is so clever, because when you do a search what do you get? McAfee.

The worm deleted the safeboot keystring within the registry and put the standard blocks on msconfig, task manager, folder options, and regedit. I was able to restore those 3 and look into the issues. I tried to do a manual install of MBAM by creating the registry key strings myself. I was able to do so, but the virus blocked all .exe's and I couldn't determine which system process was running the block. I went ahead and did the no-no thing and forced a safeboot through msconfig to minimize the processes and I still couldn't find it. Without being able to do ANY installs and with a slave only able to get part of the problem removed, I quit. I am truely crushed as this is my very very first defeat. :blush:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.