Jump to content

MalWareBytes (MBAM) Failure


Lordtac

Recommended Posts

Ok... I'm new to this board but I've hard a look around and this seems to be the best place to post this.

recently I noticed my computer has been slowing down rather significantly, on top of that it went through 2 power-outages within 24 hours while it was still on.

at about 4hr's 30min's (4:30) into a complete scan for MBAM, about the time it hits windows/system32 it locks up and MVS (Microsoft Visual Studio) displays an error notice with option to debug. Debugging states that it has something to do with permissions, which shouldn't be possible because I am an administrator (and this happened in safe-mode as well)

so far I've.

NOTE: when i say failure I mean MBAM has failed after this step

1- Reinstalled MBAM -------------------- FAILURE

2- run Dr.Web cure it then MBAM ------ FAILURE

3- run a start up chkdsk ----------------- FAILURE

4- cleaned out all temp files ------------- FAILURE

5- run Spyware S&D --------------------- FAILURE

6- run SAS (Super Anti-Spyware) ------ FAILURE

Any idea's?

P.S. I'm concerned that this may be a root-kit related to TDSS because after Dr.Web cure it, I received some similar symptoms (windows services acting up) they immediately fixed themselves and have not acted up sense.

Link to post
Share on other sites

Hello Lordtac: ;)

Please do one more attempt of Quick Scan with (Heuristics Shuriken Disabled) it isn't going to hurt in anyway

1. Click on Settings

2. Click on Scanner Settings

3. Uncheck Enable advanced heuristics engine (Heuristics Shuriken)

Give it a shot and let us know please! Don't forget to include version of Windows, and the locale (e.g. English, Chinese etc), and of course, the database version (latest 4468)

It may be possible that some kind of infection is preventing this. As an alternate please read and follow the instructions in I'm infected - What do I do now? An Expert will assist you in removal process

Please post back should you have any further question(s)

Link to post
Share on other sites

Hello Lordtac and ;) Malwarebytes.org's forum.

If you suspect a TDSS infection please have a read of this and follow the instructions given there.

In addition please look at this thread.

You may still need further help at some point; there are instructions at the end of the second link about what and where to post in the appropriate forum where you will get one-to-one help from malware removal experts.

Link to post
Share on other sites

Hi Lordtac -

Just because Malwarebytes found a Backdoor Trojan will not always mean it is fully removed -

To be extra safe I would follow the instructions by Haider in Post #3 to see if this has done more damage to your system -

There can always be a minor infection left behind -

But that is fully up to you if you want us to check the system for you -

Thanks for your visit - ;)

Link to post
Share on other sites

Hi Lordtac -

Just because Malwarebytes found a Backdoor Trojan will not always mean it is fully removed -

To be extra safe I would follow the instructions by Haider in Post #3 to see if this has done more damage to your system -

There can always be a minor infection left behind -

But that is fully up to you if you want us to check the system for you -

Thanks for your visit - ;)

I'll do that.

MBAM found these files and has stated they were removed (deleted)

-----------------------------------------------------------------------------------

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Adware.Seekmo) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Lordtac\DoctorWeb\Quarantine\setup(2).exe (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Lordtac\DoctorWeb\Quarantine\setup(5).exe (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Lordtac\DoctorWeb\Quarantine\setup.exe (Adware.Seekmo) -> Quarantined and deleted successfully.

-----------------------------------------------------------------------

Thanks for the speedy assistance :)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.