Jump to content

Mbam process ending


Luviana

Recommended Posts

Per instructions on my last post, I attempted to follow the instructions on http://forums.malwarebytes.org/index.php?showtopic=9573 this page. However, I am unable to run any of those programs on the infected computer. Below you will find my original post:

I am doing a virus cleanup on a computer. I have used combofix and it has corrected a lot of the issues. I have manually removed several registry entries and files that were infected. I am able to install and unistall mbam to my hearts content. If I run the program, it will run for about 20-30 seconds then quit, I've watched it in task manager. I have tried renaming the executable and it will still quit. It will even end when I'm running in safe mode. I'm at a total loss as to what is causing this bizarre problem, it is the first time I've ever run in to it. Do you have any suggestions on what may be ending the process or a program perhaps that watches one specific process and tells you why it ends?

After following the directions on the other page, I tried to run GMER and it is also quitting. I have run exehelper and rkill and neither have found anything. I have run several other rootkit and tdss killers and they have all come up negative. I've run a temporary file cleaner, which executed fine. I have also downloaded and use a process explorer, but it isn't showing any strange processes running. I've disabled everything from starting up using MSConfig and regedit.

There seems to be something on the system that is stopping Malwarebytes as well as GMER from running. I can run anything else I want on there, including standard antivirus softwares, which are pretty much useless against these types of infections.

Well I've been fussing with this computer more and managed to get Avast antivirus downloaded and installed. It blocked a trojan "Kates-AL" which allowed me to actually run Malwarebytes. I'll see if the mbam scan is able to find anything.

Link to post
Share on other sites

Hi,

Please note: ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert". It is NOT for unsupervised use. Please read Combofix's Disclaimer.

Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please delete your copy of ComboFix.exe from the desktop.

Then download the latest version of ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them:
    Click me
    If you can't disable them then just continue on.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.