Jump to content

MBs freezes during scans unless I exclude drivers file and Malware.Trace keeps showing up


Recommended Posts

Thanks so much in advance for all the help.

Symptoms

Running update for installation of IE 8 produces freeze at checking for

malicious programs. I installed without running this utility.

All AV scanners fail during scans on different drivers in :

C:\WINDOWS\system32\drivers

MSE and Micrisoft security scanner fails at pcmcia.sys

Malwarebytes fails at ati1btxx.sys

What I did so far in order

I first excluded files below in MSE and reran

* C:\Program Files\Malwarebytes' Anti-Malware

* C:\Documents and Settings\All Users\Application

Data\Malwarebytes\Malwarebytes' Anti-Malware

* C:\Documents and Settings\All Users\Application

Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

* C:\WINDOWS\system32\drivers\mbam.sys

* C:\WINDOWS\system32\drivers\mbamswissarmy.sys

* C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

* C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

* C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

And MSE still froze at C:\WINDOWS\system32\drivers\ pcmcia.sys just like

before.

So it does not appear to be a program conflict. Just to be sure I

uninstalled MSE.

Then I uninstalled Malwarebytes completely using RevoUninstaller Pro.

Rebooted in safe mode twice.

Then I installed Malwarebytes again.

It still freezes at ati1btxx.sys

Note,

If I exclude the folder C:\WINDOWS\system32\drivers

Malwarebytes complete scans and now show after removing several viruses trojans computer as clean except malware.trace keeps showing up on scans .

HOWEVER!!!

I did notice an outgoing calls to a Server in Eastern Europe were blocked by

Malwarebytes (attached as protection.logs) so something is not right.

Attached logs

As a last ditch I ran ComboFix which froze in scan 2 .

Then I ran a program called vundofix from atribune.org which killed 4

instances. No more trying to contact a foreign server.

Further scans show clean.

However windows security scan still freezes at same file and

C:\WINDOWS\system32\drivers\ pcmcia.sys

Malwarebytes fails at C:\WINDOWS\system32\drivers\ ati1btxx.sys (If I

exclude drivers file scan completes and reports Malware.Trace) ->

Quarantined and deleted successfully but it keeps reappearing.

unless I block drivers files from being scanned.

Finally I uninstalled all instances of Acrobat reader and all instances of

Java and still the problem exists.

Lastly

Ran all the scans mentioned in forum start before you post except that defogger seemed to stop.

Attached.

Thanks!

Mark J

South Beach

scan-results.zip

Link to post
Share on other sites

I have seemingly solved my issues by reinstalling OS over old one after using a2Hijack free to remove bad registries and processes.

Subsequent scans with a2Hijackthis and malwarebytes and online scanners show no issues at all.

I want to remove leftover diagnostic tools that are still showing on old user namely

OTL.exe

Defogger

GMER

and all other tools .

This forum was invaluable!

Any help would be appreciated!

Link to post
Share on other sites

I have seemingly solved my issues by reinstalling OS over old one after using a2Hijack free to remove bad registries and processes.

Subsequent scans with a2Hijackthis and malwarebytes and online scanners show no issues at all.

I want to remove leftover diagnostic tools that are still showing on old user namely

OTL.exe

Defogger

GMER

and all other tools .

This forum was invaluable!

Any help would be appreciated!

Sorry also want to remove combo fix too.

Link to post
Share on other sites

Hi,

  • Double-click OTL.exe.
  • Click the CleanUp! button.
  • Select Yes when the
    Begin cleanup Process?
    prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTL attempting to contact the internet, please allow it to do so.

Let me know what tools are still around after that.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.