Jump to content

Help , Malwarebytes Anti-Malware Is Not Working

Faisal

By Faisal
in Resolved Malware Removal Logs

 Share

Recommended Posts

Faisal

Faisal

Posted
Posted

Hello ,, I Have This Problem When Running ANY Malwarebytes Products  , It Says (( This Application Was Unable To Start Correctly (0xc0000279). Click OK to close The Application ))

 

However I'm Able To Run Malwarebytes Anti-malware In SAFE MODE , But Then , When I Reboot In Normal Mode , I Got The ERROR .

 

Here Are A Picture That Show The EXACT Error I'm Facing (( CLICK HERE  ))

 

And Then When I Click OK , Another ERROR Appear , This Is A Picture Of It (( CLICK HERE ))

 

And Here Are Some Files That Analyze My System Using ( Mbam Check Tool , Addiction , FRST ) (( CLICK HERE ))

 

* Please NOTE That I Couldn't Run MBAM CHECK TOOL In Normal Mode , I Had To Switch To SAFE MODE

 

** I'm Not Using Any Kind Of P2P Software .

** I Had This Problem Before Formatting My Computer , And Then I Formatted It Using ORGINAL FACTORY IMAGE , But The Problem Is Still

** EVERY SIGNLE Program In My PC Are Original , There Are Absolutely NO Pirated Software .

** I Believe The Windows Is CLEAN FROM Any Malware OR Virus Since It Have Been Formatted Using Original Factory Images And Its Been Used Just To Check EMAILs And Using This Site .

** I Have Contacted Malware Support Via Email , But After They Asked Me For Files , They Did Not Answered Me

 

Please Ask Me For Othere Spicified Information Maybe Needed , And I Appreciate Your Help :) .

 

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

Hello and Welcome to Malwarebytes :)

Let's try this first.... (all done in Normal Mode)

Thank You,

Firefox

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted
Firefox, on 03 Feb 2015 - 12:08 AM, said:

Hello and Welcome to Malwarebytes :)

Let's try this first.... (all done in Normal Mode)

Thank You,

Firefox

 

Hello , And Thank You For Replying ,

 

1 - I Cannot Run ANYTHING Related To MalwareBytes , Even The Uninstaller ( IN NORMAL MODE )

 

2 - I Have Already Attached Link To Those 3 Files ( Please Click Here )

 

3 - Thanks

 

 

Awaiting Your Reply .

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

Thank for the logs.... after reviewing them your computer is infected at least with some PUP's and will require further analysis.

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted

I Will Perform Factory Reset Since The Support Take Too Long To Respond.

 

I Will Make Fresh Windows And Then I Will Install Only These Software And See If It Work :

 

1 - MS Office

2 - Adobe Products

3 - WinRAR

4 - BitDefender SafePay

5 - Google Earth

6 - CCleaner

7 - MS Security Essentials ( Pre Installed )

8 - K-Lite Codec

.

I Will Install Them ONLY Since They Are Not PUP As I Believe And Then I Will Install MalwareBytes Anti-Malware And See

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

Thanks, let us know how it goes...

 

Stay away from programs such as SpeedyPC Pro (or any similar programs that claim they will speed up your computer)

 

Make sure you update your windows and other apps to the current versions and security fixes.

 

During the install of any of your programs make sure to uncheck any extra offers

Link to post
Share on other sites
  • 4 weeks later...
Faisal

Faisal

Posted
  • Author
Posted

Thanks, let us know how it goes...

 

Stay away from programs such as SpeedyPC Pro (or any similar programs that claim they will speed up your computer)

 

Make sure you update your windows and other apps to the current versions and security fixes.

 

During the install of any of your programs make sure to uncheck any extra offers

Hello ,, And Really Sorry For Late Answer , The Problem Is Still And I Cant Run ANYTHING From MalwareBytes ,, I Just Formatted My Computer 2 Hours Ago ,, And Then Installed " MalwareBytes Anti-Malware " It Worked Fine For About 30 Minutes And Then When I Restarted The Computer The Problem Came Back !!! THIS DRIVES ME CRAZY !! 

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted

OK, now that you have formatted and re-installed, lets get a fresh new set of logs...

Please read the following and in your next reply ATTACH the 3 requested logs - Diagnostic Logs

(the three files should be CheckResults.txt, FRST.txt and Addition.txt)

Thank You,

Firefox

Hello ,, Those Are The Files Requested ,  Just Created Them Now .  

 

* Please Note That I Couldn't Run Malwarebytes-Check Tool Without Switching To SAFE MODE .

All Results.rar

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted (edited)

if this is too much and you think you cant do it without losing files then i would wait for "firefox" to continue on helping you out. i figure since i saw this post i would try to help out as well.   :D

Hello , And Thanks For Replying , I'm Almost Sure That The Recovery Partition Is Clean As Its WRITE-PROTECTED ,, Plus , All My Software In The Computer Is From ( Verified Publisher ) , Plus I Installed MalwareBytes Anti-Malware At The Very First Time I Used The Computer ,

 

And Thank You Very Much For Your Time And Effort

Edited by AdvancedSetup
Removed extraneous information as not related to review and repair of issues
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

The logs show that you're having driver issues for some Intel software that needs to be fixed.

Please run the MBAM CLEAN utility and temporarily uninstall Shadow Defender and go back to the default MSE antivirus for Windows 8.1

After you're removed Shadow Defender then run the MBAM CLEAN process and reinstall MBAM and let us know if it's working or not. See post #2

The missing driver for the Intel device could also play a part in MBAM not working correctly.

Name: I2C Controller

Description: I2C Controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel Corporation

Service: iaioi2c

Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)

Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted

The logs show that you're having driver issues for some Intel software that needs to be fixed.

Please run the MBAM CLEAN utility and temporarily uninstall Shadow Defender and go back to the default MSE antivirus for Windows 8.1

After you're removed Shadow Defender then run the MBAM CLEAN process and reinstall MBAM and let us know if it's working or not. See post #2

The missing driver for the Intel device could also play a part in MBAM not working correctly.

Name: I2C Controller

Description: I2C Controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel Corporation

Service: iaioi2c

Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)

Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Hello , And Thanks For Start Assisting Me Here ,

 

I Have COMPLETLY DISABLED ShadowDefender From My PC , And Then I Downloaded " MBAM CLEAN UTILITY " , And I Run It AS ADMINISTRATOR , After Rebooting I Made Sure That MBAM Was Successfully Removed From My System ,, After That I Reinstalled " MBAM " , It Work For Approximately 10 Minutes After That The EXACT SAME ERROR Appear And MBAM Stopped Working .

 

 

The Only Thing I Couldn't Do Is Downloading The I2C Driver You've Talked About , I Couldn't Find It Anywhere In Device Manger NOR From Intel Website , If You Could Give Me A Direct Link To The Driver To Download It That Would Be Great .

 

 

Thanks !

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Let me have you run some other tools. If any of them won't run please just note it and move on to the next tool.

 

 

Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology


    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted

Hello , Here Are A Summary Of The Steps Results  :-

 

 

 

Step 4 : Step Successful ,  A Log File Attached ( JRT.TXT ) .

 

 

 

Step 5 : Step Successful , NO Adware/Spyware/Foistware Were Detected , A Log File Attached ( AdwCleaner[R0].TXT ) .

 

 

 

Step 6 : Step Unsuccessful , I Cannot Run MalwareBytes Anti-Malware As The Error Still Appear *

 

 

 

Step 7 : Step Successful , NO Threats Were Detected .

 

 

 

Step 8 : Step Successful , The 2 Log Files Attached ( FRST.TXT , Addition.TXT ) .

 

 

 

 

* I Can Only Run MBAM From SAFEMODE , And I've Already Done This Step Before .

 

 

 

Please Note That I Have Also Tried To Install MBAE ( MalwareBytes Anti-Exploit ) And The Same Error Appears ,

 

Logs.rar

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Well the logs do not show that Shadow Defender has been removed or disabled. At this point I'm not seeing any reason for our program to not run so please uninstall ShadowProtect for now.

 

Then run a disk check of your drive.

 

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows 8 the disk check log is in the Event Logs under Application with a heading source of  Chkdsk


How to Check a Drive for Errors with "chkdsk" in Windows 8

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8
 

 

Please note that Windows 8 may try to check the drive live without a reboot but please do a full check and reboot.

Basically from an elevated admin command prompt run the following.

 

CHKDSK   C:  /R

 

Then reboot and let it run.

Link to post
Share on other sites
Faisal

Faisal

Posted
  • Author
Posted

Well something is going on to stop it. Try running the Microsoft Process Explorer and see if you can see what's blocking it.

 

https://technet.microsoft.com/en-us/sysinternals/bb896653

 

 

I Cant See Any Suspicions Process Running In The Background , However I Created A Log File Via Process Explorer That Show All Running Process .

iexplore.exe.txt

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.