MBAM and OTL
Posted 06 April 2012 - 12:42 PM
As I need to empty the temporary files I use the empty temp command, this command asks processes to stop, now with windows processes like explorer if they refuse then OTL moves on to the next. But with MBAM it just locks the system and refuses to let OTL complete. Is there any way around this or do I have to resort to either not emptying the temporary folders or get the OP to run from safe mode. This behaviour is also apparent with TFC
As you can expect, someone who has an infection thinks the worst when OTL locks the system.
Trying to stop or pause the MBAM service has no effect because access is denied.
I can understand the reasoning behind not letting any other programme stop MBAM, but why can it not just release OTL and let it get on with it's job ?
Posted 06 April 2012 - 12:54 PM
That being said, you do not want to run any temp file cleans on a computer that is infected. Temp file cleaners should only be run after the infection has been repaired. There are a lot of malware programs out there that hide files and folders and also move the start menu items to the temp folders. Cleaning out temp files before these items have been restored will only make the process harder to recover from the infection, or lead you to have to re-install the operating system.
Dell Precision T7500, Win7 Ultimate 64bit fully updated, McAfee Corp Edition v8.8,
Watchguard Firewall, Intel Xeon E5606CPU, Dual Quad Core Processors, 16GB Ram,
E5606 @ 2.13GHz, Nvidia Quadro NVS420, Raid-1 Dual 1TB Sata 10000 rpm Hard Drives
Dual DVD Burners, IE10, Opera, MBAM, MBSB, MBAE
Posted 06 April 2012 - 01:01 PM
Once done clearing out the temp files, just have them reverse the option and enable the protection module again.
That all being said, I've run tools like TFC with Malwarebytes Anti-Malware's protection module active and didn't have any issues, though it's been a long time since I've done so (I generally just use CCleaner). I can easily see the system locking up if OTL and/or TFC are trying to kill mbamservice though, as it's simply unsafe to do so because it runs in kernel mode and can (and often does, case in point being the system freeze) lead to system instability if terminated after it has been started.
Posted 06 April 2012 - 02:39 PM
I must admit I do not get this problem on my system and OTL/TFC seem to work happily, I suppose it may well be system specific
@Firefox... Yes I am well aware of that but I clear all the temps after I am sure that there are no missing icons/shortcuts
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users