Jump to content


Photo
- - - - -

Anti root kit will not start, something to do with DLL driver....


  • This topic is locked This topic is locked
117 replies to this topic

#101 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 04 April 2014 - 10:02 AM

Please download this tool to your desktop and run it so we can check some Malwarebytes and Windows settings.
http://downloads.mal...file/mbam_check

Once it completes, it will open a log in Notepad and save a copy to your desktop named CheckResults.txt
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#102 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 07 April 2014 - 07:54 AM


Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#103 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 07 April 2014 - 11:48 AM

Hi, I just had sucess  getting that program to work.   I had some trouble getting thatg  program to work. I think it was  that Comodo was perhaps interfearing.

I also did some research  for tweeking Comodo CIS and to learn if it  could be contributing.   I made some suggested tweeks, and i think some minor prgress was made.  however,  last night  I couldn't do anything with the computer for it locked up.!

I could not get task manager to come up  using  trl + alt +  Del.

I couldn't  access any programs.

I couldn't  close  the start button after I clicked on it.

I couldn't  open the tool bar at the bottom of my screen.

I could not go online, or do anythiong.  Nothing would respond.

Then  a window appeared that said task mgr.exe DLL initiation failed

After 20 mins of waiting,  I ended up rebooting.

 

Comodo's widget  reported that 3 programs were running, but I was unable to discover what 3.

 Comodo's widget also reported  5 unrecognized files.

 

I want to ask you what should I do to my back up drive I use for disasters, after we have made all repairs?  Note: i have not made a back up in  2 months.  waiting till system is corrected and perfected.

 

I have attached the " check results txt."

 

 

Attached Files



#104 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 08 April 2014 - 08:16 AM

you are using the older Malwarebytes



We have just released a new version of Malwarebytes Antimalware. I would like you to update to this latest version and then see if you still have any trouble




To upgrade to the new version first we will have to uninstall the old version from the control panel - in (XP) add/remove and in (Vista and later) program and features


1. Download Malwarebytes Anti-Malware 2.0 at http://downloads.mal...s.org/file/mbam
2. After downloading, double-click the downloaded file to get started.
3. Choose Yes if the User Account Control dialog appears.
4.The installation wizard will now appear to guide you through the upgrade process.
5. Click on Next.
6. Review and accept the license agreement, then click Next.
7.Review the latest changes made to Malwarebytes Anti-Malware, then click Next.
8. Choose where to install Malwarebytes Anti-Malware, then click Next.
9.Choose whether or not to have a Start Menu entry and its name, then click Next.
10.Choose if you want a desktop icon, then click Next.
11.Review your installation choices, then click Install.
12.The wizard will begin to install the files.
13. After upgrading, you will have the option to enable a free trial of Malwarebytes Anti-Malware Premium.

To see a video on how to do this - https://helpdesk.mal...ntries/44648553

As long as Malwarebytes Antimalware was already registered it will remember your ID and Key


Regards,
William Rowland
Consumer Support Specialist
Malwarebytes
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#105 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 08 April 2014 - 11:01 PM

Wow!  this is shocking!  and I thought that updating malwarebytes would  update everything about malwarebytes!??..shouldn't it?  can it not be designed to do so?

 

Meanwhile, I'll  follow your instructions and uninstall and reinstall.   I do hope  the promise that it will remember my key. holds true.

Meanwhile I attached a screen print of  Start up manager and I would like your advice please, on what to enable and  to un enable. oops I wasn't able to  attach it, probably too large...rats!    anyhow there are several 'things'  disabled, and I wondered if that  may be contributing to my troubles?



#106 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 10 April 2014 - 08:23 PM

Hi,  I have instaled the new malwarebytes,  and have scanned.  it found a trojen, and I think it quarentined and removed it.. i think?  can I attach a log report for you that will  tell us?  Computer seems to be running better, but maybe too soon to  pat ourselves on the back... or rather you. Im just following along  :D    You have been great!  and By the way, how do I thank you so that your superiors know I  am a pleased customer  so far?

till I hear from you agian, I'll be making notes on the computer's behavior.

 

On a side note, I   did the same for my wife's computer,  it installed the premium new malwarebytes program.    but malwarebytes  will not fully protect?  it won't block maliciouse sites.   what does happen when I click to activate the  malicous sites protection, is  this:  it  turns green, but in 2 seconds  or less, it turns back to red!??? it will not stay green.   I tried 6 times with same results.

 

So I ran a scan.  it found no infections.  I ran 4 more scans, still no infection   but still the program will not fully  protect the computer? 

 

I ran another scan this time with root kit activated.  but the scan would not start the root kill!??  instead malwarebytes  window appeared that stated it could not start root kit..  becasue there maybe a root kit infection in the computer, and I should reboot now and thus install the driver... (  I don't fully understand )  but I choose to reboot , and  when the computer rebooted malwarebuytes  begane to scan.  The scan finished,  and reported no infection.  But  I still have the green light, red light : "thing"  still happening  ?????

 

I paid for full protection,  and can't get it????

 

is this a stumper??? ............... run this past your buddies at malwarebytes over a beer.    I eagerly look forward to reading your  thoughts and suggestions about  that problem.



#107 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 11 April 2014 - 08:07 AM

Hello Flywelder



Please reboot a time or two, see if that fixes it. If that fails let's collect additional information off the system to see if we can spot any issues.

Please download the MBAMCheck batch file from the link below. Save this it to your desktop, double-click it to run, and then attach the log generated to your next reply. These results will give us some detailed installation parameters for Malwarebytes software.
http://downloads.mal...file/mbam_check


If you do need to send me the report then start a new topic with my name in the subject and let me know about it


gringo
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#108 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 12 April 2014 - 09:52 AM

 Hi, I did the rebooting twice and still have  the red light to green light issue on the wife's computer.   So i downloaded the mbam check and ran it,  the results are attached.

Attached Files



#109 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 12 April 2014 - 10:27 AM




I would like for you to turn off self protection to see if that changes the problem.

1. Open Malwarebytes Antimalware
2. click on "Settings" at the top.
3. on the left click on "Advanced Settings"
4. Under "Advanced options" remove the checkmark next to "Enable self-protection module"
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#110 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 12 April 2014 - 02:39 PM

Ok I followed your instructions.  then I attempted to get full protection,  but i still cannot, as i still have the red  to green  issue happening.  In case it would help, I have attached  a  check results that I ran after disabling self protection.

and the latest scan log from this Sat. morning  4-12-2014

 

Attached Files



#111 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 12 April 2014 - 02:43 PM

Just wanting to know  ( curious) :

1)   if I should enable or keep disabled  that self protection feature on my computer or not? 

 

2)   What does it do  by the way when it is enabled? .... I figure it must be important for you folks to have included it.



#112 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 12 April 2014 - 06:52 PM

Hello

It is good to have as it protects malwarebytes

Did you restart the computer any after turning it off?



Lets do a clean reinstall and see if that clears the problem


To completely remove Malwarebytes Antimalware you will first need you will need to uninstall it from the control panel in (XP) add/remove and in (Vista and later) program and features

Then I want you to run our cleanup tool that will remove any traces that is left over.
http://downloads.mal...file/mbam_clean



Now to reinstall Malwqarebytes Antimalware

1. Download Malwarebytes Anti-Malware 2.0 at http://downloads.mal...s.org/file/mbam
2. After downloading, double-click the downloaded file to get started.
3. Choose Yes if the User Account Control dialog appears.
4.The installation wizard will now appear to guide you through the upgrade process.
5. Click on Next.
6. Review and accept the license agreement, then click Next.
7.Review the latest changes made to Malwarebytes Anti-Malware, then click Next.
8. Choose where to install Malwarebytes Anti-Malware, then click Next.
9.Choose whether or not to have a Start Menu entry and its name, then click Next.
10.Choose if you want a desktop icon, then click Next.
11.Review your installation choices, then click Install.
12.The wizard will begin to install the files.
13. After upgrading, you will have the option to enable a free trial of Malwarebytes Anti-Malware Premium.

To see a video on how to do this - https://helpdesk.mal...ntries/44648553

You will need to add you ID and Key back to activate the premium features


Regards,
William Rowland
Consumer Support Specialist
Malwarebytes
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#113 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 13 April 2014 - 06:22 AM

oops, No I don't believe I turned it off. it may have  hibernated on it's own though.  I will do a cold boot  and then check to see if the red to green  continues.  if it does, then I'll do the uninstall and the cleaning and then the reinstall.  I'll include a  log report from mbam check also.  ( i hope i remember to do that ) It most likely will be some time Monday before I can complete all that, because of "things" to finish and seal around the house before a huge rain storm arrives Monday.

 

Meanwhile,  here  attached is a mbam check report  from  MY computer that we have been working on.  I thought I would include it  so we can make sure I have it set properly and it is working properly on it's own.

By the way, I  really like this mbam check  ..   as it can help  all of us  be certain mbam is set correctly and functioning correctly, that is a large amount of relief for me!.. super job to all of you!

Attached Files



#114 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 13 April 2014 - 06:53 AM

Another question   concerning MY computer.   Today I found MY computer has  some mbar  folders and mbam clean folders... these are dated  Jan. 2013  and Sept. 2013  am I safe to do and  directed by you, to  delete these

and to do so, should I just move them to the recycle bin or use file assassin ?   or  what_____?

 

Could there be other related mbam folders on my computer that i could delete ?

 

Also on my computer should I enable the chameleon feature of MBAM?

 

I have attached  recent log reports and scan  reports from my computer for you to check.

 

Also  on MY computer, MBAM is quarantining a Trojan V,  that it found on 4-10-2014  how should I deal with that?  ...  just choose delete all?

Attached Files



#115 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 14 April 2014 - 07:36 PM

Another question   concerning MY computer.   Today I found MY computer has  some mbar  folders and mbam clean folders... these are dated  Jan. 2013  and Sept. 2013  am I safe to do and  directed by you, to  delete these

and to do so, should I just move them to the recycle bin or use file assassin ?   or  what_____?

 

Could there be other related mbam folders on my computer that i could delete ?

 

Also on my computer should I enable the chameleon feature of MBAM?

 

I have attached  recent log reports and scan  reports from my computer for you to check.

 

Also  on MY computer, MBAM is quarantining a Trojan V,  that it found on 4-10-2014  how should I deal with that?  ...  just choose delete all?

 

Now a report on the wife's computer.

The power to the neighborhood went out today for over an hr. this casued  the computer to suddenly shut down. When the power came back on  the wife's computer  started up all on it's own, I had touched nothing.  It came back on  with the wrong date and time. the clock was indicating  2:33AM   and Jan. 1 2002..for what reason I don't know? do you?  I corrected the time and date.

then I uninstalled malwarebytes and then ran the mbam clean. then rebooted each time the progrms asked.   Then as administrator, I reinstalled mbam. It must have remembered my key  as I never as asked  for it. and I was never asked to choose premium.   There were several error reports,  I copied the first  2 but more came later. 

 

The computer locked up for several minutes. The first two errors were:  during installation/startup: error accured unknown software exception ( 0x40000015) in the application @ location 0x0047d28a  Then I was asked to choose cancel or degub, and not knowing I choose debug hoping it would correct itself.

thenafter a long pause,  the error  signature  SzAppName mbam service. exe szAppVer: 2.1.9.0

and SzModName mbam service.exe szModVer. 2.1.9.0 offset: 0007d28a

 

Then several more!  so many I just moved them arround on the screen and then made a screen print of them, and i have attached  it. finally after I closed those 30 mins later the computer had rebooted itself and  I found  myself looking at the  sign in page of windows and having to choose  a user ID.   I saw then that Admin had 2 programs running so I choose  to sign in as Admin.  I clicked on malwarebytes, and  it began to do an update and a scan later all on its own. 

I came back 30 mins later and it had finsished and found no infections. But was telling me that I was not fully protected. I clicked on the dashboard and   clicked on 'Fix now'    malwarebytes made an attemot to green  and then  2 secs. later it reverted back to red. I tried 4 times with the same results. 

 

I then ran a mbam check and attached the results.

I also ran a dds scan and attached the results,

I ran a JKT scan and attached the results.

it ran  an update and a scan.

 

The screen prints are too large to attache here. what other way can I get them to you?

Attached Files



#116 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted 15 April 2014 - 07:46 AM

Hello

"Another question concerning MY computer. Today I found MY computer has some mbar folders and mbam clean folders... these are dated Jan. 2013 and Sept. 2013 am I safe to do and directed by you, to delete these?

and to do so, should I just move them to the recycle bin or use file assassin ? or what_____?"

Just delete them


Let mbam DELETE What it finds



For your wifes computer I need you to start a new topic - Things are getting to mixed


Gringo
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#117 flywelder

flywelder

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 141 posts
  • Gender:Male

Posted 15 April 2014 - 08:19 AM

Ok.



#118 gringo_pr

gringo_pr

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 9,609 posts
  • Gender:Male

Posted Today, 07:34 AM

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.
William Rowland
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users