Jump to content


Photo

Malwarebytes' Anti-Malware won't start


  • Please log in to reply
11 replies to this topic

#1 cavu

cavu

    New Member

  • Members
  • Pip
  • 5 posts

Posted 16 June 2009 - 05:53 PM

Something has seized my XP Pro SP3 computer.

Firefox & MSIE will not load. Chrome loads but goes to only redirected sites.

Neither HiJack This nor Malwarebytes' Anti-Malware (already on computer) will load.

Restore doesn't work. CCCleaner restore doesn't work.

Same problems in Safe mode.

Please help.

#2 Marcus

Marcus

    Elite Member

  • Honorary Members
  • PipPipPipPipPip
  • 592 posts
  • Gender:Male
  • Location:London, UK

Posted 16 June 2009 - 06:27 PM

Something has seized my XP Pro SP3 computer.

Firefox & MSIE will not load. Chrome loads but goes to only redirected sites.

Neither HiJack This nor Malwarebytes' Anti-Malware (already on computer) will load.

Restore doesn't work. CCCleaner restore doesn't work.

Same problems in Safe mode.

Please help.


Hello Cavu,

I hope I may be of help to you. I'm only a regular member of the forum NOTan official helper in any capacity.
Can I ask what antivirus are you using? Have you tried turning the computer off (or a hard shutdown) and then restarting?

Marcus

#3 Marcus

Marcus

    Elite Member

  • Honorary Members
  • PipPipPipPipPip
  • 592 posts
  • Gender:Male
  • Location:London, UK

Posted 16 June 2009 - 06:29 PM

Hello Cavu,

I hope I may be of help to you. I'm only a regular member of the forum NOTan official helper in any capacity.
Can I ask what antivirus are you using? Have you tried turning the computer off (or a hard shutdown) and then restarting?

Marcus


What happens when you turn the comp back on?

#4 Marcus

Marcus

    Elite Member

  • Honorary Members
  • PipPipPipPipPip
  • 592 posts
  • Gender:Male
  • Location:London, UK

Posted 16 June 2009 - 06:33 PM

[quote name='Marcus' date='Jun 17 2009, 12:29 AM' post='90385']
What happens when you turn the comp back on?

Are you accessing th forum from that computer are you using another one?

#5 cavu

cavu

    New Member

  • Members
  • Pip
  • 5 posts

Posted 17 June 2009 - 01:03 AM

Can I ask what antivirus are you using? Have you tried turning the computer off (or a hard shutdown) and then restarting?

I use "Shaw Secure" which is actually "F-Secure".

I have powered it up and down several time with no change.

#6 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,101 posts
  • Gender:Male
  • Location:US

Posted 17 June 2009 - 01:06 AM

Scan and post logs - read note at bottom in green
If you're having Malware related issues with your computer that you're unable to resolve.
  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review
  • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#7 cavu

cavu

    New Member

  • Members
  • Pip
  • 5 posts

Posted 17 June 2009 - 01:06 AM

What happens when you turn the comp back on?

It boots up and looks generally normal but the symptoms I first mentioned are all present.

#8 cavu

cavu

    New Member

  • Members
  • Pip
  • 5 posts

Posted 17 June 2009 - 01:09 AM

Are you accessing th forum from that computer are you using another one?

I am using a different computer.

#9 cavu

cavu

    New Member

  • Members
  • Pip
  • 5 posts

Posted 17 June 2009 - 09:10 AM

Well, after reading everything I could on this site, I used the process listed at:

"MBAM wont install or will not run. - CLB Rootkit driver=TDSS/Seneka/GAOPDX/UAC"

and using the tool from rootrepeal.googlepages.com I found traces of the MSIVX rootkit which I "wiped" using that tool.

Once that was done, Malwarebytes was able to run and remove 20 more components of MSIVX.

I am now running again.

#10 Marcus

Marcus

    Elite Member

  • Honorary Members
  • PipPipPipPipPip
  • 592 posts
  • Gender:Male
  • Location:London, UK

Posted 17 June 2009 - 11:37 AM

Well, after reading everything I could on this site, I used the process listed at:

"MBAM wont install or will not run. - CLB Rootkit driver=TDSS/Seneka/GAOPDX/UAC"

and using the tool from rootrepeal.googlepages.com I found traces of the MSIVX rootkit which I "wiped" using that tool.

Once that was done, Malwarebytes was able to run and remove 20 more components of MSIVX.

I am now running again.


Well done you!
Might I suggest following AdvancedSetup's instructions given earlier and let the experts look over the requested logs just to make sure your system's free from any trace of infection.

Regards, Marcus

#11 celulure

celulure

    New Member

  • Members
  • Pip
  • 1 posts

Posted 17 June 2009 - 04:52 PM

I just registered in last 10 minutes to reply to your post so I may seem a bit "green" as to the sop in this forum. I too suffered the exact symptoms two days ago. Copy and paste your executable file for Malwarebytes, HiJack This, Spybot, or any other such program and it will load. I ran Malwarebytes (w/updates) and it reported three problems:
1) \\?\globalroot\systemroot\system32\MSIVX******.dll (***= a bunch of random letters) as a infected memory module
2) \\?\globalroot\systemroot\system32\MSIVX******.dll (***= a bunch of random letters) as a infected file
3) c:\windows\system32\MSIVXcount as a trojan.agent

I selected all three to delete on reboot except they either did not delete or regenerated on reboot - still the same problems with restore, random redirection from Google, no help in safe mode. I was, however, now able to update windows and all other virus & malware programs.

I can produce a HiJack This log and submit but will need the advice of a forum pro. Thanks!

Dave

#12 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,101 posts
  • Gender:Male
  • Location:US

Posted 17 June 2009 - 05:14 PM

We do not work on logs in the General forum. Please follow the directions posted below and as soon as someone is available we'll assist you.

Scan and post logs - read note at bottom in green
If you're having Malware related issues with your computer that you're unable to resolve.
  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review
  • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users