Jump to content


Photo

MBAM will not run


  • This topic is locked This topic is locked
27 replies to this topic

#1 EddieP

EddieP

    New Member

  • Members
  • Pip
  • 3 posts

Posted 21 November 2008 - 05:45 PM

HELP! I wasn't sure which forum to pick for this, but I got the "antivirus 2009" bug on my PC and nothing, I mean nothing has been able to get rid of it, INCLUDING Malwarebytes! I downloaded it from a "clean" PC on a flash disk, installed it to the infected PC and it will not run, won't start up/open. The "bug" will not allow me to use any software I've tried nor will it allow me access to any website which might have an online scanner.

I'm ready to wipe out Windows and start fresh; please help!

EddieP

#2 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,497 posts
  • Gender:Male
  • Location:US

Posted 21 November 2008 - 05:57 PM

Hello Eddie and Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run.

  • Click on Start, click Run, and then type devmgmt.msc and click OK
  • On the View menu click on Show hidden devices
  • Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
  • Highlight that driver and right click on it and select DISABLE
  • Now RESTART your computer.
  • Download a copy of Malwarebytes but DO NOT run it yet.
  • Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
  • Once the program is installed go to the UPDATE tab and try to update the program if you can.
  • Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.


If that does work then please follow the routine below and post a new topic in the listed forum with the requested information.

Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

#3 EddieP

EddieP

    New Member

  • Members
  • Pip
  • 3 posts

Posted 22 November 2008 - 07:45 AM

Advanced Seup, you are a saviour!

I followed your directions and I was able to run ALL scans and it appears I have gotten rid of "antivirus 2009" Thank you so much. I was minutes away from doing a complete re-install of Windows until I checked the forum and found your reply. I am working on posting the logs from the scans as the links states.

Thanks so much,
Eddie P

#4 PorradaVFR

PorradaVFR

    New Member

  • Members
  • Pip
  • 1 posts

Posted 24 November 2008 - 01:19 AM

Absolutely BRILLIANT!! I spent hours today pulling my hair out trying to figure out why my wife's machine (our only PC) would not update her anti-virus, nor even browse to their sites - while the Macs could (on the same network).

I finally ran across a review of Malware Bytes and could not get it to run. AdvancedSetup's directions worked PERFECTLY and her machine is working again! THANKS! :D

#5 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,497 posts
  • Gender:Male
  • Location:US

Posted 24 November 2008 - 04:02 AM

That's good news that you got it working. Just a note though that many times an infected system is not 100% cleaned by a single run of any tool. It would be a good idea to run the following routine to ensure your system is clean.



Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

#6 chinaman

chinaman

    New Member

  • Members
  • Pip
  • 1 posts

Posted 24 November 2008 - 07:37 PM

That's good news that you got it working. Just a note though that many times an infected system is not 100% cleaned by a single run of any tool. It would be a good idea to run the following routine to ensure your system is clean.



Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.



yea thanks AdvancedSetup I had the same problem, i couldn't update any of my anti virus, after i disable the TSS i was able to..and installed free version of malwarebytes. Thanks very much...

#7 Queen Kiesha

Queen Kiesha

    New Member

  • Members
  • Pip
  • 7 posts
  • Gender:Female
  • Location:Props Sity

Posted 29 November 2008 - 05:23 AM

Hello Eddie and Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run.

  • Click on Start, click Run, and then type devmgmt.msc and click OK
  • On the View menu click on Show hidden devices
  • Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
  • Highlight that driver and right click on it and select DISABLE
  • Now RESTART your computer.
  • Download a copy of Malwarebytes but DO NOT run it yet.
  • Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
  • Once the program is installed go to the UPDATE tab and try to update the program if you can.
  • Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.


If that does work then please follow the routine below and post a new topic in the listed forum with the requested information.

Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.


I've been running myself insane for the past three hours. Every helpful website I attempted to go to could not be found. I was able to download your software from download.com but it would not execute. Finally I decided to disconnect from the net *just until I knew what it was* and run a virus scan. I also came to this website on my treo 800 and found your fix. IT WORKS!!!!!!!!!!!!!!!! Thanks so much!!! :huh: I'm a happy camper now :-)

#8 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,033 posts
  • Gender:Male

Posted 29 November 2008 - 06:07 AM

Hello Queen Kiesha and welcome to the forum. I'm glad the fix worked for you, but I would highly recommend following the remainder of AdvancedSetup's instructions to make sure you are clean. Basically it consists of doing some scans and posting some logs so one of the experts here can review them to make sure there are no other infections or issues that might have been missed, and if there are, then they will instruct you step by step on what to do to clean it up. Just remember, if you do decide to do the scans, don't install or run any other tools/fixes/scanners etc except those that the expert that works with you instructs you to. Good luck and safe surfing.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#9 lunat1k

lunat1k

    New Member

  • Members
  • Pip
  • 2 posts

Posted 29 November 2008 - 03:03 PM

Hello Eddie and Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run.

  • Click on Start, click Run, and then type devmgmt.msc and click OK
  • On the View menu click on Show hidden devices
  • Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
  • Highlight that driver and right click on it and select DISABLE
  • Now RESTART your computer.
  • Download a copy of Malwarebytes but DO NOT run it yet.
  • Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
  • Once the program is installed go to the UPDATE tab and try to update the program if you can.
  • Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.


If that does work then please follow the routine below and post a new topic in the listed forum with the requested information.

Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.


OK I am convinced I need to have all my clients purchase the full version, you guys rock.

After spending so much time trying to install and fix, you folks do this in minutes.

Thanks,

Scott

#10 lunat1k

lunat1k

    New Member

  • Members
  • Pip
  • 2 posts

Posted 29 November 2008 - 03:31 PM

OK I am convinced I need to have all my clients purchase the full version, you guys rock.

After spending so much time trying to install and fix, you folks do this in minutes.

Thanks,

Scott


**EDITED**

I just purchased this and think it is one of the best on the market to date.....

#11 sapphire

sapphire

    New Member

  • Members
  • Pip
  • 1 posts

Posted 04 December 2008 - 12:21 AM

Hello Eddie and Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run.

  • Click on Start, click Run, and then type devmgmt.msc and click OK
  • On the View menu click on Show hidden devices
  • Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
  • Highlight that driver and right click on it and select DISABLE
  • Now RESTART your computer.
  • Download a copy of Malwarebytes but DO NOT run it yet.
  • Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
  • Once the program is installed go to the UPDATE tab and try to update the program if you can.
  • Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.


If that does work then please follow the routine below and post a new topic in the listed forum with the requested information.

Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.




Hi ! Thanks for the help...My problem started with not being able to defragment my computer, then finding out that i have a trojan Fakealert that keeps coming back even after using my spyware security, and when i restart the computer trojan is back again....to not being able to install ur anti-malware ( finally found out that everytime i download the program it would be a ewf file instead of exe) thats why it wont install....but finally, i got to install the program and ran it and found 20 items infected! i deleted them and now my defragmenter is running !!!!!

My question is tho......i followed ur instructions and disabled TDSSserv.sys in my device manager before i installed anti-malware....now that its working, should i enable it again? or just leave it disbaled? I notice that theres a yellow exclamation point beside it and it says something not installed or its not working properly....is that normal? or should i do something else? thanks!

#12 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,033 posts
  • Gender:Male

Posted 04 December 2008 - 01:03 AM

You should actually uninstall/delete it as it's only a piece of malware and has no legitimate use and should not be on your system.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#13 Tetigustas

Tetigustas

    New Member

  • Members
  • Pip
  • 11 posts

Posted 04 December 2008 - 01:15 AM

ok same basic problem except, I had to rename the file in ordewr to install and now it crashes when I try to start it.
windows detsild when i try to start up MBAM

Problem signature:
Problem Event Name: APPCRASH
Application Name: mbam.exe
Application Version: 1.30.0.0
Application Timestamp: 48ff95f7
Fault Module Name: mbam.exe
Fault Module Version: 1.30.0.0
Fault Module Timestamp: 48ff95f7
Exception Code: 80000003
Exception Offset: 00002e04
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 4105
Additional Information 1: 9642
Additional Information 2: ae4d667f021e2f38615b5829d1b89b9c
Additional Information 3: 3a6f
Additional Information 4: 17dd2b4527b7da8865701b6c324ab79e

whats wrongÉ

#14 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,033 posts
  • Gender:Male

Posted 04 December 2008 - 02:03 AM

ok same basic problem except, I had to rename the file in ordewr to install and now it crashes when I try to start it.
windows detsild when i try to start up MBAM

Problem signature:
Problem Event Name: APPCRASH
Application Name: mbam.exe
Application Version: 1.30.0.0
Application Timestamp: 48ff95f7
Fault Module Name: mbam.exe
Fault Module Version: 1.30.0.0
Fault Module Timestamp: 48ff95f7
Exception Code: 80000003
Exception Offset: 00002e04
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 4105
Additional Information 1: 9642
Additional Information 2: ae4d667f021e2f38615b5829d1b89b9c
Additional Information 3: 3a6f
Additional Information 4: 17dd2b4527b7da8865701b6c324ab79e

whats wrongÉ

First off, try downloading the new version released today (1.31) and second, after installing it, try renaming the file mbam.exe located in C:\Program Files\Malwarebytes' Anti-Malware and see if it will run, if so, update it and run a quick scan to see if that get's rid of the malware. If it works but you still have problems then please read the instructions here: http://www.malwareby...?showtopic=2936 and post your logs in a new topic here: http://www.malwareby...php?showforum=7

Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. I hope I was helpful. Good luck and safe surfing.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#15 Premudriy

Premudriy

    New Member

  • Members
  • Pip
  • 4 posts

Posted 04 December 2008 - 02:46 AM

Hello Eddie and Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run.

  • Click on Start, click Run, and then type devmgmt.msc and click OK
  • On the View menu click on Show hidden devices
  • Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
  • Highlight that driver and right click on it and select DISABLE
  • Now RESTART your computer.
  • Download a copy of Malwarebytes but DO NOT run it yet.
  • Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
  • Once the program is installed go to the UPDATE tab and try to update the program if you can.
  • Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.


If that does work then please follow the routine below and post a new topic in the listed forum with the requested information.

Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.



Ok, here's something new for you, guys...

I'm repairing a laptop for this one guy.


He had antivirus2009 and tdss on it.

When I go to Device Manager and set Show Hidden devices I can see TDSSServ in there, BUT... when I right click, it does NOT have the "Disable" option. It is a Windows Vista 32 OS.

Another thing is that no spyware removal tool can be ran on this pc EVEN in SAFE mode. I've tried Spybot, HijackThis, and Malwarebytes. Malwarebytes won't even start installing (I DID rename it to some weird name before starting).

Same thing with HijackThis - will not install no matter what

Spybot will install, but can't start even in safe mode.


How do you like this situation? Any suggestions or ideas? I'm about ready to give up...:-(((

This might be a new version of TDSS or something.

#16 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,033 posts
  • Gender:Male

Posted 04 December 2008 - 03:10 AM

Could be, or it could be related to the fact that it's on Vista. You can try running an offline scan with Avira's bootable rescue disc referred to in this post by AdvancedSetup: http://www.malwareby...p...ost&p=36254 See if it won't remove the driver for you, if not then you can use bart's or something similar, basically anything that can be used to delete a file from the drive with Windows offline, even slaving the drive to another pc, then delete TSSServ.sys from the System32\Drivers folder because that driver is what's preventing tools from loading.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#17 Tetigustas

Tetigustas

    New Member

  • Members
  • Pip
  • 11 posts

Posted 04 December 2008 - 03:13 AM

same same
vista home premium
antiviruspro2009 rouge from computer on same network
nothing works right

also I deleted TSS

installed MBAM except when the install was about to finish I get
Aplication Crash

Problem signature:
Problem Event Name: APPCRASH
Application Name: mbam.exe
Application Version: 1.31.0.0
Application Timestamp: 49373593
Fault Module Name: mbam.exe
Fault Module Version: 1.31.0.0
Fault Module Timestamp: 49373593
Exception Code: 80000003
Exception Offset: 00002e2c
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 4105
Additional Information 1: 9642
Additional Information 2: ae4d667f021e2f38615b5829d1b89b9c
Additional Information 3: abc7
Additional Information 4: 7511e66c981afa5e7cfb3dab899d9233


I have been infected since 11-18-08

#18 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,033 posts
  • Gender:Male

Posted 04 December 2008 - 03:20 AM

same same
vista home premium
antiviruspro2009 rouge from computer on same network
nothing works right

also I deleted TSS

installed MBAM except when the install was about to finish I get
Aplication Crash

Problem signature:
Problem Event Name: APPCRASH
Application Name: mbam.exe
Application Version: 1.31.0.0
Application Timestamp: 49373593
Fault Module Name: mbam.exe
Fault Module Version: 1.31.0.0
Fault Module Timestamp: 49373593
Exception Code: 80000003
Exception Offset: 00002e2c
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 4105
Additional Information 1: 9642
Additional Information 2: ae4d667f021e2f38615b5829d1b89b9c
Additional Information 3: abc7
Additional Information 4: 7511e66c981afa5e7cfb3dab899d9233


I have been infected since 11-18-08

Please read the instructions here: http://www.malwareby...?showtopic=2936 and post your logs in a new topic here: http://www.malwareby...php?showforum=7 Just do as much of the scans as you can, and if you can't get any of them to work, I would still post in there describing your issues and errors and one of the experts should be able to help you out.

Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. I hope I was helpful. Good luck and safe surfing.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#19 Tetigustas

Tetigustas

    New Member

  • Members
  • Pip
  • 11 posts

Posted 04 December 2008 - 12:46 PM

I posted and still no answers

I am the only person in the world who owns vista home premium

MBAM DES NOT FINISH THE INSTALL.........................................................................
.................

#20 Tetigustas

Tetigustas

    New Member

  • Members
  • Pip
  • 11 posts

Posted 04 December 2008 - 01:46 PM

with or without this tdss thing running i cannot install MBAM or spybot

MBAM INSTALL DIALOGUE

Problem signature:
Problem Event Name: APPCRASH
Application Name: mbam.exe
Application Version: 1.31.0.0
Application Timestamp: 49373593
Fault Module Name: mbam.exe
Fault Module Version: 1.31.0.0
Fault Module Timestamp: 49373593
Exception Code: 80000003
Exception Offset: 00002e2c
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 4105
Additional Information 1: 9642
Additional Information 2: ae4d667f021e2f38615b5829d1b89b9c
Additional Information 3: abc7
Additional Information 4: 7511e66c981afa5e7cfb3dab899d9233


spybot install dialogue


Problem signature:
Problem Event Name: APPCRASH
Application Name: SpybotSD.exe
Application Version: 1.6.0.30
Application Timestamp: 2a425e19
Fault Module Name: SpybotSD.exe
Fault Module Version: 1.6.0.30
Fault Module Timestamp: 2a425e19
Exception Code: 80000003
Exception Offset: 002af3b8
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 4105
Additional Information 1: d18c
Additional Information 2: d916fd58afed57c995b7d8ef5bc81b76
Additional Information 3: 018f
Additional Information 4: 877640db870c07d9fed893daa8a58350



setup dialogue window

unable to execute file:
c:\program files\spybot-search and destroy\sdwinsec.exe

create process failed; code 740.
the requested opreration requires elevation ,----- what is eleivation?

when i closed this a dos window zipped by




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users