Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anti-root kit Beta (malwarbytes) v1.09.1.1004


  • Please log in to reply
7 replies to this topic

#1 stevetimper

stevetimper

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 02 June 2015 - 11:52 AM

This program seems to have frozen, but when I try to cancel it pops up a window: Warning: Scan is in progress. Incomplete removal of rootkit can render an OpSys unstable, or even unbootable! Do you really want to abort the scan? Yes or No buttons.

 

Can you please help me with this problem?

 

BTW, if froze after finding the Malware: [Trojan.Dropper] a nasty infection at any rate...

 

TIA, Steve



BC AdBot (Login to Remove)

 


m

#2 cmptrgy

cmptrgy

  • Members
  • 1,553 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts
  • Local time:07:33 PM

Posted 02 June 2015 - 12:06 PM

Since it's running and trying to do its job leave it be. It might be frozen at this time but it could all of a sudden just take over and complete its job. However, If it continues to take forever to do what it's trying to, post from another computer. Seeing as how you have a nasty infection, you'll probably need help from one of the BC experts on the best advice to follow. Being optimistic as I usually am, once the rootkit is quarantined or even removed, post back for follow up procedures to ensure the computer is in fact good and clean.


Edited by cmptrgy, 02 June 2015 - 12:07 PM.


#3 stevetimper

stevetimper
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 02 June 2015 - 02:06 PM

Since it's running and trying to do its job leave it be. It might be frozen at this time but it could all of a sudden just take over and complete its job. However, If it continues to take forever to do what it's trying to, post from another computer. Seeing as how you have a nasty infection, you'll probably need help from one of the BC experts on the best advice to follow. Being optimistic as I usually am, once the rootkit is quarantined or even removed, post back for follow up procedures to ensure the computer is in fact good and clean.


5 hours later no activity (scan progress frozen) Please help.

#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:33 PM

Posted 02 June 2015 - 02:30 PM

Hi stevetimper :)

Since you seem to be having an issue (which involves malware) with a Malwarebytes product, I suggest you to request assistance on their forums, so they'll be able to assist you properly and they would like to know about an issue with MBAR if there's one, so they can correct it :)

Simply register on their forum, and open a new thread in the "Malwarebytes Anti-RootKit BETA Help". There, you'll be assisted by Malwarebytes employees to get your issue fixed :)

https://forums.malwarebytes.org/index.php?/forum/116-malwarebytes-anti-rootkit-beta-help/

Good luck!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 stevetimper

stevetimper
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 03 June 2015 - 04:24 PM

I contacted malware bytes, and did not get help, sysinternal util to kill mb beta, then ran combofix. My sony vgn fw300 has restarted and combofix is running again.

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:33 PM

Posted 03 June 2015 - 04:51 PM

ComboFix is a very powerful reporting and scripting tool that was developped by sUBs, used by members of the malware removal team here on BleepingComputer (and also on other forums). This tool can easily break a Windows installation if poorly and/or wrongly used. It can make the whole system unbootable and also delete everything present on your drives (leaving you with close to no chance of recovery) or damage your Windows installation so badly that you would be forced to reinstall it. Therefore, you should not be using ComboFix unless you are in one of the two situation listed below:
  • You have been trained in an online malware removal forum to use ComboFix;
  • You are using it under the supervision and instructions of a trained malware removal professional on BleepingComputer or another recognized malware removal forum (UNITE forums for example);
If you already ran ComboFix on your system and need assistance with the log or for malware removal, you will have to post a thread in the Virus, Trojan, Spyware, and Malware Removal Logs section of BleepingComputer, where a trained helper will assist you.

If you have any questions or concerns about ComboFix, quietman7 wrote a FAQ on it and you'll find all your answers in it.

ComboFix usage, Questions, Help? - Look here

Also be aware that BleepingComputer doesn't provide any advice on how to use ComboFix on your own, due to the nature of the tool and how dangerous it can be when used without supervision or proper training.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 stevetimper

stevetimper
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 03 June 2015 - 06:16 PM

Thanks, luckily everything seems to have turned out well. I don't know where I got my current copy, but I remembered running it on a machine several years ago, but now that you mention it, I was directed to use it by a Bleeping Comp Tech.

 

Just to follow up I will check into the other forum and upload my ComboFix Text file/log file.

 

If you already ran ComboFix on your system and need assistance with the log or for malware removal, you will have to post a thread in the Virus, Trojan, Spyware, and Malware Removal Logs section of BleepingComputer, where a trained helper will assist you. Thank you



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:33 PM

Posted 03 June 2015 - 06:17 PM

No problem steve, my pleasure :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users