Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes disabled


  • Please log in to reply
3 replies to this topic

#1 Leader78

Leader78

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:37 AM

Posted 18 March 2017 - 06:05 AM

I am infected by Malware.RPL.gen.bot.   It has disabled Malwarebytes scans so now Malwarebytes skips groups of files and and finishes in 35 seconds.   Am running windows 10 home on a I5 thinkpad with Kaspersky internet security.  Have run, quickheal, Rkill, TDS killer, Malwarebyes, 9 Labs, superantispyware, Hitman Pro and Zemema.  This malware disables a full reset including complete removal of files so I used the full factory reinstall disks, did a secure erase of the SSD, reinstalled everything and it's back.   The real scary part is it has modified malwarebytes.  It came from a driveby download of a senior housing website I was looking at three weeks ago. I saw a very small window open on one of my screens and 10 files downloaded in 3 seconds and the screen closed.  I have deleted all extensions in Chrome, deleted all cookies in Chrome settings, reset the router.  It also killed two Windows XP machines on the home network, disabled all exe files.  And infected a second Windows 10 laptop that I will also factory reinstall and secure erase.

Edited by Platypus, 18 March 2017 - 06:13 AM.
Moved from Logs forum, no logs posted.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,419 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:37 AM

Posted 18 March 2017 - 08:53 AM

This topic/ post at MBAM.....Malwarebytes disables by Malware.RPL.gen.bot - Malwarebytes 3.0 - Malwarebytes Forums.....seems to be one you started. I suggest you follow the instructions given by the responder to your MBAM topic/ post.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Leader78

Leader78
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:37 AM

Posted 20 March 2017 - 07:17 AM

Did post there also.   No responses yet there but after many hours of research plus trial and error, I seem to have found a sequence of running antimalware software that may have solved or at least diminished it.  It seems that a possible modification of the consistency of the malwarebytes premimum process has got a few a bit folks perplexed.   I will be contacting malwarebytes help today.   



#4 buddy215

buddy215

  • Moderator
  • 13,419 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:37 AM

Posted 20 March 2017 - 07:28 AM

If it were me and my computer(s)...I would disable MBAM until I got assistance from them. My opinion...they should of done more beta testing before

releasing 3.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users