Malwarebytes Antirootkit is not the same as Malwarebytes, its designed to remove rootkits.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q"> <input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online."> <img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0"> </form>
12-09-2014, 09:17 PM (This post was last modified: 12-09-2014, 10:10 PM by Beatriz Alma.
Edit Reason: I found a Plugin
)
Hi Britec :
I did the first one , could temporarilly disable only AVG , Malwarebytes did warnm me , if you disable you will loose your Licensie.
I downloded Malware antirootkit , warned me about rootkit activity before starting look jpg , but could not run because the Malwarebytes , how can I temporarily disable without loosing the licensie?
Below the text from aswMBR.
Two years ago my husband deleted some files , maybe that caused the whole thing and we could not update windows sinds then , is XP so now is imposible anyway.
I just found inside Malwarebytes pro , the plugin fixdamage , should I run it? Althoug the Pro don't see the rootkits ?
12-09-2014, 10:28 PM (This post was last modified: 12-09-2014, 10:34 PM by Britec.)
You should not lose your licence if you exit out of Malwarebytes Pro.
Also Windows XP has expired now, which leaves you wide open to all sorts of exploits.
Select a convenient location to extract the contents and click OK.Navigate to the location you selected.
Double-click MBAR.exe to run the programme.
Follow the prompts to update the programme and scan your computer.
Upon completion, click Cleanup*and reboot your computer.
After the reboot, rerun the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more.
Upon completion, two logs (mbar-log.txt and system-log.txt) will be created.*Copy the contents of both logs and paste in your next reply.
Note: Both logs can be found in the MBAR folder.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q"> <input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online."> <img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0"> </form>
12-10-2014, 01:31 PM (This post was last modified: 12-10-2014, 01:36 PM by Beatriz Alma.
Edit Reason: Missed a question
)
Hi Britec :
I asked MWB aboute the licensie , they wrote me
To disable the protection when it's already running, right-click the icon in the system tray(by the clock) and select 'Exit'.
To enable it afterwards, open up Malwarebytes Anti-Malware and click the 'Fix Now' button.
I'll try it an run MWB antirootkit as you said , I send you above the aswMBR txt that you asked me .
When starting mwb antirootkit appears :
Registryvalue App Init_Dlls has been found , which may be caused by rootkit activity . Press no if you are not sure , if tool crashes , restart an press yes . Do you want to remove this value and restart the tool ? Which shoud I choose ?
We have programs that only run on XP , that's why we keep it.
Thank you .
12-10-2014, 02:02 PM (This post was last modified: 12-10-2014, 02:03 PM by Britec.)
Press no, if tool crashes , restart an press yes
You have all your data backed up? because if not, now is the time.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q"> <input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online."> <img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0"> </form>
Data should be fine once backed up, you can always scan that drive once its backed up.
Maybe once your backed up attempt removal of suspected rootkit.
Did Malwarebytes Anti-rootkit detect anything? do you have the log file?
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q"> <input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online."> <img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0"> </form>
12-10-2014, 05:53 PM (This post was last modified: 12-10-2014, 06:38 PM by Beatriz Alma.)
Not jet , I was busy doing the back up and the MWB Premium started warning me that hid section antirootkit was disconected , you are not protected he said and started scannig ,
Is almos finished then I'll try ,
can I update MWB antirotkit ?
take the internet cable off
deactivate MWB
and the run the MRB antirootkit ?
or the PC has to be conected to the inernet ?
I'm running it of line , if the PC still works after , I'll try it online and send you the result
Yeah always update Malwarebytes Anti-rootkit and then run a scan, clean any results found. Reboot then post details.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q"> <input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online."> <img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0"> </form>