DTP


 
Lively discussions on the graphic arts and publishing — in print or on the web


Go Back   Desktop Publishing Forum > General Discussions > Software

Reply
 
Thread Tools Display Modes
Old 01-29-2018, 11:40 AM   #1
Andrew B.
Staff
 
Andrew B.'s Avatar
 
Join Date: Jan 2005
Location: Los Angeles, California
Posts: 3,570
Default Persistent malware?

My computer was showing signs that it was infected. One being that something was turning off Malwarebytes monitoring and I was unable to turn it back on. Plus other flaky behavior.

So I did a factory refresh from DVD. I've done this before, and with no problems. But this time I had problems. I got problems early in the process. Trying to have it redo the partition led to an error message. I had to forego this and use a different choice on the menu. Then after I was all done I ran into problems. The provided Norton gave me an error message, told me to do this. With the last step being to run Norton Eraser, which looks for malware. It found none. And other symptoms, like slow Internet (per speedtest) and the there are no signs that Malwarebytes is running in the background. IOW, no tray icon, nothing in task manager. Manual scans by Norton and Malwarebytes show nothing.

Anyway, I'm wondering if something could be hiding in the master boot record, or somewhere else that allows it to persist? And how I can nuke this. I remember years ago under DOS I redid the MBR by using the undocumented fdisk/mbr. I'm wondering if there is something similar or better I can do. I realize this will wipe out my hard disk, but I don't have much installed right now. I just did this yesterday.

   
__________________
fallberry.com
Andrew B. is offline   Reply With Quote
Old 01-29-2018, 12:24 PM   #2
terrie
Staff
 
Join Date: Oct 2004
Posts: 9,015
Default

First...did you, by any chance update MBAM recently? If so, apparently there was a problem--see: dslreports thread and csonline article and another dslreports thread (I don't often visit this particular subforum).


From reading the 2nd dslreports thread, the description of what was going on with a poster's system sounds like what's happening with yours. The csonline article outlines steps to fix the issue.


Keep us posted...



Terrie
terrie is offline   Reply With Quote
Old 01-29-2018, 01:52 PM   #3
Andrew B.
Staff
 
Andrew B.'s Avatar
 
Join Date: Jan 2005
Location: Los Angeles, California
Posts: 3,570
Default

I should have read your whole message, because instead of trying to fix Malwarebytes I uninstalled it. Then ran speedtest and the result was in the range I'm used to seeing. IOW, so far so good. And now I have to wait and see if everything else is settled in, and then I might try reinstalling it.

Thanks for jumping on this. I never thought to search for bugs in Malwarebytes.

   
__________________
fallberry.com
Andrew B. is offline   Reply With Quote
Old 01-30-2018, 12:48 PM   #4
terrie
Staff
 
Join Date: Oct 2004
Posts: 9,015
Default

I probably wouldn't have checked MBAM either if I'd not read that post at dslreports because on the whole, MBAM is pretty stable. I'm still using version 1.75 on my desktop system but I have the more current version installed on the laptop I use as a testbed--I don't really care for the current version but it's less objectionable than version 2 was in terms of design.

Apparently only the premium (and I think their enterprise) version was impacted and, I think, only if the run in background option was turned on. At any rate, apparently they've fixed the issue as of late 1/27-early 1/28....



Terrie
terrie is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PC malware fixing techniques terrie Software 23 05-09-2011 06:36 PM
New Mac/Safari malware ktinkel Software 26 05-08-2011 07:12 PM


All times are GMT -8. The time now is 03:42 AM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Contents copyright 2004–2014 Desktop Publishing Forum and its members.