Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malwarebytes issue

11 Sep 2014   #1
boyboyds

Windows 7 Home 64bit
 
 
Malwarebytes issue

Hi, though this question is Vista related, but the Vista forum is dead.....hopefully somebody will reply here.

A friend asked me to clean his Vista PC. I installed Malwarebytes and at Heuristic Analysis it found multiple problems, mostly popups. I quarantined them and then deleted them all. Then I repeated the scan and it found exactly the same problems. I repeated it 2 more times and the same infections came up. How is it such a trusted tool failed to quarantine/delete infections......? I tried to re-install it but it did not help.

I have been using Malwarebytes on many computers for many years without any issues.

Additional information:
Antivirus - MSE
Other scanners ran OK - ESET, Emsisoft, Spybot2, SuperAntiSpyware + CCleaner.

Any advise....?

Thanks,
BBDS


My System SpecsSystem Spec
.
12 Sep 2014   #2
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

Hi,
You might post the scan results for review ?
It would be best to ask on the mbam website forum and have them investigate the issue
https://forums.malwarebytes.org/inde...-removal-help/
Cheers.
My System SpecsSystem Spec
12 Sep 2014   #3
Tookeri

Windows 7 Pro 32
 
 

Disable System Restore
Scan
Enable System Restore
My System SpecsSystem Spec
.

12 Sep 2014   #4
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

Possibly a rootkit. Try scanning with TDSSKiller.

TDSSKiller Download

Also, try running RKill before you run MBAM.

http://www.bleepingcomputer.com/download/rkill/

Quote:
As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.
My System SpecsSystem Spec
15 Sep 2014   #5
andrew129260

Windows 10 Pro
 
 

Quote   Quote: Originally Posted by Tookeri View Post
Disable System Restore
Scan
Enable System Restore
This is most likely what is happening. Malware loves the system restore feature. Disable system protection and clean all threats found, then re-enable it.

In addition:

1.) Download herdprotect: (choose the portable version)

Download herdProtect - Free Anti-Malware Platform

2.) Run the scan.

3.) When the scan finishes, save the results per the screenshot below. Then upload the log here.

DO NOT REMOVE ANYTHING YET. I will advise if anything needs removed when I receive the log.

Attached Images
My System SpecsSystem Spec
16 Sep 2014   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Unfortunately Spybot search and destroy needs to be disabled when running other scans. It 'interferes' with the other anti-malware tools.


PUPS ...potentially unwanted programs ... could be adware.

Please download AdwCleaner by Xplode and save to your Desktop.
Step 1.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.




Step 2.
Using AdwCleaner v3: Scan & Clean:
This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder


******Post both .txt logs
My System SpecsSystem Spec
16 Sep 2014   #7
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Good catch Jacee. Spybot interferes with everything on a computer.
Spybot has been out of the picture for many of years. I wish it would go away again and stay gone.
My System SpecsSystem Spec
26 Sep 2014   #8
boyboyds

Windows 7 Home 64bit
 
 

1.) Download herdprotect: (choose the portable version)

This is the first time I've heard of herdprotect. I read some reviews and many are not very complimentary. Is this a truly good tool to have....?

BBDS
My System SpecsSystem Spec
26 Sep 2014   #9
Tookeri

Windows 7 Pro 32
 
 

FYI if you only want to check specific files, for example downloaded programs before running or installing them, I created a script you use with the Send To context menu that can check files on HerdProtect(and VirusTotal) without installing the HerdProtect software.

The Tutorial is here: VirusTotal + HerdProtect - Check Files with Simultaneously
My System SpecsSystem Spec
27 Sep 2014   #10
andrew129260

Windows 10 Pro
 
 

Quote   Quote: Originally Posted by boyboyds View Post
1.) Download herdprotect: (choose the portable version)

This is the first time I've heard of herdprotect. I read some reviews and many are not very complimentary. Is this a truly good tool to have....?

BBDS

Where are the reviews that are not complementary?

It is not the average tool the average joe should download and use on there own.

It is for logging purposes so I can see if anything is there infection wise. You know hijack this? It is sort of like that. Not everything it finds is actually malware. Its not a remove everything it finds tool.
My System SpecsSystem Spec
Reply

 Malwarebytes issue




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
malwarebytes premium memory usage issue
i'm running mbam prem on w7 ultimate x64 / 4gig ram. my mbamservice.exe is using 227 meg of ram & mbam.exe is using 24 meg. is this normal ? its killing my notebook's performance
System Security
Malwarebytes database issue
Anyone else having issues with Malwarebytes having trouble deciding whether its database is updated or not?
Software
Malwarebytes has a new software- Malwarebytes Anti Exploit
has anyone installed this? https://www.malwarebytes.org/antiexploit/ I got an email from Malwarebytes about it I just installed the free version on my windows 8 and windows 7 test machines so far I am not seeing any problems but then again I just installed it :P anyone else try it?
System Security
Malwarebytes
Does Malwarebytes Really Work? Or Is It Just A Scam? Should I Have It On My Computer? I Would Like To Have Extra Security. Thanks. :o
System Security
malwarebytes help
when i try to run it says run time error 0 after that error is run time error 440 automation error any help
System Security
Malwarebytes 1.42 available
Malwarebytes has been updated to 1.42 source
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:56.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App