My first run of Malwarebytes

[Stevekir]

I installed and ran the free version. It found about 11 Candy PUP stuff which it deleted. Nothing else. Good.

But, two things:

1. Just before running, Malwarebytes advised turning off my antivirus for the default 10 minutes offered by AVG Cloudcare. (I know. It came free for a year when my computer was built for me and that sevenforums describes it as rubbish and I will soon be choosing a better one.) Having told me earlier that it was compatible with AVG, Malwarebytes took about 10 minutes to complete before telling me to restart (to complete the removal of the PUPs). AVG Cloudcare re-activated itself. But 10 minutes without any antivirus running worried me. (AVG detected a MSIL Trojan Horse two days ago and neutered it.)

-- Is 10 minutes without any antivirus worrying? And what should I do next time?

2. AVG Cloudcare reported as in the attached image. I had installed Acronis, and uninstalled it about 6 weeks ago using its uninstall program. I know what a digital signature is (but not in detail). The file is Hidden. My system is 64 bit, not 32. I will never want Acronis.

--Should I simply delete the file?

Thanks.

 

[MoxieMomma]

Hi:

I installed and ran the free version. It found about 11 Candy PUP stuff which it deleted. Nothing else. Good.

But, two things:

1. Just before running, Malwarebytes advised turning off my antivirus for the default 10 minutes offered by AVG Cloudcare. (I know. It came free for a year when my computer was built for me and that sevenforums describes it as rubbish and I will soon be choosing a better one.) Having told me earlier that it was compatible with AVG, Malwarebytes took about 10 minutes to complete before telling me to restart (to complete the removal of the PUPs).

That sounds odd.
I run MBAM Premium and have never been infected, but as a longstanding volunteer helper at the MBAM forum, I've never heard of MBAM prompting a user to disable one's AV in order to run a scan or clean up after a scan. It's especially so because it sounds as if you are describing "OpenCandy", which is just a PUP, not bad malware.

MBAM Premium is designed to run alongside all major AVs, and the Free version (no real-time protection) ought not to conflict, either.

Having said all that, some PUPs can be pesky to fully remove.

>>You don't happen to be able to replicate that behavior, so that you can post a screenshot here of the message dialog?

>>Or perhaps you can export the MBAM scan log as a *.txt file and attach it to your next reply here, so we can see what it found and removed (instructions for locating and exporting the log files are HERE)?

AVG Cloudcare re-activated itself. But 10 minutes without any antivirus running worried me. (AVG detected a MSIL Trojan Horse two days ago and neutered it.)

-- Is 10 minutes without any antivirus worrying? And what should I do next time?

2. AVG Cloudcare reported as in the attached image. I had installed Acronis, and uninstalled it about 6 weeks ago using its uninstall program. I know what a digital signature is (but not in detail). The file is Hidden. My system is 64 bit, not 32. I will never want Acronis.

--Should I simply delete the file?

Thanks.

We'll need to wait for someone more qualified with malware removal and more familiar with AVG, but that looks like an AVG false-positive, unrelated to MBAM.

Thanks,

 

[AddRAM]

Anti Virus or anti malware can always throw up false positives, it`s better to set it to warn you of bad guys, then you decide to get rid of it or not.

MSE and MBAM are all you need, AVG is garbage.

Microsoft Security Essentials - Microsoft Windows

https://www.malwarebytes.org/lp/sem/5/?gclid=CN_omtXw2MUCFYoYHwod3mUAgQ

 

[MoxieMomma]

https://www.malwarebytes.org/lp/sem/5/?gclid=CN_omtXw2MUCFYoYHwod3mUAgQ

Wow!
That's weird, funky link to MBAM.

It works...

...But, for the record, here are the standard download links for MBAM:

https://www.malwarebytes.org/mwb-download/00/
http://downloads.malwarebytes.org/file/mbam/

(The installer is the same for Free, Trial and Premium. Paid users activate the Premium features with a valid license Key/ID.)

Cheers,
MM

 

[AddRAM]

What`s funky about it :huh:

It`s the 1st link that comes up when googled, and what I have bookmarked.

You don`t want to send someone to the paid version page

Yours is good too, replaced mine with yours.

 

[MoxieMomma]

What`s funky about it :huh:

It's a peculiar URL, even though it takes one to the right landing page

It`s the 1st link that comes up when googled, and what I have bookmarked.

When I Google "MBAM Download", these are the first links provided in the search:
https://www.malwarebytes.org/mwb-download/
https://www.malwarebytes.org/downloads/
https://www.malwarebytes.org/
https://www.malwarebytes.org/antimalware/

So perhaps it depends on one's locale???

You don`t want to send someone to the paid version page

The setup file is the same for Free, Trial and Premium.
It's entirely up to the consumer whether or not to purchase the Premium version.
Any MBAM download link will provide the exact same installer, and it installs as the Free version*.
So, the only way one could end up with the Premium version is by purchasing a license and then activating the program.
IOW one cannot end up paying for the Premium unless one chooses to make the purchase.

(*There is a 14-day Trial enabled by default -- unless the user opts out during the setup wizard. The current policy is one Trial per PC per MBAM program version.)

>>The OP seems to be looking for realtime protection. That is why I mentioned the Premium version.
MBAM Free is just an on-demand, manual scanner.

Ennywho, I don't seek to flagellate a deceased equine.
It's just that I had never seen a URL like the one you posted (despite nearly 6 years and 20K posts at the MBAM forum).

Nothing more.

Cheers!
MM (no affiliation with or financial interest in MBAM)

 

[torchwood]

first link

Just a comment,
most first links tend to be "sponsored" and have extra's, i never ever use them.

Roy

 

[MoxieMomma]

Just a comment,
most first links tend to be "sponsored" and have extra's, i never ever use them.

Roy

Excellent point, and I always check before I click search links...

AFAIK none of the links I provided is "sponsored" (in fact, I'm not sure if Malwarebytes Corporation even engages in that...).

Ennywho, back to the OP's original question:
@Stevekir, I am unfamiliar with MBAM ever prompting a user to disable his/her AV to scan or to clean-up.
If you still need help, could you please shed a bit more light on what you reported, perhaps with a scan log or screen-shot?

Thanks,

 

[Layback Bear]

I have used Malwarebytes Free and I also have use Malwarebytes Paid for years and have never had Malwarebyte Anti Malware ever requested me to turn off my anti virus program.

 

[Stevekir]

Hi:

I installed and ran the free version. It found about 11 Candy PUP stuff which it deleted. Nothing else. Good.

But, two things:

1. Just before running, Malwarebytes advised turning off my antivirus for the default 10 minutes offered by AVG Cloudcare. (I know. It came free for a year when my computer was built for me and that sevenforums describes it as rubbish and I will soon be choosing a better one.) Having told me earlier that it was compatible with AVG, Malwarebytes took about 10 minutes to complete before telling me to restart (to complete the removal of the PUPs).

That sounds odd.
I run MBAM Premium and have never been infected, but as a longstanding volunteer helper at the MBAM forum, I've never heard of MBAM prompting a user to disable one's AV in order to run a scan or clean up after a scan. It's especially so because it sounds as if you are describing "OpenCandy", which is just a PUP, not bad malware.

MBAM Premium is designed to run alongside all major AVs, and the Free version (no real-time protection) ought not to conflict, either.

Having said all that, some PUPs can be pesky to fully remove.

>>You don't happen to be able to replicate that behavior, so that you can post a screenshot here of the message dialog?

>>Or perhaps you can export the MBAM scan log as a *.txt file and attach it to your next reply here, so we can see what it found and removed (instructions for locating and exporting the log files are HERE)?

AVG Cloudcare re-activated itself. But 10 minutes without any antivirus running worried me. (AVG detected a MSIL Trojan Horse two days ago and neutered it.)

-- Is 10 minutes without any antivirus worrying? And what should I do next time?

2. AVG Cloudcare reported as in the attached image. I had installed Acronis, and uninstalled it about 6 weeks ago using its uninstall program. I know what a digital signature is (but not in detail). The file is Hidden. My system is 64 bit, not 32. I will never want Acronis.

--Should I simply delete the file?

Thanks.

We'll need to wait for someone more qualified with malware removal and more familiar with AVG, but that looks like an AVG false-positive, unrelated to MBAM.

Thanks,

No. I can't replicate it. I have no other PUPs left. But attached is the MBAM scan log as a .txt (well, saved from Notepad).

Thanks for the help.

 

[Layback Bear]

I would suggest running Malwarebytes again and make sure you have the rootkit option selected.

 

[cflusflwfl]

After running MBAM, run AdwCleaner. This is excellent at finding and removing PUPS and BHOs.

 

[cyclops]

Stevekir and for all if it matters, my rule for any activity to be performed with AV turned off is to disconnect from the world. I'll update MBAM and AV, disable network connection the shut down the AV permanently so that I say when it is on. After running scans and reboot then bring everything back in reverse order. Never want to be caught with my AV off when connected to anything. Just saying that's how I do it, doesn't mean you should.