Malwarebytes issue

Hi,
You might post the scan results for review ?
It would be best to ask on the mbam website forum and have them investigate the issue
https://forums.malwarebytes.org/inde...-removal-help/
Cheers.

Disable System Restore
Scan
Enable System Restore

Possibly a rootkit. Try scanning with TDSSKiller.

TDSSKiller Download

Also, try running RKill before you run MBAM.

http://www.bleepingcomputer.com/download/rkill/

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.

Tookeri said:

Disable System Restore
Scan
Enable System Restore

This is most likely what is happening. Malware loves the system restore feature. Disable system protection and clean all threats found, then re-enable it.

In addition:

1.) Download herdprotect: (choose the portable version)

Download herdProtect - Free Anti-Malware Platform

2.) Run the scan.

3.) When the scan finishes, save the results per the screenshot below. Then upload the log here.

DO NOT REMOVE ANYTHING YET. I will advise if anything needs removed when I receive the log.

Attached Images

Unfortunately Spybot search and destroy needs to be disabled when running other scans. It 'interferes' with the other anti-malware tools.


PUPS ...potentially unwanted programs ... could be adware.

Please download AdwCleaner by Xplode and save to your Desktop.
Step 1.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Step 2.
Using AdwCleaner v3: Scan & Clean:
This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder


******Post both .txt logs

Good catch Jacee. Spybot interferes with everything on a computer.
Spybot has been out of the picture for many of years. I wish it would go away again and stay gone.

FYI if you only want to check specific files, for example downloaded programs before running or installing them, I created a script you use with the Send To context menu that can check files on HerdProtect(and VirusTotal) without installing the HerdProtect software.

The Tutorial is here: VirusTotal + HerdProtect - Check Files with Simultaneously

boyboyds said:

1.) Download herdprotect: (choose the portable version)

This is the first time I've heard of herdprotect. I read some reviews and many are not very complimentary. Is this a truly good tool to have....?

BBDS

Where are the reviews that are not complementary?

It is not the average tool the average joe should download and use on there own.

It is for logging purposes so I can see if anything is there infection wise. You know hijack this? It is sort of like that. Not everything it finds is actually malware. Its not a remove everything it finds tool.