Jump to content

Amnezia

Members
  • Content Count

    4
  • Joined

  • Last visited

About Amnezia

  • Rank
    New Member
  1. Maybe something I should also mention I do have Linux installed but I dont think it should have access to windows defender, if it's to much of a mess I will just wipe my HDD and reinstall windows
  2. I cant seem to edit the posts so ill add another reply. I can't edit the permissions of the groups when clicking the edit button in properties and the trusted installer user has full control permissions, the other two at the top only read, read & execute
  3. I should add that it also added a bunch of empty folders named after Anti-Virus programs in Program Files (x86), I could not access them even when giving admin permission, I used Take Ownership cmd and then was able to delete the folders.
  4. Hello, I recently had a virus on my laptop, after a bit of searching I found this thread on the forum https://forums.malwarebytes.com/topic/201134-cant-install-malwarebytes-this-app-has-been-blocked-for-your-protection/?page=4 It seemed to have the exact same issues with not being able to install Malwarebytes or use AdwCleaner, after reading the posts I followed the instructions on the last page opening up mmc.exe and remove the list of untrusted certificates. Then I was able to install MB and after a scan it deleted a coinminer virus. Before all of this I noticed in Task Manager that Antimalware Service Executable was running high CPU and Memory percentages so I poked around in Windows Defender and found that there were exclusions added pointing to c/windows/services or something, I deleted those and scanned but it found nothing and thats why tried installing MB and it gave me this popup(image from other thread); https://content.invisioncic.com/Mmalware/monthly_2017_05/consent_2017-05-22_19-48-28.png.6a371854a53d7cbed036238107056ba2.png As I mentioned I followed instructions from the other thread and was able to install MB and remove the virus. But still I keep seeing Antimalware Service Executable in taskmanager so I right-clicked on it and went to the file location (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0), so I went to the properties of MsMpEng.exe and noticed in the security tab there are more Users and groups added than I normally see in other files. Are these left-overs from the virus? If so can I delete them?
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.