User Profile damaged after chameleon malwarebytes install

[paulmintra]

Today 14/07/15, after installing chameleon malwarebytes on approx 10 Windows 7 Pro  64 bit - Domain connected PC's (Logged in as the user with admin rights) - The user profile is now screwed up. (Note: not roaming profile)

 

EG: When running Outlook (Exchange Server Connected), Get: Access denied: You do not have permission to access the file - C:\users\username\appdata\local\microsoft\outlook\username@******.org.uk.ost.

 

Attempt to open Word Doc from network drive: Word could not create the work file. Check the temp environment variable.

 

Browsers & other programms won't work. (Can ping websites).

 

The users can login on other PC's & Outlook (Exchange Connected can be setup & works), along with browsers etc.

 

 

 

[Firefox]

Hello and Welcome!

I have asked the mods/admins to move your topic to the business section, as from what you are describing you are in a business environment.

Thanks

[johnmintra]

Hi Paul went into this charity customer as I was concerned that the AntiVirus protection at the site may not be ideal as they just use the microsoft Windows Defender.  The scans he did with the Malwarebytes did reveal some stuff particualrly on a couple of machines - I was going to suggest that they purchase this as an additional tool.   The IT manager told me this morning that she did not want us to use this tool on the site ever.

This is a shame as we have used this to remove infections at other sites in the past with no issues.

The fix was as follows.  These are machines on a domain without roaming profiles.  Unjoin from the domain then use the profilewiz from ForiensIT to join the domain but using the profile that was left on the disc from the previous connection.  This fixed all the permission issues and gave us the same profile.

 

As I am not clear what happened I will be a bit nervous about where we use Malwarebytes in future but at least we have a fix.

[Rsullinger]

Hello Paul and John,

 

I am sorry to hear that happened. That is not something that should have happened and I am interested in why it may have occurred and how our product may have had a hand in it. You mentioned you were able to provide a fix for this, if you want to see why this may have occurred I can assist in troubleshooting this with an e-mail case. Let me know if that is something you wish to do!

 

Thank you,

 

Ron S

[johnmintra]

I think it is likely that the issue occured when running chameleon version with the user logged into the domain the user had admin rights to the local machine but not to the domain. I will speak to Paul on monday and think it may be useful to open a support case as I want to understand the issue.    One one of the machines we had an issue with I ran standard malwarebyes without an issue after.