MalwareKing

Malware-bytes almost messed up my pc (why)?

Recommended Posts

Hey Malware-bytes 

And everyone on the forum 

So,

I just scanned my pc today and by surprise i found that i had 13 PUP's on my system and my system is SUPER clean 

I never had anything show up before and am using malware-bytes for 3-4 years now 

 

So i see the threads i press "Quarantine selected" i wait and then i get a msg saying i need to restart my computer 

i press YES and then when i go to put in my password and log in and i see the loading screen saying 

Windows is creating your profile or something like that and my pc was like i installed windows 5 min ago 

and i was like "WTF is going on here" 

 

So i went back and RESTORED everything and thankfully everything is working as it was now 

 

But my Question to you guys and to Malware-bytes is 

 

Why did this happened ?

 

Here is a screenshot below of the selected PUP's 

 

i want to point out that this is the FIRST TIME EVER since using Malware bytes that had something like this happen to me

2017-03-17_0452.png

Share this post


Link to post
Share on other sites
Magman   

Me too. I support about 20 people with I.T. issues; and all with this combination of Advance System Care and Malwarebytes. They have existed together quite happily together for years. Now I am having to go on all these machines and sort them out.

 

Get a grip Malwarebytes or at least explain what has changed.

 

 

PJ

Share this post


Link to post
Share on other sites
4 hours ago, Magman said:

Me too. I support about 20 people with I.T. issues; and all with this combination of Advance System Care and Malwarebytes. They have existed together quite happily together for years. Now I am having to go on all these machines and sort them out.

 

Get a grip Malwarebytes or at least explain what has changed.

 

 

PJ

Wait soo you had the same issue two??

Sooo do you know what do i do 

 

I uninstalled Iobit advanced system care cuz i don't need it but what the heck do i do with this issues are they posing a thread to my computer 

or is it Malware-bytes fault?

Share this post


Link to post
Share on other sites
dcollins   

We are aware of an issue around this and are working internally on a solution for it. Unfortunately we don't have a workaround at this time.

Share this post


Link to post
Share on other sites
Telos   

If you like IOBIT, mark them "ignore", or de-select PUPs from your scanning profile. Alternately, uninstall IOBIT separately and rerun the scan. If there are still remnants, I would suggest making a full drive image before allowing MBAM to remove these.

Share this post


Link to post
Share on other sites
10 minutes ago, Telos said:

If you like IOBIT, mark them "ignore", or de-select PUPs from your scanning profile. Alternately, uninstall IOBIT separately and rerun the scan. If there are still remnants, I would suggest making a full drive image before allowing MBAM to remove these.

No 

what i want is 

What can i delete from the list above that wont destroy my pc again 

 

WHATS SAFE TO DELETE AND WHATS NOT 

 

Can i delete the registry keys or Advanced system care?

Edited by MalwareKing

Share this post


Link to post
Share on other sites
Porthos   
10 minutes ago, MalwareKing said:

What can i delete from the list above that wont destroy my pc again 

 

WHATS SAFE TO DELETE AND WHATS NOT 

 

Can i delete the registry keys or Advanced system care?

 

12 minutes ago, Telos said:

If you like IOBIT, mark them "ignore", or de-select PUPs from your scanning profile. Alternately, uninstall IOBIT separately and rerun the scan. If there are still remnants, I would suggest making a full drive image before allowing MBAM to remove these.

There is your solution.

Share this post


Link to post
Share on other sites
Just now, Porthos said:

 

There is your solution.

Yeah but 

 

I really dont know much about pc's so am asking simply 

IS IT SAFE TO DELETE THE FILES AND REGISTRY KEYS THAT I HAVE IN THE RED CYRCLE?

I have completely Uninstalled advanced system care and these come up as well

2017-03-17_2057.png

Share this post


Link to post
Share on other sites
Porthos   

If you are worried make a system image to an external drive or at the minimum create a SYSTEM RESTORE point first then delete those items.

Share this post


Link to post
Share on other sites
Unicore   

iObit Advanced System Care is a registry cleaner and a PC optimizer.  Such programs can do significant damage to your computer registry.  Unless you have a specific problem that requires editing the registry, it's better to leave the registry alone.  iOBit has a long history of including various malware along with their "free" programs.  I recommend that you remove any and all iOBit programs from your computer and scan with malwarebytes to clean up the PUP's.  If your computer was "messed up" the first culprit on the list is iOBit.

Share this post


Link to post
Share on other sites
dcollins   

@MalwareKing there should be no issues removing those files/registry entries. I just tested this on my personal machine to verify. However, as I mentioned above, we have been seeing reports of people having issues with being logged in to a temporary profile after removing some identified threats. What I would recommend is to remove those threats and then reboot. Once you reboot, if you get logged into a temporary profile, try rebooting once more and see if you can log in to your normal user.

Share this post


Link to post
Share on other sites
28 minutes ago, dcollins said:

@MalwareKing there should be no issues removing those files/registry entries. I just tested this on my personal machine to verify. However, as I mentioned above, we have been seeing reports of people having issues with being logged in to a temporary profile after removing some identified threats. What I would recommend is to remove those threats and then reboot. Once you reboot, if you get logged into a temporary profile, try rebooting once more and see if you can log in to your normal user.

YES 

This is exactly what happened to me 

I quarantined all the PUP's and when i restarted my PC it got me into a temporary profile 

and then i restored everything and my PC was fine again 

You say now if i delete all of them and restart my pc i should get a temporary profile and the restart it again and it will be fine 

 

Have you also tested the exact same files and registry keys i am presenting

Share this post


Link to post
Share on other sites
29 minutes ago, dcollins said:

Yep, I used the same threat with the same keys/files. I was able to replicate your issue so that should help us fix it in the future.

Okay soo

I do what you are suggesting and the problem should go away right? 

So to be perfectly clear here

1. I run thread scan with Malware-bytes

2. I get these 13 threads with the 4 registry keys and 2 values as i show in my picture above 

3. I press "Quarantine selected"

4. Malware-bytes restart's my PC 

5. I get into a temporary profile 

6. I restart my PC again 

7. My PC is working fine now

That's all i have to do right?

 

What happens if i reboot my machine again and i cant get into my normal profile

and am stuck with the temporary profile what then?

Edited by MalwareKing

Share this post


Link to post
Share on other sites
RolandJS   

Are you also making routine backups?  And, you can also un-Quarantine anything and everything at anytime, and then comes the Restart.

"...What happens if i reboot my machine again and i cant get into my normal profile.  and am stuck with the temporary profile what then?"

While I cannot answer that question directly, I will recommend making routine backups; and just before you run MBAM, you can use tweaking.com's Registry Backup/Restore utility to make a registry backup.  And, I have my computers set to make routine Registry Backups - just in case...

Edited by RolandJS

Share this post


Link to post
Share on other sites
On 17/03/2017 at 3:24 AM, MalwareKing said:

Hey Malware-bytes 

And everyone on the forum 

So,

I just scanned my pc today and by surprise i found that i had 13 PUP's on my system and my system is SUPER clean 

I never had anything show up before and am using malware-bytes for 3-4 years now 

 

So i see the threads i press "Quarantine selected" i wait and then i get a msg saying i need to restart my computer 

i press YES and then when i go to put in my password and log in and i see the loading screen saying 

Windows is creating your profile or something like that and my pc was like i installed windows 5 min ago 

and i was like "WTF is going on here" 

 

So i went back and RESTORED everything and thankfully everything is working as it was now 

 

But my Question to you guys and to Malware-bytes is 

 

Why did this happened ?

 

Here is a screenshot below of the selected PUP's 

 

i want to point out that this is the FIRST TIME EVER since using Malware bytes that had something like this happen to me

2017-03-17_0452.png

A workaround for the corrupt user profile which is indicative when you receive the configuring profile message which works for me is to enable/set 'delay protection at startup' to 60 seconds. Not had the profile corruption since.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.