Jump to content

Modified system files by MBAM

Recommended Posts

  • Root Admin

Hello gasgpmo, and welcome to Malwarebytes.org

No our product does not modify these files. You may have an infection resident on your system or perhaps a false positive from your Anti-Virus.

The best thing to do is follow the instructions below and allow someone with experience to assist you. Please be patient though as it can take a couple of days before someone can get to you. There are only so many qualified helpers.

We don't work on Malware removal in the general forums.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Link to post
Share on other sites

It wasn't my antivirus, it was my firewall which explicitly told me that MBAM had altered the files. The files hadn't been touched by anything before I installed MBAM, updated, and scanned the system. Unless this "infection" was somehow waiting for the perfect time to strike and blame it on MBAM!...then it was MBAM, or my firewall is delusional.

I'm not looking for any Malware removal experts. I'm looking for someone who can tell me why MBAM modified the files, or at least tell me why my firewall told me that it did.

Link to post
Share on other sites

  • Root Admin

Don't have an answer for you that apparently will satisfy you. I've already told you that it should not and the product is installed on millions of computers.

You can either ask for assistance scanning your system as I've posted or contact support@malwarebytes.org and they can help you to scan for any potential issue.

We open and check files but we do not alter them just like your Anti-Virus product does.

Link to post
Share on other sites

I'm not really computer or security savvy, but would a firewall inform one of changes to programs? I thought a firewall would inform of entries into or out of a system? By no means am I attempted to be a smart A. I'm just trying to understand and learn

by the way, i like this forum. helpful people here. I was clued into malwarebytes by members on the Norton forum who swear by malwarebytes as an adjunct to their Norton product

Link to post
Share on other sites

I'm not really computer or security savvy, but would a firewall inform one of changes to programs? ...

In most firewalls, when an application that accesses the Internet changes, the firewall notifies the user and asks if they still want to allow it to access the Internet.

In this case, I'm fairly certain that the user has something other than Malwarebytes' Anti-Malware, as our software makes no changes to system files on it's own. There is an internal whitelist that prevents it from changing system files, even if it detects malware in them.

Note that the screenshot below is what our software looks like when you open it, and if it does not look like that, then you have something else:


Link to post
Share on other sites


You don't say so, but it sounds like you may be referring to the Defense+ component of Comodo Internet Security. I've seen Comodo throw up that kind of notification before and it IS disconcerting. However, as AdvancedSetup has stated, MBAM is not modifying your files. It does need to interact with various Windows processes in memory and this is probably what Comodo is seeing and interpreting as a modification. See this link to better understand how Defense+ works and how to set it and also this on Computer Security Policy. This behavior is one of the reasons I don't recommend Comodo for the average user. It's just too complicated and scary for many people.


See these Wikipedia Articles for more information on Intrusion Prevention System and Comparison of Firewalls

Link to post
Share on other sites

Yeah, I have a Comodo firewall, but I don't know what Defense+ is. If that's all that's going on, Jacktivity, then I guess there's no problem after all. Comodo is known to be aggressive, sometimes interpreting DNS queries as UDP scans.

And MBAM is installed correctly, as I downloaded it from the official website.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.