Jump to content

Quarantine

beck
 Share

Recommended Posts

beck

beck

Posted
Posted

Hello,

New user here with the newest version (free) of Malwarebytes.

I ran a scan and a couple of things showed up. I could not see how to quarantine them, only remove them or ignore them. I did remove them and saw the log file. I guess I thought that it would quarantine them too?

Can someone please explain to me how the quarantine works?

Thank you.

EDIT:

Further checking by looking at the log, it says 'removed and quarantined', but the quarantine tab is empty.

Malwarebytes' Anti-Malware 1.25

Database version: 1090

Windows 5.1.2600 Service Pack 3

9:35:37 AM 8/28/2008

mbam-log-08-28-2008 (09-35-37).txt

Scan type: Full Scan (C:\|)

Objects scanned: 65478

Time elapsed: 21 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

After the scan, it told me to reboot, does this clear the quarantine too?

Either I wasn't paying attention or it wasn't very clear.

Anyway, I think they were false positives, so I should be OK.

I would still like a clarification of how the remove/quarantine process works.

Thanks again.

Link to post
Share on other sites
beck

beck

Posted
  • Author
Posted

Thank you, I did see that link.

However, nothing ever went into the quarantine in my case. It was and still is, empty.

So, if I wanted to, I could not restore what was removed.

Does it clear itself on reboot when things are removed?

Maybe I should have titled this 'Quarantine not working'.

Thanks again.

Link to post
Share on other sites
beck

beck

Posted
  • Author
Posted
Not if it's a delete on reboot no. Some things do stay. So, I have to admit I am not sure where the line is there. We will get to the bottom of it.

OK, thanks, that explains it.

Thank you for being patient with me.

I 'm happy that the program found and removed the nasties I didn't know I had, that SuperAntiSpyware never saw.

Thanks again.

Link to post
Share on other sites
  • 2 weeks later...
beck

beck

Posted
  • Author
Posted

Still a question/problem with quarantine.

Here's my story:

I ran the critical bug fix and then upgraded to version 1.27.

I ran a scan and it showed one registry entry bad.

I selected "remove selected" and was then asked if I wanted to reboot, I said no.

I then checked the quarantine tab and there was NOTHING (not shouting)

I then rebooted and checked the quarantine tab again and again, nothing.

How do I quarantine stuff? I don't see an option to quarantine when removing, or am I missing something?

Maybe there should be a 'Quarantine' button?

Does the program decide what it wants to quarantine?

So far for me, since using this program nothing has ever gone into quarantine.

I run XP Home SP3 and have admin rights. Someone mentioned file permissions?

I'd really like to get this cleared up.

Thank you.

Log:

Malwarebytes' Anti-Malware 1.27

Database version: 1128

Windows 5.1.2600 Service Pack 3

9/8/2008 9:29:50 AM

mbam-log-2008-09-08 (09-29-50).txt

Scan type: Quick Scan

Objects scanned: 43310

Time elapsed: 4 minute(s), 56 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites
beck

beck

Posted
  • Author
Posted
Hi

I have the same problem. My shutter Quarantine remains empty in spite of abolitions

Why ?

Thanks

Whew, I thought I was the only one!

Maybe they will come up with a solution. It's a nice program, other than that, for me , at least.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.