7 replies to this topic

[pe12]

i ran a scan on 1/10/11 and it identified "VirTool.Agent.Gen". since then, this item was verified to be a false positive. so, i clicked "restore all" and the item disappeared from the quarantined area. i checked the original location and the file is now there but it is now named "keytool" instead the original name of "keytool.exe". then, i went back to the quarantine tab (without running a scan), and the "VirToolAgent.Gen" had been listed again. so, i updated the database today (5519) and ran a scan. this item still appears in quarantine identified as "VirTool.Agent.Gen". if this is a false positive, how do you delete it from the quarantine area?

[AdvancedSetup]

Please restart your computer. If the file has already been replaced and is in memory you cannot restore it.

If the file is still missing and is not blocked by your Anti-Virus then it should restore back to the same location with the same name.

Please let me know the status after a reboot.

Thanks

[pe12]

i rebooted. same problems. seems there is a glitch. the item shows in quarantine. if i click restore, it disappears. but if i then click any other tab (like "log") and then click quarantine again, the item reappears. it never goes away. i've updated the database and re-scanned. but when i go to quarantine, it is still there. i can't get rid of it from the quarantined area. i uninstalled and reinstalled malwarebytes itself, the item still appears in quarantine. is there a way to uninstall malwarebytes and clean out the history, then do a fresh install??

[AdvancedSetup]

Please do the following:

• Download and run mbam-clean.exe from here
  
• It will ask to restart your computer, please allow it to do so very important
  
• After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
  
  • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    
  • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
    Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

[pe12]

ok. I followed the above instructions exactly. After updating the data base, I clicked on quarantine, and it still shows the same item. Also, the date shown is the date (1-10-11) that the item was originally identified. ??

[AdvancedSetup]

Unless you did a scan to put it in there or allowed the protection module to put it in there I just don't see how it could be there. This cleanup routine deletes all registry keys and all files and folders associated with MBAM including the Quarantine folder.

Please run the following scanner again and post back the logs.

[indent]Download DDS and save it to your desktop
http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt will open.
Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

• DDS.txt
  
• Attach.txt

• Save both reports to your desktop
  
• Please include the following logs in your next reply: DDS.txt and Attach.txt

[/indent]

[pe12]

AdvancedSetup, on Jan 14 2011, 10:44 PM, said:

Unless you did a scan to put it in there or allowed the protection module to put it in there I just don't see how it could be there. This cleanup routine deletes all registry keys and all files and folders associated with MBAM including the Quarantine folder.

Please run the following scanner again and post back the logs.

[indent]Download DDS and save it to your desktop
http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt will open.
Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

• DDS.txt
  
• Attach.txt

• Save both reports to your desktop
  
• Please include the following logs in your next reply: DDS.txt and Attach.txt

[/indent]

well, i have no idea why it didn't work. i decided to try a different route to fix it. i uninstalled java, then went into quarantine and DELETED "VirTool.Agent.Gen". i reinstalled java, updated malwarebytes data base and re-scanned. IT IS GONE. thanks for the assistance.

[AdvancedSetup]

Okay glad you got it fixed and thank you for the followup reply.

I'll go ahead and close this post now.