Sign In
Create Account
1
Once the Scan is completed, what happens to the infected file is "Remove Selected" is chosen? Will the infected file be deleted or quarantine?
Serge
Back to top
#2
Posted 16 August 2008 - 05:39 AM
-
- Root Admin
-
- 4,049 posts
Marcin
- Gender:Male
A copy is made to the quarantine and then it is either immediately removed or removed on reboot.
#3
Posted 16 August 2008 - 08:03 AM
-
- Members
-
- 21 posts
New Member
After 2 days, considering if it was a false positive, I finally decided to click on "Remove Selected". I do not know if a copy went to quarantine or not but "Adware.MyWebSearch" was immediately removed. I ran malwarebytes again, no spyware was found.
Thanks
Serge
Thanks
Serge
RubbeR DuckY, on Aug 16 2008, 06:39 AM, said:
A copy is made to the quarantine and then it is either immediately removed or removed on reboot.
#4
Posted 16 August 2008 - 11:37 AM
-
- Experts
-
- 290 posts
True Member
Serge,
Open MBAM, click on the quarantine tab. Do you see the file you had MBAM remove there?
You will see options Delete, delete all, restore, restore all. As Rubber Ducky said , copy's of files MBAM removes/deletes are sent to quarantine. Whilst in quarantine it (the copy of the original file) can do no harm to your pc. If at a later date you find MBAM has removed/deleted a legitimate file (a false positive), it can be restored from quarantine back to your pc, by clicking the restore button. If however, you know for certain that it is a malicious file then choosing delete, deletes it for good, and cannot then be restored.
Hope this helps.
Open MBAM, click on the quarantine tab. Do you see the file you had MBAM remove there?
You will see options Delete, delete all, restore, restore all. As Rubber Ducky said , copy's of files MBAM removes/deletes are sent to quarantine. Whilst in quarantine it (the copy of the original file) can do no harm to your pc. If at a later date you find MBAM has removed/deleted a legitimate file (a false positive), it can be restored from quarantine back to your pc, by clicking the restore button. If however, you know for certain that it is a malicious file then choosing delete, deletes it for good, and cannot then be restored.
Hope this helps.
#5
Posted 16 August 2008 - 09:24 PM
-
- Root Admin
-
- 4,049 posts
Marcin
- Gender:Male
Even better, the copies in the quarantine are renamed, encrypted and password protected. Even if somebody attempted to run a file it would error.
#6
Posted 17 August 2008 - 08:17 AM
-
- Members
-
- 21 posts
New Member
RubbeR DuckY, on Aug 16 2008, 09:24 PM, said:
Even better, the copies in the quarantine are renamed, encrypted and password protected. Even if somebody attempted to run a file it would error.
Thanks for the info.
Now how do I delete all these messages in my in box?
Serge
#7
Posted 17 August 2008 - 07:04 PM
-
- Root Admin
-
- 4,049 posts
Marcin
- Gender:Male
Click the quarantine tab and click delete all.
#8
Posted 19 August 2008 - 08:04 PM
-
- Members
-
- 21 posts
New Member
My question was: "Now, how do I delete all these messages in my in box?" The reply does not seem to match my question.
This board has a hard learning curve.
Serge
Thanks for your Help!
This board has a hard learning curve.
Serge
Thanks for your Help!
RubbeR DuckY, on Aug 17 2008, 08:04 PM, said:
Click the quarantine tab and click delete all.
#9
Posted 19 August 2008 - 08:28 PM
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
Open the program and you will see several tabs. Quarantine is one. You might want to have someone have a look at your logs too, after you follow the instructions here http://www.malwarebytes.org/forums/index.p...;st=0#entry9894 and start your own topic.
#10
Posted 20 August 2008 - 09:09 AM
-
- Members
-
- 21 posts
New Member
I did follow your instructions from your previous message. I submitted the 3 logs as requested on 17 Aug 08. I did start a new topic. Did I place the logs in the wrong forum? I do not know.
Should I re-submit them if so where?
Serge
Should I re-submit them if so where?
Serge
JeanInMontana, on Aug 19 2008, 08:28 PM, said:
Open the program and you will see several tabs. Quarantine is one. You might want to have someone have a look at your logs too, after you follow the instructions here http://www.malwarebytes.org/forums/index.p...;st=0#entry9894 and start your own topic.
#11
Posted 20 August 2008 - 11:58 AM
-
- Experts
-
- 290 posts
True Member
sergelepine, on Aug 19 2008, 09:04 PM, said:
My question was: "Now, how do I delete all these messages in my in box?" The reply does not seem to match my question.
Serge,
Was this question specifically about MBAM, or your E-mail inbox ?
#12
Posted 20 August 2008 - 05:57 PM
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
sergelepine, on Aug 20 2008, 03:09 AM, said:
I did follow your instructions from your previous message. I submitted the 3 logs as requested on 17 Aug 08. I did start a new topic. Did I place the logs in the wrong forum? I do not know.
Should I re-submit them if so where?
Serge
Should I re-submit them if so where?
Serge
I see your thread, you need to update MBAM, it's at version 1.25 now and post a new log from it for Tigger to see, and a new HJT log. Also as melboy has asked, are you referring to your email inbox as well as your quarantine folder?
#13
Posted 20 August 2008 - 07:51 PM
-
- Members
-
- 21 posts
New Member
The answer required is for the E-mail in box.
My mistake the first question had been answered. I should have started a new topic.
Thanks
Serge
My mistake the first question had been answered. I should have started a new topic.
Thanks
Serge
melboy, on Aug 20 2008, 11:58 AM, said:
Serge,
Was this question specifically about MBAM, or your E-mail inbox ?
Was this question specifically about MBAM, or your E-mail inbox ?
#14
Posted 20 August 2008 - 09:35 PM
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
OK what type of email do you use? Web Mail, OutLook? Every email will have a delete option on it.
#15
Posted 21 August 2008 - 01:08 AM
-
- Members
-
- 21 posts
New Member
Forget the question. It was in In Box on this board. It is ok there nothing in it.
Serge
Serge
JeanInMontana, on Aug 20 2008, 09:35 PM, said:
OK what type of email do you use? Web Mail, OutLook? Every email will have a delete option on it.
#16
Posted 25 August 2008 - 12:30 PM
-
- Members
-
- 1 posts
New Member
RubbeR DuckY, on Aug 16 2008, 05:24 PM, said:
Even better, the copies in the quarantine are renamed, encrypted and password protected. Even if somebody attempted to run a file it would error.
The problem is that for an OPs notebook computer I have been working with, Quarantining this file renders the keyboard unusable (it acts as if the Special Function key was being held down). It would have helped if the files were not encrypted and password protected; or if a "back door" in the form of a Command Line alternative for restoring a file from Quarantine was provided. Then one could programmatically restore rather than depend only on a now inaccessible GUI.
I understand the concern -- I too have seen things run from anti-malware Quarantine folders even if renamed. (This issue underlies, for example, the Deckard Scan issue with TDSSSERV and the file advapi32.dll). But a "backdoor" for a Restore would be an idea worth consideration.
Best regards to all for a wonderful tool and a simply great job by all at Malwarebytes,
Bill Castner
#17
Posted 06 January 2009 - 07:46 AM
-
- Members
-
- 13 posts
New Member
melboy, on Aug 16 2008, 11:37 AM, said:
Serge,
Open MBAM, click on the quarantine tab. Do you see the file you had MBAM remove there?
You will see options Delete, delete all, restore, restore all. As Rubber Ducky said , copy's of files MBAM removes/deletes are sent to quarantine. Whilst in quarantine it (the copy of the original file) can do no harm to your pc. If at a later date you find MBAM has removed/deleted a legitimate file (a false positive), it can be restored from quarantine back to your pc, by clicking the restore button. If however, you know for certain that it is a malicious file then choosing delete, deletes it for good, and cannot then be restored.
Hope this helps.
Open MBAM, click on the quarantine tab. Do you see the file you had MBAM remove there?
You will see options Delete, delete all, restore, restore all. As Rubber Ducky said , copy's of files MBAM removes/deletes are sent to quarantine. Whilst in quarantine it (the copy of the original file) can do no harm to your pc. If at a later date you find MBAM has removed/deleted a legitimate file (a false positive), it can be restored from quarantine back to your pc, by clicking the restore button. If however, you know for certain that it is a malicious file then choosing delete, deletes it for good, and cannot then be restored.
Hope this helps.
RubbeR DuckY, on Aug 16 2008, 09:24 PM, said:
Even better, the copies in the quarantine are renamed, encrypted and password protected. Even if somebody attempted to run a file it would error.
Wow this makes me feel safe.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
