Jump to content

Whether or not to delete Malwarebytes objects found


Recommended Posts

On Sunday I received the Green Dot MoneyPak malware on my home computer. McAfee was up and running but MoneyPak got through anyway. Screen was frozen, couldnt do anything. Through google on another computer saw it was Malware and one suggestion which worked was to go to SafeMode with cmd prompt and do a restore to a previous day. I had a saved point of the 13th of Dec, the Malware cropped up on 15 Dec. The restore worked. Full McAfee scan revealed nothing. I downloaded free version of Malwarebytes and it found 6 objects, of which only two were checked. On reboot they were gone (quaranteened?) Subsequent Malwarebyte scans show the following 4 objects and my question is why aren't there check marks on the entries? Should I quaranteen them as well?

Here they are:

Vendor Category Item

PUP.MyWebSearch Folder C:\Program Files {x86}\FunWebProducts

PUP.MyWebSearch Registry Key HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9....and on and on

PUP.MyWebSearch Registry Key HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{1D4DB7D2-6EC9....and on

and on

PUP.FunWebProducts File C:\Users\Home\Local Settings|Temporary Internet Files\Content.IE5\NU313EC2\

Gaming\Wonderland.exe

Only fallout from the ordeal right now is that my home webpage of www.yahoo.com will not load up when launching my Internet Explorer 9. Everything else loads up ok, facebook, drudge, etc. But Yahoo gives me "OOPS - Internet Explorer could not connect to www.yahoo.com. Try reloading www.yahoo.com. Suggestion - Access a cached copy of www.yahoo.com

I can however, go to www.mail.yahoo.com and log in successfully. I use Windows 7, Internet options/tools shows www.yahoo.com as home page - but just wont load up when launching internet explorer. Is there a block list somewhere I can check? Any thoughts on the malware above and why I cant launch yahoo. Thanks so much // Mark

Link to post
Share on other sites

Hello and welcome, mharski: :)

PUP = Potentially Unwanted Program. These are legal software (toolbars, etc) that you may have intentionally installed on your system. That's why MBAM detects them but does not automatically flag them for quarantine, as they are not malware per se. If you want to remove these items, then you just need to manually select them (place a check mark next to them) for MBAM to remove them.

Having said that, if you are or recently have been infected with other, malicious malware, such as Green Dot MoneyPak, then it might be a good idea to have one of the malware experts guide you through checking your system and cleaning it of infection remnants.

We cannot work on malware removal in this sub-section of the forum, so please read below for assistance with cleaning your system.

IMPORTANT: Please do NOT use any temporary file cleaners unless instructed to do so - they can cause data loss, making recovery difficult.

There are some excellent, self-help tutorials on getting MBAM to run on an infected system in the FAQ: HERE and in the KB section: HERE.

IF YOU WOULD LIKE EXPERT HELP WITH MALWARE REMOVAL, PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:

OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum. (Please see helpful tips below.)

OPTION 2: For licensed users of MBAM PRO, there is free, one-on-one, expert assistance from the MBAM support helpdesk.

OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:

  • Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" sticky topic.
  • -->If the infection has so crippled the computer that you cannot complete some or all of the steps, then just do the best you can and start a new topic as described below.
  • Then please start a new post in the Malware Removal Forum.
  • An authorized, trained malware expert will provide free, one-on-one assistance as soon as one becomes available.

  • -->>When starting your new post, please note the following:<<--
  • Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  • Please COPY/PASTE the requested logs directly into your post, rather than attaching them.
  • Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  • Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  • Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  • Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.

OPTION 2:

If you are a paid user of MBAM PRO and would like support via the helpdesk, please contact them HERE.

OPTION 3:

If you prefer the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to the Premium Support site HERE.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1

Link to post
Share on other sites

Hi - thank you for the response. Further to my original post, when I got home today from work I ran the Malwarebytes scan while in safe mode. When finished

it had detected the same 4 objects I reported previously. I restarted the computer and surprisingly, now yahoo home page comes up like normal again.

Not sure of the correlation with the scan while in safe mode, if any, but will better review your comments and decide whats the best course of action for me.

Again, tks for the quick response. Best regards // Mark

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.