Jump to content


Photo

Forgot to check boxes of malware found after scan when pressing "remove" button


  • Please log in to reply
4 replies to this topic

#1 pallin

pallin

    New Member

  • Members
  • Pip
  • 3 posts

Posted 24 July 2011 - 04:12 AM

A quick scan of my computer with Malwarebytes Free revealed seven infections in 4 registry keys, 2 registry values and one file, all infected with PUP.Dealio.TB malware. A copy of the log is attached. When trying to remove this malware, I forgot to check the boxes of all but one of infections identified, before clicking the "remove" button. As can be seen, the message shown in the log for the six infections I forgot to check before clicking the "remove" button, show as "not selected for removal" (these apply to the 4 registry keys and 2 registry values infected). The one item for which I did check the box shows the message "quarantined and deleted successfully" (this applies to the 1 infected file). Many subsequent full system/quick scans have not picked up this malware again. Can you please advise whether or not the PUP.Dealio.TB malware has been removed from my (rather ancient Compaq laptop), and if not, what action needs to be taken to have it removed. There seems to be, at this stage, no noticeable deterioration in the speed of my laptop, although because of its age (bought in 2002) it is somewhat slow anyway. I use Avira Anti-virus Free and XP Home SP3. I would like to add that Malwarebytes is a really great piece of kit (I am seriously considering buying the pro version for my desktop which runs Avast! Free) - keep up the good work!

#2 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,016 posts
  • Gender:Male

Posted 24 July 2011 - 04:19 AM

Greetings and welcome :)

It is likely that the registry entries were connected to/related to the file that was detected and removed. It is likely that the PUP has been disabled by having its file removed, however, if you do wish to remove all traces do the following:

  • Open Malwarebytes' Anti-Malware and click on the Quarantine tab
  • Click on the file that you previously removed and click on Restore
  • Perform another Quick Scan with Malwarebytes' Anti-Malware, this time checking the box for all detected items/entries and remove them

Also, in the future, if you would like Malwarebytes' Anti-Malware to automatically check boxes for removal for PUP's (Potentially Unwanted Programs) then click on the Settings tab and click Scanner Settings. Click the drop-down menu next to Action for potentially unwanted programs (PUP): and select Show in results list and check for removal.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 pallin

pallin

    New Member

  • Members
  • Pip
  • 3 posts

Posted 24 July 2011 - 07:46 AM

Greetings and welcome :)

It is likely that the registry entries were connected to/related to the file that was detected and removed. It is likely that the PUP has been disabled by having its file removed, however, if you do wish to remove all traces do the following:

  • Open Malwarebytes' Anti-Malware and click on the Quarantine tab
  • Click on the file that you previously removed and click on Restore
  • Perform another Quick Scan with Malwarebytes' Anti-Malware, this time checking the box for all detected items/entries and remove them

Also, in the future, if you would like Malwarebytes' Anti-Malware to automatically check boxes for removal for PUP's (Potentially Unwanted Programs) then click on the Settings tab and click Scanner Settings. Click the drop-down menu next to Action for potentially unwanted programs (PUP): and select Show in results list and check for removal.



#4 pallin

pallin

    New Member

  • Members
  • Pip
  • 3 posts

Posted 24 July 2011 - 07:59 AM

Greetings and welcome :)

It is likely that the registry entries were connected to/related to the file that was detected and removed. It is likely that the PUP has been disabled by having its file removed, however, if you do wish to remove all traces do the following:

  • Open Malwarebytes' Anti-Malware and click on the Quarantine tab
  • Click on the file that you previously removed and click on Restore
  • Perform another Quick Scan with Malwarebytes' Anti-Malware, this time checking the box for all detected items/entries and remove them

Also, in the future, if you would like Malwarebytes' Anti-Malware to automatically check boxes for removal for PUP's (Potentially Unwanted Programs) then click on the Settings tab and click Scanner Settings. Click the drop-down menu next to Action for potentially unwanted programs (PUP): and select Show in results list and check for removal.



Many thanks for your very quick response. I have tried out what you have said, but cannot find any trace of the file removed in the Quarantine section. I remember that subsequently, following the detection, I deleted the file concerned from the Quarantine section. For future detections I have followed your advice and checked any PUPs for removal in the results page under Scanner Settings.

#5 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,016 posts
  • Gender:Male

Posted 24 July 2011 - 08:02 PM

You're very welcome, I'm glad to be of service.

Yes, if you've already deleted the quarantined file then you can't restore it. That's alright though because as I said previously, those registry entries/values were only traces connected to this file and without the file being there, they can't do anything.
Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users