beck

Quarantine

14 posts in this topic

Hello,

New user here with the newest version (free) of Malwarebytes.

I ran a scan and a couple of things showed up. I could not see how to quarantine them, only remove them or ignore them. I did remove them and saw the log file. I guess I thought that it would quarantine them too?

Can someone please explain to me how the quarantine works?

Thank you.

EDIT:

Further checking by looking at the log, it says 'removed and quarantined', but the quarantine tab is empty.

Malwarebytes' Anti-Malware 1.25

Database version: 1090

Windows 5.1.2600 Service Pack 3

9:35:37 AM 8/28/2008

mbam-log-08-28-2008 (09-35-37).txt

Scan type: Full Scan (C:\|)

Objects scanned: 65478

Time elapsed: 21 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

After the scan, it told me to reboot, does this clear the quarantine too?

Either I wasn't paying attention or it wasn't very clear.

Anyway, I think they were false positives, so I should be OK.

I would still like a clarification of how the remove/quarantine process works.

Thanks again.

Share this post


Link to post
Share on other sites

Here's a recent link on how the quarantine works.

Link

Share this post


Link to post
Share on other sites

Thank you, I did see that link.

However, nothing ever went into the quarantine in my case. It was and still is, empty.

So, if I wanted to, I could not restore what was removed.

Does it clear itself on reboot when things are removed?

Maybe I should have titled this 'Quarantine not working'.

Thanks again.

Share this post


Link to post
Share on other sites

You have nothing in quarantine because it was quarantined and deleted. Just like it says in your log.

Share this post


Link to post
Share on other sites
You have nothing in quarantine because it was quarantined and deleted. Just like it says in your log.

So, it doesn't stay in quarantine if I wanted to possibly restore later?

Share this post


Link to post
Share on other sites

Not if it's a delete on reboot no. Some things do stay. So, I have to admit I am not sure where the line is there. We will get to the bottom of it.

Share this post


Link to post
Share on other sites
Not if it's a delete on reboot no. Some things do stay. So, I have to admit I am not sure where the line is there. We will get to the bottom of it.

OK, thanks, that explains it.

Thank you for being patient with me.

I 'm happy that the program found and removed the nasties I didn't know I had, that SuperAntiSpyware never saw.

Thanks again.

Share this post


Link to post
Share on other sites

Still a question/problem with quarantine.

Here's my story:

I ran the critical bug fix and then upgraded to version 1.27.

I ran a scan and it showed one registry entry bad.

I selected "remove selected" and was then asked if I wanted to reboot, I said no.

I then checked the quarantine tab and there was NOTHING (not shouting)

I then rebooted and checked the quarantine tab again and again, nothing.

How do I quarantine stuff? I don't see an option to quarantine when removing, or am I missing something?

Maybe there should be a 'Quarantine' button?

Does the program decide what it wants to quarantine?

So far for me, since using this program nothing has ever gone into quarantine.

I run XP Home SP3 and have admin rights. Someone mentioned file permissions?

I'd really like to get this cleared up.

Thank you.

Log:

Malwarebytes' Anti-Malware 1.27

Database version: 1128

Windows 5.1.2600 Service Pack 3

9/8/2008 9:29:50 AM

mbam-log-2008-09-08 (09-29-50).txt

Scan type: Quick Scan

Objects scanned: 43310

Time elapsed: 4 minute(s), 56 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

I am administrator.

I have two computers and have the same problem on both. I am admin on both.

Share this post


Link to post
Share on other sites
Hi

I have the same problem. My shutter Quarantine remains empty in spite of abolitions

Why ?

Thanks

Whew, I thought I was the only one!

Maybe they will come up with a solution. It's a nice program, other than that, for me , at least.

Share this post


Link to post
Share on other sites

Interesting,

Something is going wrong with registry quarantining on your systems. I will take a look at the code.

Share this post


Link to post
Share on other sites

Interesting that the 'Ignore' feature works though. :angry:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.