Malwarebytes acting like a virus.

The past few weeks my computer has been acting wierd, going slow, crashing, etc.

I decided to install Malwarebytes to scan the computer, and found 6 Objects Infected.

The weird thing is though, that the 6 objects where normal.

Here is my log:

Malwarebytes' Anti-Malware

Database version: 7615

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

8/30/2011 5:44:26 PM
mbam-log-2011-08-30 (17-44-23).txt

Scan type: Quick scan
Objects scanned: 199048
Time elapsed: 2 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Backdoor.HMCPol.Gen) -> Value: HKCU -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Backdoor.HMCPol.Gen) -> Value: HKLM -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\David\AppData\Roaming\winlogon.exe (Trojan.Downloader) -> No action taken.
c:\Users\David\AppData\Roaming\logs.dat (Bifrose.Trace) -> No action taken.


One of them, the process winlogon.exe, I removed in the Windows Task Manager processes tab, and it crashed my client (which it should if you delete it), so that means it is not a virus.

Then that must mean that Malwarebytes is giving me false information. I tried deleting the Malwarebytes file in 'Program Files (x86)' and these files wouldn't delete:



My computer OS is Windows 7 64-Bit.

Hope I can get this solved!
6 answers Last reply
More about malwarebytes acting virus
  1. Its quite possible that the malware or what ever you want to call it is stoping Mbam from picking it up... Download Rkill.. and run it up in safe mode and the hit ur pc with a full system Mbam scan, and after the mess is almost cleaned slap it with a Combofix too..

    Double check that your Mbam is completely up to date too..

    Mbam = Malwarebytes
  2. You don't just delete the seutp files, you actually need to uninstall the program.

    As far as the winlogon issue, what you killed was the real file, which is in Windows, not in your user/Roaming directory. The one in your user directory is a virus.

    Let Malwarebytes clean out what it found.
  3. never kill files like that if you dont know what they are

    many viruses are like barnicles they attach themselves to system files to make themself's hard to remove without a bootcd or a good antivirus

    go on repair file if that option is availble

    why not try a program that stops viruses infecting like a hips (host based intrustion prevension system)

    one i recomend is comodo, there is a steep learning curve at first but after a while it dosnt even alert you at all and makes your computer much safer (its like everything it may be much more secure but that dosnt mean its impossible to get viruses)
  4. So your not using any kind of anti-virus program?

    Your best bet is to burn/backup any important data to a cd or backup hdd before it's too late, then format the infected drive and re-install windows fresh.

    Then use Microsoft Security Essentials (free) for your anti-virus. You can also install MWB too.
  5. I have Avast!, yet I don't know why it didn't stop these virus'.

    Did everything you guys said and I have them all gone. :) Didn't realize at first that it was in roaming.

    Everything's fixed, thanks for the help! Computer is running a lot better now.
  6. Trash Avast. Use free Security Essentials from Microsoft and keep Malwarebytes installed too.
Ask a new question

Read More

Security Computers Registry Windows 7