Malwarebytes Question - OK to Close

Richard Sinkler · Post by **Richard Sinkler** » 15 Jun 2015 4:02 pm

Every morning, I get a notification that MBAM has found a pup. It asks if I want to remove it. I say yes and allow MBAM to restart my computer, as it says I need to do. Then the next morning, the same notification shows up. I wrote down the message and it is always the same registry entry. I have gone into the registry twice now, and that entry does not exist.

This is from a program called Optimizer Pro. The program has been uninstalled using Revo uninstaller. I used Ccleaner after that. Why doesn't MBAM remove the unwanted entry like it says it did?

Wiz Feinberg · Post by **Wiz Feinberg** » 15 Jun 2015 5:14 pm

Can you copy and paste the Registry branch and key in question? It might be a problem of account privileges. Are you operating out of a less privileged account, as I recommend?

Richard Sinkler · Post by **Richard Sinkler** » 15 Jun 2015 6:32 pm

Yes. I only have user priveledges. But, when I do anything like this, I log in under an administrator account. I'll have to manually write the message out again. MBAM doesn't let me copy the info from the error table. I'll get it when I can.

Scott Duckworth · Post by **Scott Duckworth** » 16 Jun 2015 4:11 am

Richard, while the window is up with the error description in it, hit Print Screen on your keyboard. Then open a picture editor and hit paste in it's menu. You can then save the screen shot as a picture and post it here.

Richard Sinkler · Post by **Richard Sinkler** » 16 Jun 2015 5:37 am

Scott... I always forget about that. Windows 7 actually has a program to get a screen shot. And you can crop it so you have a specific area. It save a jpg file. It works really good. But, I always forget about it.

The good news is, it didn't crop up this morning. Well, at least not yet.

Wiz... I think you can close this.

Dave Potter · Post by **Dave Potter** » 16 Jun 2015 6:47 am

Richard Sinkler wrote:Scott... I always forget about that. Windows 7 actually has a program to get a screen shot. And you can crop it so you have a specific area. It save a jpg file. It works really good. But, I always forget about it.

Yep - it's called the "Snipping Tool". It's in the Programs/Accessories folder. I keep it on the taskbar as a quick launch icon, I use it so much. Very useful.

Jim Smith · Post by **Jim Smith** » 16 Jun 2015 3:54 pm

Scott Duckworth wrote:Richard, while the window is up with the error description in it, hit Print Screen on your keyboard. Then open a picture editor and hit paste in it's menu. You can then save the screen shot as a picture and post it here.

Even better, use Alt-PrtScn and it will capture a screen shot of only the active window, so no trimming needed.

Dave Potter · Post by **Dave Potter** » 16 Jun 2015 4:49 pm

Jim Smith wrote:Even better, use Alt-PrtScn and it will capture a screen shot of only the active window, so no trimming needed.

But there are numerous occasions where one doesn't want or need to capture the entire screen, along with the concommitant larger file size.

That's when the Windows Snipping Tool shines. You get the option to click and drag a pull-down section of only the portion that contains the information you want, not the entire screen, saving and naming the image whatever you want. I find it invaluable for saving online purchase confirmations where the pertinent data only comprises a small part of my screen.

Richard Sinkler · Post by **Richard Sinkler** » 16 Jun 2015 5:02 pm

The snipping tool is worth it's weight in gold. Oh wait, it doesn't really weigh anything. Dumb ole me. lol

Pinning it to the taskbar is a good idea. Then I won't forget about it.

Wiz Feinberg · Post by **Wiz Feinberg** » 16 Jun 2015 8:44 pm

Richard;
Are you sure you want me to close this topic? If so, I will close it. Otherwise, we are getting some good tips from other members.

Richard Sinkler · Post by **Richard Sinkler** » 17 Jun 2015 10:36 am

You can leave it open if you feel it is good to do so. It is always good to get people's opinions and ideas.

Wiz Feinberg · Post by **Wiz Feinberg** » 17 Jun 2015 1:24 pm

The best info in this topic is about the Windows Snip Tool. With it you can draw a perimeter around anything onscreen, then either "copy" or save it to disk. Then, in addition to sending it to a recipient, you can open your preferred graphics editor and do as you will with the copied/saved image.

As for the detection at the root of this topic, it seems to be a permissions or a file restore issue that caused the same entry to reappear after it was removed by MBAM. I think it is most likely that MBAM didn't operate at the same level as the registry key in question. Thus, the key was not actually removed when the editor was closed. Sometimes, one has to take ownership of particular registry branches, keys, or sub-keys, to edit or delet them for realzies.