I did a custom scan where I included memory to be scanned and it keeps telling me all 13 of the Svchost.exe are viruses. I scanned the folder where that exe is located and there is no sign of a virus. So does anyone have any idea?
DO NOT use the “scan memory” setting as this will give some strange scan results…
dont change the scan settings if you do not know the result…use default settings
and since you are not the first on to do this you will find lots of cases if you search the forum…
I am just thinking out load here. Is it possible that we are detecting malware definitions in RAM? I have seen this occur when checking the pagefile. This was due to Windows Defender definitions paged from RAM to the hard disk.
Is it possible that we are detecting malware definitions in RAM?That is usually what`s detected if you have other security programs installed and use the "scan memory" setting
well yes i dont know why people use memory scan as today malware doesnt hide in memory such as rootkits so that scan is useless. :-\
Sorry, disregard the first two replies, operator error, lol, I’m just learning what to do, so if I understand this correctly it is better not to use the “memory” in a custom scan? I am only using the free version which I keep up to date. I also received a warning that I have seven viruses pertaining to “Process 3064[mbamservice.exe]memory block 0x000000000129,block size 2097152 - Severity is High - Status is Threat Win32:Crypt-GCA [trj]”, the others are all in the memory block also. I do have Malwarebytes’ Pro, so are not really viruses but virus definitions?
Yes. Anything tied to MBAM itself (mbamservice) when you scan memory can be ignored. Same for any other security related things you might have, like Windows Defender.
edit: And just to 3rd the motion, scanning memory is more or less useless.
Moreover, scanning itself with your running AV is highly overrated and overused, jmo, but scanning more than once a week with your resident AV is more than enough, as its scanning all the time anyway, I keep it to once a month.
Thanks for answering. Now I’ll finish reading how to properly post and reply to a post, lol. Happy Holidays!!!
I would say anything could be a potential malware, but the real point is not exactly to disregard things found in specific locations, but instead DO NOT USE MEMORY SCAN, except when specifically instructed to. And if you do scan memory and you find something, then reboot and use the same scan again but without the memory included in the scan.