Transcription
Malwarebytes Malware RemediationUser GuideVersion 2.516 September 2015
NoticesMalwarebytes products and related documentation are provided under a license agreement containing restrictions onuse and disclosure and are protected by intellectual property laws. Except as expressly permitted in your licenseagreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit,distribute, exhibit, perform, publish, or display any part, in any form, or by any means. You may copy and use thisdocument for your internal, reference purposes only.This document is provided “as-is.” The information contained in this document is subject to change without noticeand is not warranted to be error-free. If you find any errors, we would appreciate your comments; please report themto us in writing.The Malwarebytes logo and Malwarebytes Malware Remediation are trademarks of Malwarebytes. Windows,Windows Vista, Windows 7, Windows 8 and Windows 10 are registered trademarks of Microsoft Corporation. ArcSightis a registered trademark of Hewlett-Packard Development Company. L.P. All other trademarks or registeredtrademarks listed belong to their respective owners.Copyright 2015 Malwarebytes. All rights reserved.
Contents1.0Introduction .12.0Using Malwarebytes Malware Remediation .31.11.21.31.42.12.2What’s New . 1Key Features. 1System Requirements . 2External Access Requirements . 22.2.1License Key Status . 3Getting Started . 3Interactions with Anti-Rootkit Scanning. 52.3Remediation Now or Later? . 52.42.5Excluding Items from Scanning . 7Restoring Items from Quarantine. 82.3.12.3.22.3.33.03.13.23.34.0Command Line Parameters . s . 10Command Line Overview . 10Command Line Reference . 11register .11update .11version .11scan .12errorout .15quarantine .15settings .16Scan Log . 184.1.14.1.24.1.34.2Remediation Scan . 5Selective Remediation Scan . 5Diagnostic Scan . 74.2.14.2.24.2.34.2.44.2.54.2.64.2.7 header Section . 18 date .18 logfile .18 isadmin .18 engine Section . 18 version .18 malware-database .18 rootkit-database .19 licensedatabase .19 file-protection .19 web-protection .19 self-protection .19
4.3 system Section . 194.4 summary Section . 204.5 options Section . 214.6 items Section . 234.74.8Sample Log File . 23Sample Scan Progress File . 4.6.34.6.44.6.54.6.65.0 hostname .19 ip .19 osversion .19 arch .19 username .19 filesys .20 type .20 result .20 objects .20 time .20 processes .20 modules .20 keys .20 values .20 datas .20 folders .20 files .20 sectors .21 memory .21 startup .21 filesystem .21 archives .21 rootkits .21 deeprootkit .21 heuristics .21 pup .21 pum .22 path .23 vendor .23 action .23 hash .23 baddata .23 gooddata .23Third Party Project Usage. 25
1.0IntroductionMalwarebytes Malware Remediation is designed to allow business users to detect and remove malware fromcomputers. It is built upon the power of our flagship anti-malware product, Malwarebytes Anti-Malware, which allowsMalwarebytes Malware Remediation to run in environments which often render other anti-malware applicationshelpless.Malwarebytes Anti-Malware is considered to be the next step in the detection and removal of malware. We havecompiled a number of new technologies that are designed to quickly detect, destroy, and prevent malware.Malwarebytes Anti-Malware can detect and remove malware that even the most well-known antivirus and antimalware applications on the market today cannot.Implementation in a portable form provides increased flexibility for IT staff to quickly and easily deploy the product,use it to remediate threats, gather logs, and continue with their daily tasks – all without a large investment in time orresources.1.1What’s NewThe following changes have been made in version 2.5 of Malwarebytes Malware Remediation. 1.2Ability to selectively restore files using two different methodsAdded command to specify program environmental settingsAdded setting to enable/disable color display, which caused issues with some deployment utilitiesAdded capability to track endpoint name and IP address in scan logAdded capability to exclude several types of objects from scanningKey FeaturesMalwarebytes Malware Remediation offers the following key features: Selective remediation capabilityRemediation of earlier scan results without requiring a second scanFour different types of scans to analyze your computer for malware threats, regardless of whether they arebased in memory, file system or registryAbility to perform full scans for all local drivesAbility to utilize Malwarebytes threat signature updates, assuring that even the newest threats can bedetectedIntelligent heuristics to analyze potential threats when they are designed to evade signaturesAbility to quarantine detected threats, and to restore if neededAbility to deploy product to computers using your preferred methodsAbility to exclude several object types from scanningCommand line capabilities allow IT staff to modify certain program configuration settings, execute scans, andgather logs through integration with customer-supplied scripts, batch files, and group policy updatesProduct leaves no lasting footprint on computerM
Malwarebytes Malware Remediation User Guide Page 1 1.0 Introduction Malwarebytes Malware Remediation is designed to allow business users to detect and remove malware from computers. It is built upon the power of our flagship anti-malware product, Malwarebytes Anti-Malware, which allows Malwarebytes Malware Remediation to run in environments which often render other anti-malware
