Yep, Malwarebytes doesn't generally do any file editing, just straight quarantine so unless that is changed, it isn't going to be able to edit the HOSTS file to just remove the individual entries it has detected. In addition, Malwarebytes has a bug in how it scans the HOSTS file during a Normal Scan. Therefore, there is no way to exclude a single entry in the HOSTS file. Malwarebytes appears to have excluded the entire HOSTS file. I unchecked this one entry and told Malwarebytes to 'exclude always'.Ĥ. It detected 1 entry as Hijack.Hosts because of ipm-provider.ff. I then ran a Custom Scan on my C/D drive with 'check for rootkits selected. I unchecked these entries and told Malwarebytes to 'ignore once'.ģ. It detected 80 entries as Hijack.Hosts because of ipm-provider.ff.
I arranged the HOSTS file in single line entries.1 entry per line.Ģ. If that works as expected, then you shouldn't need to exclude the entire HOSTS file and if something malicious modifies it, the bad modifications will still be detected. Next time MBAM detects that line, you *should* be able to tell MBAM to ignore always and it should no longer detect it.
