-
Posts
14 -
Joined
-
Last visited
Reputation
0 Neutral-
Update without launching application.
Everest replied to Everest's topic in Malwarebytes for Windows Support Forum
how can I edit my original post ? you might ask why I want to update without launching mbam, it's because I use it to scan individual downloaded files, so atm I launch mbam, update, exit application then scan files using context menu. it will be much easier to update the signature using Updater.exe or any other method. anyone ? -
why can't I edit my last post your software or website should have a function to upload suspicious files to analysis, like Avira: http://analysis.avira.com/samples/index.php is there anywhere I can upload these files for you ? and how do I save/upload a registry entry ??
-
because my system is clean, I used Avira Antivir Personal, spyware doctor and Windows Defender. they didn't find anything. also your software is known of false positive and I don't want to delete files is windows directory or registry. please examine these carefully to determine false positive, or should I delete them. please take this seriously because I don't want to corrupt my system after deleting a necessary Windows file or registry. thanks for the response.
-
Malwarebytes' Anti-Malware 1.40 Database version: 2675 Windows 6.0.6002 Service Pack 2 8/22/2009 9:38:47 AM mbam-log-2009-08-22 (09-38-34).txt Scan type: Full Scan (C:\|F:\|) Objects scanned: 204421 Time elapsed: 45 minute(s), 10 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{2284810d-15b5-41a2-9393-fb06709d6712} (Trojan.FakeAlert) -> No action taken. [4054423730922326212626686620141921701914216919231425256719141917242125251920686 8672694] HKEY_CLASSES_ROOT\Typelib\{69499ca3-24e2-4d26-88b2-20748823ccb9} (Trojan.FakeAlert) -> No action taken. [4054423730922326212626686620141921701914216919231425256719141917242125251920686 8672694] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a51d8fa4-c859-473d-9e18-fa0c59d16fa3} (Trojan.FakeAlert) -> No action taken. [4054423730926622186925716621146825222614212420691426701825147166176822266918237 1662094] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a51d8fa4-c859-473d-9e18-fa0c59d16fa3} (Trojan.FakeAlert) -> No action taken. [4054423730926622186925716621146825222614212420691426701825147166176822266918237 1662094] Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\ProgramData\SecurePCCleaner (Rogue.PCCleaner) -> No action taken. [37425130362761498380728366783766856661527068868370493636777066797083] Files Infected: C:\Windows\oflink.ini (Trojan.FakeAlert) -> No action taken. [385753513430362761567479698088846180717774797615747974] C:\Windows\OFLink.js (Trojan.FakeAlert) -> No action taken. [3857535134303627615674796980888461483945747976157584]
-
I get several false positives when performing a Full scan, please confirm these false positives. Log attached. mbam_log_2009_08_22__09_38_34_.txt
-
MBAM does not detect the file anymore !!! maby detection was removed with the update !! the file is still in C:/windows/system32 .. detection for the file was removed and MBAM no longer detect the file !! should I delete it manually ? if so, make shore to add it back to the detection file. what does MD5 mean anyway? thanx,
-
Do you know what is this exactly?
-
Uploaded the file Winhost.exe in zip format: http://www.malwarebytes.org/forums/index.php?showtopic=12683 good luck B)
-
I've found this after quick scan, sent it to VirusTotal and the result is Clean! http://www.virustotal.com/analisis/b70f009...2014e4285601160 False Positive? B) mbam_log_2009_03_16__05_53_34_.txt mbam_log_2009_03_16__05_53_34_.txt
-
what filter ? installed where ? so .. I don't get it.. Is the file infected? I will update and restore the file and scan again .. thanx
-
This link? http://www.virustotal.com/analisis/447c1bb...643f99b8d9205ca this is the page that shows results for Winhost.exe Looks fine (except for one engine that flagged it)
-
Is this file part of my OS? is it infected? can I clean the file without deleting it? it's probably False positive because me Avira Antivir say it's clean.. any help is welcomed ... thank you P.S. I did run dev mod as suggested and attached the Log .. hope you can help me with that B) mbam_log_2009_03_12__20_40_13_.txt mbam_log_2009_03_12__20_40_13_.txt