Jump to content

Blue452

Members
  • Content Count

    17
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Blue452

  • Rank
    New Member
  1. My question: Since the latest database is currently no longer flagging these files and I have these files in quarantine, would you recommend that I restore them or just leave them in quarantine for now? I'm not sure what to do. Thank you. Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{661e32fd-a5f0-49bc-96cc-d872fe10a7dc} (AdWare.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3296405e-e08f-4442-801e-3dcd2c6aa82c} (AdWare.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bf0118d4-63ff-4138-9327-f3028fb1a578} (AdWare.WebHan
  2. In answer to Amethyst's post #25, I currently have these items in quarantine as shown below and upon reboot/shutdown, my computer is fine. We always turn off the computer when not in use and so far, no problems. Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{661e32fd-a5f0-49bc-96cc-d872fe10a7dc} (AdWare.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3296405e-e08f-4442-801e-3dcd2c6aa82c} (AdWare.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bf0118d4-63ff-4138-9327-f3028fb1a578} (AdWare.WebHancer) -> Quarantined and d
  3. Thank you to all you who have responded to this thread. "Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{661e32fd-a5f0-49bc-96cc-d872fe10a7dc} (AdWare.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3296405e-e08f-4442-801e-3dcd2c6aa82c} (AdWare.WebHancer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bf0118d4-63ff-4138-9327-f3028fb1a578} (AdWare.WebHancer) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\Web\Wallpaper\welcome\AWhelper.dll (AdWare.WebHancer) -> Quarantined and deleted successfully." As you ca
  4. I scanned my computer this morning and below is a copy of my log. It says I have 4 infections. The files are now in quarantine. Are they false positive or real? After your determination, please let me know what I should do next? I have a HP computer with the following: XP SP3, IE8, and NIS 2010. Malwarebytes' Anti-Malware 1.44 Database version: 3917 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/26/2010 7:36:52 AM mbam-log-2010-03-26 (07-36-52).txt Scan type: Full Scan (C:\|D:\|L:\|) Objects scanned: 279979 Time elapsed: 2 hour(s), 0 minute(s), 53 second(s) Memory Pr
  5. Below is a log of the scan I ran a few minutes ago. Is this a false positive? I looked up this file in my system 32 directory and the file is dated 8/9/04. Malwarebytes' Anti-Malware 1.41 Database version: 2912 Windows 5.1.2600 Service Pack 3 10/5/2009 5:04:45 PM mbam-log-2009-10-05 (17-04-41).txt Scan type: Quick Scan Objects scanned: 111480 Time elapsed: 12 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No mal
  6. Is below a false positive? Not being an expert, I just pressed the option to save the log file and it saved it in the My Documents folder. Then I exited MBAM without doing anything else because I wasn't sure what to do - whether to remove, ignore (I had doubts whether this was an actual infected file). Isn't "jusched.exe" a legitimate java file? Note: This is my first scan with version 1.41. Malwarebytes' Anti-Malware 1.41 Database version: 2785 Windows 5.1.2600 Service Pack 3 9/12/2009 8:43:35 AM mbam-log-2009-09-12 (08-43-25).txt Scan type: Quick Scan Objects scanned: 111105 Time elapsed:
  7. See also my response on Post #8. I couldn't figure out how to do a double quote. I'm attaching the file you requested. I think I did it right. My friend told what to do. I went into c:\windows and found the file; copied it and zipped it. Hope this is what you wanted. Even though I said in Post #8 that database 2256 did not show an infection, will you please still check this file out that database 2252 flagged out as an infection. Thank you. kb913800.zip kb913800.zip
  8. Sorry about that. Before I came on again, I did a scan with the latest definition 2256 and it showed no infection. I'm clueless about the file that you needed. Are there instructions on how to do this for any future infection that shows up on my scan? Thank you. Hopefully next time I can do it right. Blue452 Inexperience user
  9. As requested, the zip file. I hope I did it correctly; it's my first time doing this. mbam_log_2009_06_08__22_00_41_.zip mbam_log_2009_06_08__22_00_41_.zip
  10. I also would like to know if this is a false positive. Below is my log: Malwarebytes' Anti-Malware 1.37 Database version: 2252 Windows 5.1.2600 Service Pack 3 6/8/2009 10:00:50 PM mbam-log-2009-06-08 (22-00-41).txt Scan type: Quick Scan Objects scanned: 96772 Time elapsed: 5 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registr
  11. Please ignore my above post (#12). After my thinking cleared a bit, I decided to do a "restore" since all the posts above indicated this was likely a false positive. And then I rescanned and this time, nothing was detected.
  12. Rel to Post #10. Thank you for answering my post. I'm not a computer expert and I have no experience in the registry. Should I just restore this item and rerun the scan.
  13. I got same entry when I scanned a few minutes ago and hit the removal button. My log says . . . Quarantined and deleted successfully. I have a question: If this is a false positive, what did Malwarebytes delete and quarantine? Blue452 XP SP3 IE6
  14. Sorry about Post #3. Will a moderator please delete it? I don't know what I did for Post #3 to post with a quote (happened too fast) and couldn't find an edit button to make a revision. All I wanted to do was to say thank you to exile360 for responding to my question - so thank you exile360. A newbie
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.