Jump to content

mbamuser2103

Members
  • Posts

    5
  • Joined

  • Last visited

Posts posted by mbamuser2103

  1. Scan Date: 7/10/2016
    Scan Time: 19:46
    Logfile: MBAM_scan.txt
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.07.10.05
    Rootkit Database: v2016.05.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8
    CPU: x64
    File System: NTFS
    User: (removed)

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 279658
    Time Elapsed: 13 min, 29 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Warn

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 3
    PUM.Optional.HomepageControl, HKLM\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|HomePage, 1, Good: (0), Bad: (1),,[005d48dafe9c88ae69149adf59abf10f]
    PUM.Optional.HomepageControl, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|HomePage, 1, Good: (0), Bad: (1),,[d38a071b1f7bc472f38ae792c04428d8]
    PUM.Optional.HomepageControl, HKU\S-1-5-21-2223825472-245051289-694463212-1001\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|HomePage, 1, Good: (0), Bad: (1),,[a3bad052643641f5fd7fe69326deb050]

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    Five years later, no development on the subject:

    1. Same "detections": No malicious items detected.

    2. The only Malware is: the User who make settings on his own system.

    3. The so called most recent version cannot even recognise the Operating System which is:  Windows 10.

    Thanks.  :(

  2. This Registry Setting:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel

    "HomePage"=dword:00000001

    for locking Internet Explorer Home Page itself, with no other infections detected, is not "Bad" as Malwarebytes Anti-Malware detects:

    Registry Data Items Infected:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0)

    No other Infections detected.

    This is a Group Policy Setting every administrator can apply:

    Group Policy > User Configuration > Administrative Templates > Windows Components > Internet Explorer > Disable Changing Home Page Settings > Settings Tab - Checked: Enable

    as well as a setting in "SpyBot Search & Destroy" to protect changing Internet Explorer Home Page.

    In my case, this is a security setting apllied by the administrator. I do not use and do not want to set or change Home Page in Internet Explorer, I open Internet Explorer without Home Page using -nohome shortcut:

    "C:\Program Files\Internet Explorer\iexplore.exe" -private -nohome

    Thanks. :lol:

  3. Hello.

    This file is alarmed by Malwarebytes and seems to be a false positive:

    Belongs to: Stud_PE v2.6.0.5 - The Portable Executables Viewer/Editor

    Developer's Home Page

    File: Stud_PE.zip\Plugins\ZDRx.dll (5 kB)

    Description: dll in the Plugins Section

    VirusTotal Results - 0 of 42

    Malwarebytes Log file:

    Malwarebytes' Anti-Malware 1.46

    www.malwarebytes.org

    Database version: 4344

    Windows 5.1.2600 Service Pack 3

    Internet Explorer 8.0.6001.18702

    7/24/2010 22:03:07

    mbam-log-2010-07-24 (22-03-07).txt

    Scan type: Quick scan

    Objects scanned: 1

    Time elapsed: 5 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 1

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    C:\Documents and Settings\Administrator\Desktop\Stud_PE v2.6.0.5\Plugins\ZDRx.dll (Malware.Packer.Gen) -> No action taken.

    Thanks. :)

    mbam_log_2010_07_24__22_03_07_.txt

  4. The problem lasts for months and seems will not be resolved soon. I am not going to tell the moderator how many times Adobe Acrobat Pro had been re-installed-repaired ( ~ 2 GB installation) because of not being aware of the reason.

    So, the 2 problematic items should be put in MBAM Ignore List making sure copies of acaptuser32.dll and registry entry are preserved.

    Thanks. :(

  5. After a scan performed according to the log-file presented below, there are two items infected: file acaptuser32.dll and one of its registry keys. The file belongs to Adobe Acrobat Rpo Capture 3D Plug-in and after removing it, Acrobat generates an error message:

    "Warning: A part of the Capture 3D plug-in has been damaged."

    mbam_01.jpg

    mbam_02.jpg

    To resolve the problem, repair Acrobat Pro: Help > Repaire Acrobat Installation or Restore the items from MBAM Qarantine or add them to MBAM Ignore List.

    Learn more about the Adobe's file acaptuser32.dll from this Adobe Article:

    acaptuser32.dll

    Malwarebytes' log-file:

    Malwarebytes' Anti-Malware 1.34

    Database version: 1880

    Windows 5.1.2600 Service Pack 3

    3/21/2009 11:49:18 AM

    mbam-log-2009-03-21 (11-49-18).txt

    Scan type: Quick Scan

    Objects scanned: 68710

    Time elapsed: 3 minute(s), 16 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 1

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 1

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\acaptuser32.dll (Trojan.Agent) -> Quarantined and deleted successfully.

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    C:\WINDOWS\system32\acaptuser32.dll (Trojan.Agent) -> Quarantined and deleted successfully.

    Thanks. :(

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.