mrgigabyte

why would it be happen-in now though nothing has change with my internet connection and why would the other machines in my home be just fine its only the xp machine the others are 7 32 and 64 and vista

i been with MBAM since the beginning i have never had a problem with data base updating till version 1.46 i have done what noknojon said to do and it works for maybe a few weeks or so . i use mbam once a week to make sure my computer is clean or if i need to scan a file to make sure its clean,it got to the point i just uninstall and reinstall i hope this can be fix with a new version , i do also have to say this computer that it happening on is xp and my other machine windows 7 64 bit it has never happen to so maybe it is a problem with xp with this version because like i said never had this problem never thanks mrgigabyte

hi i just install version 130 and before this version everything was clean now with this new version i am getting a Trojan dialer i was wondering if this is a false or should i delete it heres the log thank you mrgigabyte Malwarebytes' Anti-Malware 1.30 Database version: 1316 Windows 5.1.2600 Service Pack 2 10/24/2008 11:13:44 PM mbam-log-2008-10-24 (23-13-37).txt Scan type: Quick Scan Objects scanned: 52851 Time elapsed: 3 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7aa32fc7-133b-4ae7-998e-ced0d9829b12} (Trojan.Dialer) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

thanks nosirrah i'll let u know how it goes when the new def comes out mrgigabyte

hi to all i think this might be a false positive the file the program is looking at was created in 1999 C:\WINDOWS\twain_16.dll heres the scan report Malwarebytes' Anti-Malware 1.20 Database version: 944 Windows 5.1.2600 Service Pack 2 11:13:51 AM 7/13/2008 mbam-log-7-13-2008 (11-13-43).txt Scan type: Quick Scan Objects scanned: 45327 Time elapsed: 4 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\twain_16.dll (Backdoor.Bot) -> N i check back later thanks mrgigabyte

hi rubber duckly i just got the update, been on computer for about 5 minutes and everything is great, thanks for the fix thanks again mrgigabyte

hi rubber duckly it has been since the beginnig of june that we been waiting for database 175 how much longer do you think it be ps i know you guys are very busy and thanks for everything you do mrgigabyte

Registery Key SpyGuard HKEY_LOCAL_MACHINE\SOFTWARE\AntiSpyware this is being pick up from my rogue remover and like i said this is only started happening since data base 174 hi rubber duckly i went to registy editor and was checking this out and this leads to documents and settings\all users\application data\sunbelt software\counterspy\ and there is 5 entries in it default reg_sz not set apreglocation reg_sz scanreglocation reg_sz servicereglocation reg_sz userpath reg_sz what should i do delete this or is this a false i am running counterspy for real protection and your antispyware for on deman could you tell what to do i be checking back again to see what you have to say about this thanks mrgigabyte

hi rubber duckly i put in the new data base on my computer and ran a scan and it came up with this Registery Key SpyGuard HKEY_LOCAL_MACHINE\SOFTWARE\AntiSpyware since the other data base was not picking up anything and it being clean i decided to run a scan on my other computer before i updated the to 174 and it was clean nothing then i updated to 174 and the same thing came up spyguard on my second computer. i am thinking this could be a false alert could you look in to this thanks mrgigabyte

hi nosirrah i notice your answer so is minibug ok to get rid of , i do use weatherbug so what to do get rid mimibug or put in ignore list thanks mrgigabyte

hi everyone everything went find with update one computer hang ,but only one time i do have a question through with version 1.10 both of my computers are clean and with version 1.11 i am getting some registy finds heres the scans on both computers Malwarebytes' Anti-Malware 1.11 Database version: 599 Scan type: Quick Scan Objects scanned: 32164 Time elapsed: 3 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken. HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Malwarebytes' Anti-Malware 1.11 Database version: 599 Scan type: Quick Scan Objects scanned: 31879 Time elapsed: 2 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) am i ok to quarantine this or is it a false from what i think the coupons and popcap would ok to quarantine but i do have weatherbug on both computers i think minibug is weatherbug and if that is i would have to ignore that thanks mrgigabyte i check back later for anwser

hi everyone The update went smoothly through the internal updater. The program did not ask me for a reboot also, Everything is working great. mrgigabyte

hi rubby ducky once again , lol sorry for the confusion i did do a scan on the wrong file but when i went back and tried to do the scan on all the correct files with virustotal and i attached the file to thier site and hit sent , i kept coming up with zero byte recieved like it wasnt working right but it did it will and 9 files so i dont know whats going on .... also wanna say i manually looked up every bad file and did the right click option and did a scan with anti malware and the all cliamed to be clean , so i dont know the deal also with the full scan with anti malware when it get to the heuristics part , thats were its picking the 9 bad file , i just did a scan again quaratined them leave them for a week if compter works well , ship them on the next boat to the bottom of the ocean , what you think , lol thank you again , ace / mrgigabyte's brother in law

hi rubby ducky im a little bit confused we did one file upload only to virustotal it was the first on the lass.exe one and these are the rusults i got from it , what does it mean how do i know if its a infected file or how do i know that its a ok file to keep , im pleasently confust ...... heres the results from the virustotal File lsass.exe received on 02.21.2008 00:52:48 (CET) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 0/32 (0%) Loading server information... Your file is queued in position: 8. Estimated start time is between 60 and 86 seconds. Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend your file. Your file is being scanned by VirusTotal in this moment, results will be shown as they're generated. Compact Print results Your file has expired or does not exists. Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished. Email: Antivirus Version Last Update Result AhnLab-V3 2008.2.20.0 2008.02.20 - AntiVir 7.6.0.67 2008.02.20 - Authentium 4.93.8 2008.02.20 - Avast 4.7.1098.0 2008.02.20 - AVG 7.5.0.516 2008.02.21 - BitDefender 7.2 2008.02.20 - CAT-QuickHeal 9.50 2008.02.20 - ClamAV 0.92.1 2008.02.21 - DrWeb 4.44.0.09170 2008.02.20 - eSafe 7.0.15.0 2008.02.20 - eTrust-Vet 31.3.5550 2008.02.20 - Ewido 4.0 2008.02.20 - FileAdvisor 1 2008.02.21 - Fortinet 3.14.0.0 2008.02.19 - F-Prot 4.4.2.54 2008.02.20 - F-Secure 6.70.13260.0 2008.02.20 - Ikarus T3.1.1.20 2008.02.20 - Kaspersky 7.0.0.125 2008.02.21 - McAfee 5234 2008.02.20 - Microsoft 1.3204 2008.02.20 - NOD32v2 2890 2008.02.20 - Norman 5.80.02 2008.02.20 - Panda 9.0.0.4 2008.02.20 - Prevx1 V2 2008.02.21 - Rising 20.32.22.00 2008.02.20 - Sophos 4.26.0 2008.02.20 - Sunbelt 3.0.884.0 2008.02.19 - Symantec 10 2008.02.20 - TheHacker 6.2.9.225 2008.02.21 - VBA32 3.12.6.1 2008.02.17 - VirusBuster 4.3.26:9 2008.02.20 - Webwasher-Gateway 6.6.2 2008.02.20 - Additional information File size: 7680 bytes MD5: 6a0e382e74280e4cc0df17fe2661d003 SHA1: 1ec718bdc35d708d028233114a3fd0d41c7b9064 PEiD: -

hi all i was at my brother in laws house and i was scanning his computer with the free version of anti-malware and we picked up a few differant things and we dont know if they are all safe or not to remove , or if the are all false things just popping up some one help me out please , thank you very much for your time once again all heres the results of the scan Malwarebytes' Anti-Malware 1.04 Database version: 385 Scan type: Quick Scan Objects scanned: 26321 Time elapsed: 6 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 9 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\lass.exe (Worm.Rbot) -> No action taken. C:\WINDOWS\system32\esunid32.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\DEBUG.DLL (Rootkit.Haxdor) -> No action taken. C:\WINDOWS\system32\drivers\Ygt33.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\admparsev.exe (Trojan.Zapchast) -> No action taken. C:\WINDOWS\system32\drivers\ctl_w32.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\tdlsoui.dll (Rootkit.MalwareDestructor) -> No action taken. C:\WINDOWS\system32\drivers\chm49.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\drivers\khtml.sys (Rootkit.Rustock) -> No action taken. hope to here back from you soon,