mrgigabyte

why would it be happen-in now though nothing has change with my internet connection and why would the other machines in my home be just fine its only the xp machine the others are 7 32 and 64 and vista

i been with MBAM since the beginning i have never had a problem with data base updating till version 1.46 i have done what noknojon said to do and it works for maybe a few weeks or so . i use mbam once a week to make sure my computer is clean or if i need to scan a file to make sure its clean,it got to the point i just uninstall and reinstall i hope this can be fix with a new version , i do also have to say this computer that it happening on is xp and my other machine windows 7 64 bit it has never happen to so maybe it is a problem with xp with this version because like i said never had this problem never thanks mrgigabyte

hi i just install version 130 and before this version everything was clean now with this new version i am getting a Trojan dialer i was wondering if this is a false or should i delete it heres the log thank you mrgigabyte Malwarebytes' Anti-Malware 1.30 Database version: 1316 Windows 5.1.2600 Service Pack 2 10/24/2008 11:13:44 PM mbam-log-2008-10-24 (23-13-37).txt Scan type: Quick Scan Objects scanned: 52851 Time elapsed: 3 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7aa32fc7-133b-4ae7-998e-ced0d9829b12} (Trojan.Dialer) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

thanks nosirrah i'll let u know how it goes when the new def comes out mrgigabyte

hi to all i think this might be a false positive the file the program is looking at was created in 1999 C:\WINDOWS\twain_16.dll heres the scan report Malwarebytes' Anti-Malware 1.20 Database version: 944 Windows 5.1.2600 Service Pack 2 11:13:51 AM 7/13/2008 mbam-log-7-13-2008 (11-13-43).txt Scan type: Quick Scan Objects scanned: 45327 Time elapsed: 4 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\twain_16.dll (Backdoor.Bot) -> N i check back later thanks mrgigabyte

hi rubber duckly i just got the update, been on computer for about 5 minutes and everything is great, thanks for the fix thanks again mrgigabyte

hi rubber duckly it has been since the beginnig of june that we been waiting for database 175 how much longer do you think it be ps i know you guys are very busy and thanks for everything you do mrgigabyte

Registery Key SpyGuard HKEY_LOCAL_MACHINE\SOFTWARE\AntiSpyware this is being pick up from my rogue remover and like i said this is only started happening since data base 174 hi rubber duckly i went to registy editor and was checking this out and this leads to documents and settings\all users\application data\sunbelt software\counterspy\ and there is 5 entries in it default reg_sz not set apreglocation reg_sz scanreglocation reg_sz servicereglocation reg_sz userpath reg_sz what should i do delete this or is this a false i am running counterspy for real protection and your antispyware for on deman could you tell what to do i be checking back again to see what you have to say about this thanks mrgigabyte

hi rubber duckly i put in the new data base on my computer and ran a scan and it came up with this Registery Key SpyGuard HKEY_LOCAL_MACHINE\SOFTWARE\AntiSpyware since the other data base was not picking up anything and it being clean i decided to run a scan on my other computer before i updated the to 174 and it was clean nothing then i updated to 174 and the same thing came up spyguard on my second computer. i am thinking this could be a false alert could you look in to this thanks mrgigabyte

hi nosirrah i notice your answer so is minibug ok to get rid of , i do use weatherbug so what to do get rid mimibug or put in ignore list thanks mrgigabyte

hi everyone everything went find with update one computer hang ,but only one time i do have a question through with version 1.10 both of my computers are clean and with version 1.11 i am getting some registy finds heres the scans on both computers Malwarebytes' Anti-Malware 1.11 Database version: 599 Scan type: Quick Scan Objects scanned: 32164 Time elapsed: 3 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken. HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Malwarebytes' Anti-Malware 1.11 Database version: 599 Scan type: Quick Scan Objects scanned: 31879 Time elapsed: 2 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) am i ok to quarantine this or is it a false from what i think the coupons and popcap would ok to quarantine but i do have weatherbug on both computers i think minibug is weatherbug and if that is i would have to ignore that thanks mrgigabyte i check back later for anwser

hi everyone The update went smoothly through the internal updater. The program did not ask me for a reboot also, Everything is working great. mrgigabyte

hi rubby ducky once again , lol sorry for the confusion i did do a scan on the wrong file but when i went back and tried to do the scan on all the correct files with virustotal and i attached the file to thier site and hit sent , i kept coming up with zero byte recieved like it wasnt working right but it did it will and 9 files so i dont know whats going on .... also wanna say i manually looked up every bad file and did the right click option and did a scan with anti malware and the all cliamed to be clean , so i dont know the deal also with the full scan with anti malware when it get to the heuristics part , thats were its picking the 9 bad file , i just did a scan again quaratined them leave them for a week if compter works well , ship them on the next boat to the bottom of the ocean , what you think , lol thank you again , ace / mrgigabyte's brother in law

hi rubby ducky im a little bit confused we did one file upload only to virustotal it was the first on the lass.exe one and these are the rusults i got from it , what does it mean how do i know if its a infected file or how do i know that its a ok file to keep , im pleasently confust ...... heres the results from the virustotal File lsass.exe received on 02.21.2008 00:52:48 (CET) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 0/32 (0%) Loading server information... Your file is queued in position: 8. Estimated start time is between 60 and 86 seconds. Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend your file. Your file is being scanned by VirusTotal in this moment, results will be shown as they're generated. Compact Print results Your file has expired or does not exists. Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished. Email: Antivirus Version Last Update Result AhnLab-V3 2008.2.20.0 2008.02.20 - AntiVir 7.6.0.67 2008.02.20 - Authentium 4.93.8 2008.02.20 - Avast 4.7.1098.0 2008.02.20 - AVG 7.5.0.516 2008.02.21 - BitDefender 7.2 2008.02.20 - CAT-QuickHeal 9.50 2008.02.20 - ClamAV 0.92.1 2008.02.21 - DrWeb 4.44.0.09170 2008.02.20 - eSafe 7.0.15.0 2008.02.20 - eTrust-Vet 31.3.5550 2008.02.20 - Ewido 4.0 2008.02.20 - FileAdvisor 1 2008.02.21 - Fortinet 3.14.0.0 2008.02.19 - F-Prot 4.4.2.54 2008.02.20 - F-Secure 6.70.13260.0 2008.02.20 - Ikarus T3.1.1.20 2008.02.20 - Kaspersky 7.0.0.125 2008.02.21 - McAfee 5234 2008.02.20 - Microsoft 1.3204 2008.02.20 - NOD32v2 2890 2008.02.20 - Norman 5.80.02 2008.02.20 - Panda 9.0.0.4 2008.02.20 - Prevx1 V2 2008.02.21 - Rising 20.32.22.00 2008.02.20 - Sophos 4.26.0 2008.02.20 - Sunbelt 3.0.884.0 2008.02.19 - Symantec 10 2008.02.20 - TheHacker 6.2.9.225 2008.02.21 - VBA32 3.12.6.1 2008.02.17 - VirusBuster 4.3.26:9 2008.02.20 - Webwasher-Gateway 6.6.2 2008.02.20 - Additional information File size: 7680 bytes MD5: 6a0e382e74280e4cc0df17fe2661d003 SHA1: 1ec718bdc35d708d028233114a3fd0d41c7b9064 PEiD: -

hi all i was at my brother in laws house and i was scanning his computer with the free version of anti-malware and we picked up a few differant things and we dont know if they are all safe or not to remove , or if the are all false things just popping up some one help me out please , thank you very much for your time once again all heres the results of the scan Malwarebytes' Anti-Malware 1.04 Database version: 385 Scan type: Quick Scan Objects scanned: 26321 Time elapsed: 6 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 9 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\lass.exe (Worm.Rbot) -> No action taken. C:\WINDOWS\system32\esunid32.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\DEBUG.DLL (Rootkit.Haxdor) -> No action taken. C:\WINDOWS\system32\drivers\Ygt33.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\admparsev.exe (Trojan.Zapchast) -> No action taken. C:\WINDOWS\system32\drivers\ctl_w32.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\tdlsoui.dll (Rootkit.MalwareDestructor) -> No action taken. C:\WINDOWS\system32\drivers\chm49.sys (Rootkit.Agent) -> No action taken. C:\WINDOWS\system32\drivers\khtml.sys (Rootkit.Rustock) -> No action taken. hope to here back from you soon,

hi all just wanted to report that i did a scan with new updated defs and all clean great work guys mrgigabyte

rubber duckly & bruce i am getting this on only one machine with def 326 , my other two machines come clean Malwarebytes' Anti-Malware 1.02 Database version: 326 Scan type: Quick Scan Objects scanned: 24159 Time elapsed: 1 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\MrGigabyte\Application Data\ezpinst.exe (Heuristic.Malware) -> No action taken. thanks i check back mrgigabyte

hi all i just updated and ran a scan and alls clean now thanks for for the fast help guys Malwarebytes' Anti-Malware 1.02 Database version: 320 Scan type: Quick Scan Objects scanned: 24557 Time elapsed: 3 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) mrgigabyte

thanks for the fast answer, i am not home right now, but when am and i see a new def update i will scan and report back thanks mrgigabyte

hi eveyone just wondering if rubber ducky or bruce can help me out i did a scan on all my computers and all fine and clear except for my third one it keeps picking up these two Malwarebytes' Anti-Malware 1.02 Database version: 318 Scan type: Quick Scan Objects scanned: 24437 Time elapsed: 4 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{b9191f79-5613-4c76-aa2a-398534bb8999} (Trojan.Clicker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{b9191f79-5613-4c76-aa2a-398534bb8999} (Trojan.Clicker) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) only thing i can think of is that i installed turbotax on this computer few days ago , thats the only differance between all my computers im just wondering if its ok to quaratine/delete or is it just a false thank you and hope to here from you guys , ill check later mrgigabyte

hi i would like also to see is to run a scan you could have it set for weekly or daily , updates daily through i would not touch that thanks mrgigabyte

i edit this reply because i made a mistake entering this one i wanted to enter only one below is my Suggestion sorry mrgigabyte

hi everyone just updated my computers and everything went great with going through the updater and i have to say i like the new log button. running very smooth , i did delete the log shortcut in start all programs through, but i did use the updater to get new version instead of unstalling first so thats might be why it was there , and i think its better in the program to view anyways , next thing i would like to see is to run a scan you could have it set for weekly or daily , updates daily through i would not touch that mrgigabyte

hi all i just wanted to report since it been 1 day that everything is still running great mbam is very low in system about 14.000 total i see a little bit of surge but like rubber duckly said it only for a little bit at the begining then it does gets lower . if it can be fix it would be great other wise i am very happy with this product just like rogue remover mrgigabyte

hi rubber duckly i am reporting back to you , I am very glad to say all is OK with my computers with the monitor enable runnig very smooth thanks again mrgigabyte