Denny_M

note that the 3 voices appars from 1 week later ! the samsung voices appars only yesterday. thanks...i attend .

Malwarebytes' Anti-Malware 1.41 Versione del database: 3100 Windows 5.1.2600 Service Pack 2 04/11/2009 22.58.53 mbam-log-2009-11-04 (22-58-46).txt Tipo di scansione: Scansione completa (C:\|) Elementi scansionati: 198980 Tempo trascorso: 1 hour(s), 21 minute(s), 40 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 0 Valori di registro infetti: 0 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 6 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: (Nessun elemento malevolo rilevato) Valori di registro infetti: (Nessun elemento malevolo rilevato) Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: C:\Documents and Settings\All Users\Documenti\DVD programmi\DVD copia\RipIt4Me_1.7.0.0_Installer.exe (Backdoor.Bot) -> No action taken. C:\Documents and Settings\Proprietario\Desktop\PROGRAMMI\PC Utility\UTILITY-NEW\UTILITY\WinXP DOC\GIUGNO1\MIX\DVD copia\RipIt4Me_1.7.0.0_Installer.exe (Backdoor.Bot) -> No action taken. C:\Programmi\Thoosje 2\Sidebar-v2-installer.exe (Backdoor.Bot) -> No action taken. C:\Programmi\Samsung\Samsung PC Studio 3\util\SMSMoveD500.exe (Worm.Koobface) -> No action taken. C:\Programmi\Samsung\Samsung PC Studio 3\util\SMSMoveX800.exe (Worm.Koobface) -> No action taken. C:\Programmi\Samsung\Samsung PC Studio 3\util\SMSMoveZ510.exe (Worm.Koobface) -> No action taken.

another fake ... false/postive ? Infect Files: C:\Documents and Settings\All Users\Documenti\DVD programmi\DVD copia\RipIt4Me_1.7.0.0_Installer.exe (Backdoor.Bot) -> No action taken. C:\Documents and Settings\Proprietario\Desktop\PROGRAMMI\PC Utility\UTILITY-NEW\UTILITY\WinXP DOC\GIUGNO1\MIX\DVD copia\RipIt4Me_1.7.0.0_Installer.exe (Backdoor.Bot) -> No action taken. C:\Programmi\Thoosje 2\Sidebar-v2-installer.exe (Backdoor.Bot) -> No action taken. C:\Programmi\Samsung\Samsung PC Studio 3\util\SMSMoveD500.exe (Worm.Koobface) -> No action taken. C:\Programmi\Samsung\Samsung PC Studio 3\util\SMSMoveX800.exe (Worm.Koobface) -> No action taken. C:\Programmi\Samsung\Samsung PC Studio 3\util\SMSMoveZ510.exe (Worm.Koobface) -> No action taken. Thoosje is the sidebar that i have for 2 year... Samsung studio is the original program of samsung ! real infect this RipItMe4 ? thanks

ok today i try .... but whay you fix ? isn't a infect keys ? best

another false positive on this 6 register keys ?

Malwarebytes' Anti-Malware 1.37 Versione del database: 2227 Windows 5.1.2600 Service Pack 2 04/06/2009 14.04.42 mbam-log-2009-06-04 (14-04-36).txt Tipo di scansione: Scansione rapida Elementi scansionati: 87951 Tempo trascorso: 7 minute(s), 46 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 6 Valori di registro infetti: 0 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 0 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\bfast.com (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\commission-junction.com (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\fastclick.com (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\fastclick.net (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\kqzyfj.com (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\linksynergy.com (Adware.BHO) -> No action taken. Valori di registro infetti: (Nessun elemento malevolo rilevato) Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: (Nessun elemento malevolo rilevato)

infact i update antimalwarebyte and no infect with this file and dll ! but why in this 2-3 weeks some more false/positive in Antimalwarebytes ?

Virus Total (40 antivirus) say is a false /positive !!!!!!!!!!!!!! http://www.virustotal.com/it/analisis/d4af...0d29b08065af14e NO INFECT this file !

Malwarebytes' Anti-Malware 1.36 Versione del database: 2058 Windows 5.1.2600 Service Pack 2 29/04/2009 14.04.29 mbam-log-2009-04-29 (14-04-16).txt Tipo di scansione: Scansione rapida Elementi scansionati: 80945 Tempo trascorso: 18 minute(s), 27 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 5 Valori di registro infetti: 1 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 1 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: HKEY_CLASSES_ROOT\eselleratecontrol.350 (Adware.Esellerate) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{1e958a86-a23b-4659-a6ae-bd85fcd1d544} (Adware.Esellerate) -> No action taken. HKEY_CLASSES_ROOT\Interface\{a3e27dce-dd77-49f4-b566-03fa894c8308} (Adware.Esellerate) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{25982eaa-87cc-4747-be09-9913cf7dd2f1} (Adware.Esellerate) -> No action taken. HKEY_CLASSES_ROOT\eselleratecontrol.350.1 (Adware.Esellerate) -> No action taken. Valori di registro infetti: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\eSellerateControl350.dll (Adware.Esellerate) -> No action taken. Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: C:\WINDOWS\eSellerateControl350.dll (Adware.Esellerate) -> No action taken. False/positive or very infect ? help me ...

...1958 all ok! not keys found ! but why miekiemoes in this last periods MBM have some and continues False/postive? is very inaffidable to scan the pc .... thanks bye

i have 53 key infect but in other file : C:\Programmi\Thoosje Sidebar V2.0\SDPlugins\DXAxHost.dll (Spyware.Agent) update MBM is 1956 ! false/positive or ???? the log: Malwarebytes' Anti-Malware 1.36 Versione del database: 1956 Windows 5.1.2600 Service Pack 2 09/04/2009 14.13.29 mbam-log-2009-04-09 (14-13-23).txt Tipo di scansione: Scansione rapida Elementi scansionati: 74332 Tempo trascorso: 4 minute(s), 28 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 1 Chiavi di registro infette: 51 Valori di registro infetti: 0 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 1 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: C:\Programmi\Thoosje Sidebar V2.0\SDPlugins\DXAxHost.dll (Spyware.Agent) -> No action taken. Chiavi di registro infette: HKEY_CLASSES_ROOT\dxaxhost.desktopx (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{bb49bac9-e2fb-44eb-93c4-e0f2ddee4eab} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{16278baf-9809-47f5-be03-f725bc499e5e} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{42aad1be-542a-4f2d-8c39-1ec77ece4a54} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{460bbe8f-28f6-4214-a35c-9e11efb50996} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{4bd637d4-7497-43d2-8dd2-8a338cadfc01} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{4e797275-634e-48e3-b016-ee4626247362} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{541d379a-8525-4679-bd95-7762a35eb4a3} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{657b52cb-9d1f-45eb-af6e-0a4e7c09fb52} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{6b3bdc6e-6413-40a8-b44c-c3dfb4b767e6} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{753cb499-e958-4301-8a89-e8ede84f25f7} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{a7162c35-5ec6-4f66-beed-d933df855282} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{a9749998-dfab-4158-aff6-5f20ca2722e2} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{b2d0778b-ac99-4c58-a5c8-e7724e5316b5} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{b6ea2051-048a-11d1-82b9-00c04fb9942e} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{d4ff1d76-f7e7-4695-8133-4a7c385f39ff} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{e3019507-b532-46e0-b6bf-ab5589b458c5} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{ea219b20-4da3-433e-988b-88bf291a8110} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{fa76f502-7b28-4bfc-8055-b0977fbd3bc9} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{0cb13fc5-efa6-400f-9f32-235193a2d8c1} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{1251c89e-c28b-4523-934c-b8c25550af8b} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{3591bcca-6d3a-4c9e-9890-5eb6561d903e} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{75328d64-87cf-4848-a831-35deafe27822} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{7a233969-a455-4641-90b7-23f904a0af2a} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{80a21aa6-7efa-496f-8369-2e813e25b97b} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{871e56b6-59e6-48d9-ab00-85f66765abc2} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{ab9fa086-83c4-4f56-b614-77ca8c349270} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{d59cf868-3464-49d3-9a96-3e6890edc7e8} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{d8650b19-884f-43b6-a1f4-23a3156f7671} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{e745b262-93b6-4630-b26e-4e0cd4c435ec} (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.desktopx.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.dxform (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.dxform.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.dxmenu (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.dxmenu.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.object (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.object.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.objectcollection (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.objectcollection.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.preference (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.preference.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.root (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.root.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.script (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.script.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.state (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.state.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.system (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.system.1 (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.widget (Spyware.Agent) -> No action taken. HKEY_CLASSES_ROOT\dxaxhost.widget.1 (Spyware.Agent) -> No action taken. Valori di registro infetti: (Nessun elemento malevolo rilevato) Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: C:\Programmi\Thoosje Sidebar V2.0\SDPlugins\DXAxHost.dll (Spyware.Agent) -> No action taken.

i have 53 key but in other file: C:\Programmi\Thoosje Sidebar V2.0\SDPlugins\DXAxHost.dll (Spyware.Agent) my in tootsie sidebar ... false/positive ?

ok.... but this infect in KEY REGISTER: ierunner.dochostuihandler is real or a false/positive ? help me ...

ok for post the log.... in italian language what is the commnad ??? mbam.exe /developer, in italian ???? help

Malwarebytes' Anti-Malware 1.35 Versione del database: 1926 Windows 5.1.2600 Service Pack 2 01/04/2009 5.13.14 mbam-log-2009-04-01 (05-13-03).txt Tipo di scansione: Scansione completa (C:\|) Elementi scansionati: 160823 Tempo trascorso: 46 minute(s), 2 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 2 Valori di registro infetti: 0 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 0 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: HKEY_CLASSES_ROOT\ierunner.dochostuihandler (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{3f2bbc05-40df-11d2-9455-00104bc936ff} (Trojan.FakeAlert) -> No action taken. Valori di registro infetti: (Nessun elemento malevolo rilevato) Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: (Nessun elemento malevolo rilevato)

later day i scan and result INFECT in system32 the MSWINSCK.OCX file .... yestarday i download the new database at 6 P.M. and re-scan ....NO VIRUS or TROJAN result ! !!! an false/positive ! yesterday, at 9 P.M. download the new database: 1926 31 march 2009 re-scan and it say: REGISTER KEY INFECT: HKEY_CLASSES_ROOT\ierunner.dochostuihandler (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{3f2bbc05-40df-11d2-9455-00104bc936ff} (Trojan.FakeAlert) -> No action take what to do? kill this key or ANOTHER false/positive of Antimalwarebyte's ? help me.... please

hi, next yesterday to do a scan but none....yesterday a new scan and Antimlawarebyte say have a TROYAN: Infect keys: HKEY_CLASSES_ROOT\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d} (Trojan.BHO) -> No action taken. and program infect is: C:\WINDOWS\system32\mswinsck.ocx (Trojan.BHO) -> No action taken. i have scan this MSWINSCK.OCX with Virus Scan and say no virus o trojan !!! is a false/positive ????? yestarday i have installed ONLY the update of Java RE6 version 13. help me ? what i to do ?