paranoidsoul

This may seem trivial but a friend of mine told me that in the Malwarebytes' settings if you uncheck the part where it says anonymously report statistics to Malwarebytes' threat center then that means your statistics will still be reported only you will not be anonymous. Is that true?

thanks for clearing this up well it makes sense as i recall last week i did have a friend change the windows theme to classic mode

What I want to know is if this is a false positive or if not how severe is it? I have it in quarantine but is it safe for me to delete it? Here's my log file on the issue: Malwarebytes' Anti-Malware 1.40 Database version: 2723 Windows 5.1.2600 Service Pack 3 8/31/2009 4:55:29 PM mbam-log-2009-08-31 (16-55-29).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 109457 Time elapsed: 16 minute(s), 29 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

I'll tell him to join the forum and point him to this thread since that would make things easier.

Since last week my friend and I have been puzzled about trojan that malwarebytes has found on his pc. The file that was supposedly infected is is-QMU93.exe found in the windows folder. It was there for a couple of months and after various meddling about we found that that file is a file that would normally come up when he updated malwarebytes from one version to another from the update button. So in essence the infected file is an actual malwarebytes update. The trojan found was Trojan.Banker now this file has been on his machine for months yet it only appeared as a threat after he scanned last week after he had updated his database???? Honestly I have no clue how these malwares work for the file says it was created in April or May and as far as we could tell it was not modified based on the modified date. So we are wondering if this actual update file was a trojan or perhaps it was infected much later. We cannot tell because we do not know if when a malware infects a file if the modification date will change as well. Also based on the timeframe we think perhaps this came about when he upgraded to either version 1.36 or 1.37. I really don't know as I do not know how often my friend updates.

What I find even stranger is that on the homepage of the forum it says, "Malwarebytes Forum latest news: Malwarebytes Anti-Malware version 1.38 released," yet when I go to check on the malwarebytes.org site I see version 1.39????? I downloaded version 1.39 is something up with that????

I just like chocolate ice-cream.

Excuse me but what exactly does the server service do? Will it affect internet connection?

Sorry for the double reply but I could not find an edit button. So judging from what you say am I safe to assume that this is false positive and not one of those keylogger malwares I have been hearing about?

The only thing I know that I did different within that 2 day period was that I downloaded CCleaner and used the that feature that they have to clear out registry errors. Could that be the case?

Sorry for bringing this up. But today I scan after not scanning for 2 days and I see the following: Malwarebytes' Anti-Malware 1.35 Database version: 1940 Windows 5.1.2600 Service Pack 3 4/4/2009 9:01:03 PM mbam-log-2009-04-04 (21-01-03).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 159028 Time elapsed: 31 minute(s), 31 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I accidentally clicked remove or delete I don't remember and then it restarted. Is this really a false positive though? I happened to have logged in to my 3 email accounts during those 2 days of not scanning and hopefully this wasn't a keylogger??? Oh yes I too see no trace of it in my quarantined section.