-
Posts
173 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by lurkingatu2
-
-
hello
thank you very much geradwil
-
hello
i have been scanning with mbam every day i get d.b.v updates since i started here
i was one of the ones that mbam made files on this pc and i deleted them
i tryed to scan this file at virustotal and it's 0bytes so i went in to safe mode
and scaned with avira antivir pe classic and superantispyware pro and only super
found it in the sameplace as rootkit.tncore/trace avria found nothing i also copyed
it to my documents folder to zip it up for here and super did not find it there just
in system32/drivers i also went in to system32/drivers and right clicked scaned
core.sys and nothing i ran hjt and doin't see it there so i ran rootkit revealer and
here thay are
HKLM\SECURITY\Policy\Secrets\SAC* 11/7/2003 2:10 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 11/7/2003 2:10 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\webcal\URL Protocol 6/16/2004 5:57 PM 13 bytes Data mismatch between Windows API and raw hive data.
C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\TEMP\AVGUARD_47b5977b\AV0000057c$000005d5.AV$ 2/10/2008 3:33 PM 47.00 KB Hidden from Windows API.
Logfile of HijackThis v1.99.1
Scan saved at 4:08:13 PM, on 2/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Returnil\Rvsystem.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exe
C:\hijack this\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msnmember.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;help.msn.com;;www.msnusers.com;<local>
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avgnt] C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe /min
O4 - HKLM\..\Run: [Rvsystem] C:\Program Files\Returnil\Rvsystem.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [iNTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
also should i delete it so it doin't get picked no more
thanks
-
hello
f/p mabe the file says date created 2-8-08 0bytes
Malwarebytes' Anti-Malware 1.03
Database version: 337
Scan type: Full Scan (C:\|)
Objects scanned: 50034
Time elapsed: 8 minute(s), 58 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\drivers\core.sys (Rootkit.Agent) -> No action taken. [CREATE=Rootkit.Agent, C:\WINDOWS\system32\drivers\core.sys]
thanks
-
hello
updated mbam 1.02 to 1.03 from with in the program with no problems
i got 1 error in event veiwer after updating but after like 6 restarts
no more error (mbam driver unloading failed) great job guy's
i did a full scan and mbam found
Malwarebytes' Anti-Malware 1.03
Database version: 337
Scan type: Full Scan (C:\|)
Objects scanned: 50034
Time elapsed: 8 minute(s), 58 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\drivers\core.sys (Rootkit.Agent) -> No action taken. [CREATE=Rootkit.Agent, C:\WINDOWS\system32\drivers\core.sys]
this file has date created as 2-8-08 and is 0bytes
thanks
-
happy birthday jean
and i hope you have a very good one
-
hello
ok i got offline deleted my temp files and ran ccleaner and restarted the pc and
got the error in event viewer then restarted the pc again and no error so it must
not happen at every restart i see it 6 times in event viewer and one about mbamtrayctrl
all about the sametime i updated today so i looked inside the one for mbamservices
that was not a error but information and see pic
thanks
-
hello
i just uninstalled and reinstalled comodo firewall v3.015 to comodo v3.16 and
i was looking in the event viewer and i see this error for mbam even before i
reinstalled comodo and after i updated mbam to v1.02
thanks
-
hello
updated mbam 1.01 to 1.02 from with in the program with no problems
updated d.b.v to 318 and did a full scan
Malwarebytes' Anti-Malware 1.02
Database version: 318
Scan type: Full Scan (C:\|)
Objects scanned: 57499
Time elapsed: 9 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks
-
hello
sorry i'm late
updated mbam 1.0 to 1.1 with in the program and all went good
then updated the d.b.v to 295 and turned the pc off for the nite
then today i tryed to start mbam and got database could not be located
and the same error as 2Ton then did what Heardhead said and updated
d.b.v to 297 and all is good
Malwarebytes' Anti-Malware 1.01
Database version: 297
Scan type: Full Scan (C:\|)
Objects scanned: 52115
Time elapsed: 9 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware 1.01
Database version: 297
Scan type: Quick Scan
Objects scanned: 19126
Time elapsed: 2 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks B)
-
hello
updated mbam 1.0 d.b.v from 264 to 270 after the update mbamservice.exe uses
cpu in the task manager for a few then stops
Malwarebytes' Anti-Malware version 1.00
Database version: 270
Scan type: Full Scan (C:\|)
Objects scanned: 48389
Time elapsed: 9 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware version 1.00
Database version: 270
Scan type: Quick Scan
Objects scanned: 18439
Time elapsed: 2 minute(s), 55 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
also when i go to start>all programs>malwarebytes anti-malware and click on
logs nothing happens
all running good and light here
thanks B)
-
hello
congrats on the final mbam 1.0 and thanks so much for letting me help
ok uninstalled mbam 0.91 had a error a few times uninstalling i think 106 but
it uninstalled and reinstalled mbam 1.0 with no problems
updated d.b.v from 262 to 264 all ok
Malwarebytes' Anti-Malware version 1.00
Database version: 264
Scan type: Full Scan (A:\|C:\|)
Objects scanned: 47444
Time elapsed: 8 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware version 1.00
Database version: 264
Scan type: Quick Scan
Objects scanned: 18411
Time elapsed: 2 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
ran test for guard all ok ran start protection all installed and running ok
the only thing i can see so far is that after i restart the pc for the first
few minuetes my cpu in task mananger for mbamservice.exe is going between
60 and 80% then stops then all is ok
thanks B)
-
dang
thanks so very much guys i'll try to not get to dk lol
-
hello
thank you for letting me try to help
updated mbam from with in the program to 0.91 with no problems
then updated the d.b.v from 256 to 259 all ok
Malwarebytes' Anti-Malware Version 0.91
Database version: 259
Scan type: Full Scan (C:\|)
Objects scanned: 45346
Time elapsed: 8 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware Version 0.91
Database version: 259
Scan type: Quick Scan
Objects scanned: 18259
Time elapsed: 2 minute(s), 41 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
you guy's are great
thanks B)
-
hello
updated d.b.v to 252 all ok here
Malwarebytes' Anti-Malware Version 0.90
Database version: 252
Scan type: Full Scan (C:\| )
Objects scanned: 54554
Time elapsed: 9 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware Version 0.90
Database version: 252
Scan type: Quick Scan
Objects scanned: 17718
Time elapsed: 2 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks
-
hello
updated d.b. version from 248 to 250 no f/p's
Malwarebytes' Anti-Malware Version 0.90
Database version: 250
Scan type: Full Scan (C:\| )
Objects scanned: 50404
Time elapsed: 9 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware Version 0.90
Database version: 250
Scan type: Quick Scan
Objects scanned: 17712
Time elapsed: 2 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks
-
hello
i'm very sorry i updated the def.version from 247 to 248 before i seen that
about the developer's log now mbam finds nothing
Malwarebytes' Anti-Malware Version 0.90
Database version: 248
Scan type: Full Scan (C:\| )
Objects scanned: 50374
Time elapsed: 9 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware Version 0.90
Database version: 248
Scan type: Quick Scan
Objects scanned: 17707
Time elapsed: 2 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks
-
hello
updated mbam 0.89 to 0.90 with no problems
then updated def.version from 245 to 247
Malwarebytes' Anti-Malware Version 0.90
Database version: 247
Scan type: Full Scan (C:\| )
Objects scanned: 50381
Time elapsed: 9 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\Software\Microsoft\GDIPlus (Trojan.Adware) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP33\A0054604.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP34\A0054667.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP34\A0054714.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP36\A0055999.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP38\A0057157.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP38\A0058312.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP38\A0061420.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP39\A0064363.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D7E183F2-D4ED-4F9A-836B-73F398880842}\RP41\A0070148.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\SpOrder.dll (Adware.WebHancer) -> No action taken.
Malwarebytes' Anti-Malware Version 0.90
Database version: 247
Scan type: Quick Scan
Objects scanned: 17705
Time elapsed: 2 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\Software\Microsoft\GDIPlus (Trojan.Adware) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\SpOrder.dll (Adware.WebHancer) -> No action taken.
thanks B)
-
hello
well i got tired of playing around with comodo for now and i'm back to trying
online armor v2.1.0.56 free
updated mbam from 0.88 to 0.89 from with in the program no problems B)
Malwarebytes' Anti-Malware Version 0.89
Database version: 244
Scan type: Quick Scan
Objects scanned: 17408
Time elapsed: 2 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware Version 0.89
Database version: 244
Scan type: Full Scan (C:\| )
Objects scanned: 45902
Time elapsed: 8 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks
-
hello
well i was using comodo v2.4 and updated mbam database to 244 and did a quick scan
and found nothing
Malwarebytes' Anti-Malware Version 0.88
Database version: 244
Scan type: Quick Scan
Objects scanned: 17412
Time elapsed: 2 minute(s), 41 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
so i uninstalled comodo v2.4 and cleaned up better and installed comodo v3 it
still finds files in my pending files after scanning with mbam i even tryed to
scan with mbam and comodo in install mode it did ok till i started getting popups
about mbam wanting to write to files so i yes clicked past them and it did not work
i still get files in my pending files i'v tryed to save the comodo pending file list
but it will not let me i can see it but can't save it
so heres a quick scan with comodo v3 installed
Malwarebytes' Anti-Malware Version 0.88
Database version: 244
Scan type: Quick Scan
Objects scanned: 17510
Time elapsed: 2 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\drivers\runtime.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\lanmanwrk.exe (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\qmfdjjge.exe (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\kdzye.exe (Trojan.DNSChanger) -> No action taken.
C:\WINDOWS\system32\kdshc.exe (Trojan.DNSChanger) -> No action taken.
C:\WINDOWS\system32\nvrssl.dllnvrssl.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\xpdx.sys (Rootkit.Rustock) -> No action taken.
thanks
-
hello
when i was testing comodo v3 beta's one time i started a scan with mbam i doin't
remember the version number and forgot to exit out of comodo v3 and started to get
popups about everything mbam was scanning so i stoped mbam from scanning and exit
out of comodo v3 and started a scan with mbam again and let it finish but now when i
looked in comodo v3 under proactive defince there is allwise 60 to 70 files there
under files are waiting for your review after a mbam scan
some of the files that are waiting for review have the same names as the files that
mbam found yesterday i have tryed to remove and purge them from comodo v3 but thay
keep comming back after a scan with mbam
i'm thinking i'm not cleaning up something about comodo v3 in the registry before
i install comodo v3 or something as i doin't have problems with comodo v2.4
when i scan with superantispyware and avira antivir pe classic i doin't get
files waiting for review in comodo v3 but i also make sure i exit comodo first
thanks
-
hello
well the only thing i changed on my pc the last 3 days is i uninstalled comodo
v2.4 that i'v been running and put back on comodo v3.0.14.276 and returnil that i had before
so i uninstalled comodo v3 and deleted them files and did a scan with mbam and found nothing
Malwarebytes' Anti-Malware Version 0.88
Database version: 242
Scan type: Quick Scan
Objects scanned: 17315
Time elapsed: 2 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
so i'm going back to comodo v2.4 i'm not sure it's mbam
thanks
-
hello
updated mbam 0.87 to 0.88 with in the program no problems
did a full and quick scan and found this thay are all 0 byts files
Malwarebytes' Anti-Malware Version 0.88
Database version: 242
Scan type: Full Scan (C:\| )
Objects scanned: 43172
Time elapsed: 9 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\Common Files\VideoCap11.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\drivers\seio40.sys (Rootkit.Agent) -> No action taken.
Malwarebytes' Anti-Malware Version 0.88
Database version: 242
Scan type: Quick Scan
Objects scanned: 17356
Time elapsed: 2 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\Common Files\VideoCap11.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\drivers\VideoCap12.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\ksys.sys (Rootkit.Ntrootkit) -> No action taken.
C:\WINDOWS\system32\drivers\Ygt33.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\seio40.sys (Rootkit.Agent) -> No action taken.
i scaned with superantispyware pro 3.9.1008 and ewido antispyware 4.0(avg antispyware)
and found nothing B)
thanks
-
hello
congrats you guys are great and thanks for letting me try to help B)
ok updated mbam 0.86 to 0.87 with no problems
d.b. 242
f.p. 11987
Malwarebytes' Anti-Malware Version 0.87
Database version: 242
Scan type: Quick Scan
Objects scanned: 17261
Time elapsed: 2 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Malwarebytes' Anti-Malware Version 0.87
Database version: 242
Scan type: Full Scan (C:\| )
Objects scanned: 39856
Time elapsed: 8 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
thanks
-
hello
all is ok here now B)
Malwarebytes' Anti-Malware Version 0.86
Database version: 238
Scan type: Quick Scan
Objects scanned: 17104
Time elapsed: 2 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
thanks
f/p ?
in File Detections
Posted
hello
ok i deleted core.sys and cant see no trouble from deleteing it and about comodo
when i do a scan with ewido 4(avg antispyware) or superantispyware or avira antivir
or mbam i do it off line and exit comodo before i scan but when i scan with mbam
comodo has like 191 files in it's pending list after the scan and i know comodo has
had trouble with the my pending list but none of my other scanners after a scan has
things left in comodos pending list and i know it's probably a comodo thing but i'm
going to try to post the list from comodo in the my pending files i say try because
i copy it and save it and i can read it but after i restart my pc you can't read it
know more it's all squares and stuff so i doin't know if i can post it