drinx

OK the HubbleCache has been deleted. I scheduled a smart scan and nothing was detected after deleting the HubbleCache. When I ran a manual scan on what was detected before deleting the HubbleCache nothing was detected, the same thing with the 1st report that I made of this file, so I don't know what a threat scan does differently than a manual scan to detect it?. I'll hold off on adding the file to the allow list for now, as it would seem to me that it would be better that a clean file shouldn't be detected as malware in the 1st place, rather than it be added to the allow list, as some other user may just delete it thinking that it is malware.. Thanks for your help Porthos and goodnight.

No, Rootkits: Disabled

Hi, it's back!. It's back.zip

Good to hear, as after turning that one on it was only later that I found out that it was only really meant for expert use, so I was advised to turn it off.

Hello, thank you, as I was unsure if that was turned on at default or if I had accidentally turned it on myself. The false positive detected is an old program file mainly used on Windows XP, sometimes on Windows 7, so I didn't really think that anyone would take it as anything other than a false positive, but I will bear that in mind in the future. The file is now no longer detected. Thanks

Hi. I finally got fed up of this being detected so here it is.scan logs and .exe file.zip P.S I noticed that you got rid of "Use expert system algorithms to identify malicious files" leaving only: "Use artificial intelligence to detect threats". Should "Use artificial intelligence to detect threats" be left on?.

No problem. Thanks

Hi, an old file but I'm presuming it's a false positive as the last proxy.exe file detected was no longer detected after an update. The log file and the .exe are in the attached file. Detected as Malware AI. 1631137956.7z

Hi, Detected as Phishing: IP: 51.38.62.138 Domain: d-15.winudf.com Link: hxxps://d-15.winudf.com/b/apk/b3JnLndhdGVyZm94cHJvamVjdC53YXRlcmZveF8yMDE1NTc2OTAwXzZjNDZlYTM2?_fn=V2F0ZXJmb3ggV2ViIEJyb3dzZXIgT3BlbiBGcmVlIGFuZCBQcml2YXRlX3Y2MC4xLjBfYXBrcHVyZS5jb20uYXBr&_p=b3JnLndhdGVyZm94cHJvamVjdC53YXRlcmZveA&am=U2nT8CrEjWJhGHjAjgex1w&at=1622928447&k=81c57d6e7a3b0ad2c128b414934ae56060bd3e6a

OK thanks,

Hi, as title. AdbWinApi.zip Scan log - AdbWinApi.dll _.txt

Hi, I will do that, I just read about that elsewhere. Thank you.

48 files detected in C:\Windows\assembly False positives?. .NET files I assume?, but after restoring them all back out of quarantine all of the file paths lead nowhere, so I am unable to upload them. Advise?. C Windows assembly log.txt

No problem & thanks

Hi, both the log file and the .exe file are in the zip. Log & DivX Uninstaller.zip

I just re-scanned the files before tying your suggestion and the files are now no longer detected. Does the cache flush itself after a while?, I also ran some cleaning programs before making a system restore and updating by browser, I'm unsure if that might of deleted the cache. Thanks for you help. If I get any further detection's of those files I will do as you suggested though.

Hi thanks, but the .zip file that I sent to you is still being detected on its own, it might of been detected after I changed the zip file name, I can't recall now, but after changing the name back again it is still being detected and the .paff file is still being detected (depending on how many files I choose to scan together at once) as it is not detected anymore if it is scanned on its own which seems odd. Please see the new log files [New Histrory, scan logs] of MediaInfo Portable (Multilingual).zip

Malwarebytes History and the detected file are included in the zip file Reported by Malwarebytes as: Malware.Generic.4280996595 virustotal picks up nothing: https://www.virustotal.com/gui/file/68ae0d768e56558dfde75cbce7fd556c64f67352978ca99997adb3ac68d21ccd/detection So false positive?. Thanks MEDIAINFOPORTABLE_0.7.64.PAF.EXE [Malware.Generic.4280996595].zip

Hi, advise please as to if this website block by Malwarebytes is a false positive or not?. hxxps://ohsw7kcq3.qnssl.com/file/14984687013583gjox1savd4.zip The zip file is attached to this post. Log: -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: ohsw7kcq3.qnssl.com IP Address: 117.91.177.227 Port: [49897] Type: Outbound .. The IP address changes though!. The link that was blocked is a firmware update and update program/tool which runs on Windows, but the firmware is for a non windows device. I scanned the zip file that I downloaded after removing the website block and Malwarebytes detects nothing. The webpage with the Link on it to the firmware update and update tool is not blocked: hxxps://www.smoktech.com/faq/273 but the download link for the firmware update and update tool on the above webpage is blocked & listed as a Trojan, but like I said, Malwarebytes detects nothing when I scan the zip file. So what I need to know is was it just a false positive?, or was the connection to the Domain the problem?. 14984687013583gjox1savd4.zip

*Update: (literally) it is now updating again, the Main database updated but the Rootkit database stayed the same, I presume that there is just no update for the Rootkit database?.

Hi, update failed, it was working earlier today, any problems with the server?.

I did try that a few times myself on Windows 7 Ultimate but the service wouldn't stop, it just got stuck on "stopping". I also tried to turn off "Start Malwarebytes at Windows Startup" in the Malwarebytes/settings/Protection Tab, but that didn't work either as it just kept resetting itself back to On so I uninstalled it and reinstalled it later.

It was throwing up Windows memory low errors for me within about 6 to 8 minutes (at a guess) after each reboot making my PC unusable *see pic at the bottom of my post.. yikes!. Web protection said it was off on my system and on my friends, it's back on again now since it's been fixed. After figuring out that it was MBAMService doing it I quit Malwarebytes but MBAMService couldn't be stopped, it was stuck on stopping and it wouldn't stop manually so it never did, nor obviously did the memory problem. I watched MBAMService slowly eating up all of the memory on my PC via Resource Monitor after a restart. The switch [Start Malwarebytes at Windows Startup] doesn't work!, the program just starts up again at reboot, the switch just kept resetting to on, maybe if I'd done it 12 odd times it would of stayed off, see *things you still need to fix below. I cut my internet connection and did a system restore before figuring it out, I then uninstalled Malwarebytes so I could use my PC again. Friends were phoning me up for help as I was still trying to work out for myself what was causing it, they said their laptops were running slow. * Things you still need to fix: After reinstalling Malwarebytes I had to keep switching [Usage and Threat Statistics] and [Scan for rootkits] on and off at least 12 times each over many minutes to finally get one of them to stay on and the other to stay off as they kept automatically resetting. The switch [Start Malwarebytes at Windows Startup] doesn't work either, the program just starts up again at reboot, the switch just kept resetting back to on, maybe 12 tries would of done it maybe not. Perhaps more switches that I've never tried also do the same?. When I set a password in Malwarebytes why do I have to keep entering it for every single new tab that I click on after already having entered the password once?, the old version of Malwarebyes used to let you navigate around all of the settings tabs after entering the password only once and it only locked again after closing the program interface. Why does Malwarebytes keep trying to contact the license server when I have a lifetime license and even when I have no internet connection?, what's the point other than the annoyance?, it's a lifetime license so how many times does it really need to check it?!. Other than the glitches, thanks.

Thanks

One of the Total Video Converter install files (Kdc.exe) is being reported as Trojan.Dorkbot.ED http://www.effectmatrix.com/total-video-converter/ Log file: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25/07/2014 Scan Time: 11:59:22 Logfile: scan log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.25.02 Rootkit Database: v2014.07.17.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: not tellin Scan Type: Threat Scan Result: Completed Objects Scanned: 1 Time Elapsed: 0 min, 40 sec Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 Trojan.Dorkbot.ED, C:\Program Files\Total Video Converter\Kdc.exe, Quarantined, [7244950ec4b749ed8a2d1b4ca75a31cf], Physical Sectors: 0 (No malicious items detected) (end) Kdc.zip