Jump to content

drinx

Members
  • Posts

    19
  • Joined

  • Last visited

Everything posted by drinx

  1. Hi, an old file but I'm presuming it's a false positive as the last proxy.exe file detected was no longer detected after an update. The log file and the .exe are in the attached file. Detected as Malware AI. 1631137956.7z
  2. Hi, Detected as Phishing: IP: 51.38.62.138 Domain: d-15.winudf.com Link: hxxps://d-15.winudf.com/b/apk/b3JnLndhdGVyZm94cHJvamVjdC53YXRlcmZveF8yMDE1NTc2OTAwXzZjNDZlYTM2?_fn=V2F0ZXJmb3ggV2ViIEJyb3dzZXIgT3BlbiBGcmVlIGFuZCBQcml2YXRlX3Y2MC4xLjBfYXBrcHVyZS5jb20uYXBr&_p=b3JnLndhdGVyZm94cHJvamVjdC53YXRlcmZveA&am=U2nT8CrEjWJhGHjAjgex1w&at=1622928447&k=81c57d6e7a3b0ad2c128b414934ae56060bd3e6a
  3. Hi, as title. AdbWinApi.zip Scan log - AdbWinApi.dll _.txt
  4. Hi, I will do that, I just read about that elsewhere. Thank you.
  5. 48 files detected in C:\Windows\assembly False positives?. .NET files I assume?, but after restoring them all back out of quarantine all of the file paths lead nowhere, so I am unable to upload them. Advise?. C Windows assembly log.txt
  6. Hi, both the log file and the .exe file are in the zip. Log & DivX Uninstaller.zip
  7. I just re-scanned the files before tying your suggestion and the files are now no longer detected. Does the cache flush itself after a while?, I also ran some cleaning programs before making a system restore and updating by browser, I'm unsure if that might of deleted the cache. Thanks for you help. If I get any further detection's of those files I will do as you suggested though.
  8. Hi thanks, but the .zip file that I sent to you is still being detected on its own, it might of been detected after I changed the zip file name, I can't recall now, but after changing the name back again it is still being detected and the .paff file is still being detected (depending on how many files I choose to scan together at once) as it is not detected anymore if it is scanned on its own which seems odd. Please see the new log files [New Histrory, scan logs] of MediaInfo Portable (Multilingual).zip
  9. Malwarebytes History and the detected file are included in the zip file Reported by Malwarebytes as: Malware.Generic.4280996595 virustotal picks up nothing: https://www.virustotal.com/gui/file/68ae0d768e56558dfde75cbce7fd556c64f67352978ca99997adb3ac68d21ccd/detection So false positive?. Thanks MEDIAINFOPORTABLE_0.7.64.PAF.EXE [Malware.Generic.4280996595].zip
  10. Hi, advise please as to if this website block by Malwarebytes is a false positive or not?. hxxps://ohsw7kcq3.qnssl.com/file/14984687013583gjox1savd4.zip The zip file is attached to this post. Log: -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: ohsw7kcq3.qnssl.com IP Address: 117.91.177.227 Port: [49897] Type: Outbound .. The IP address changes though!. The link that was blocked is a firmware update and update program/tool which runs on Windows, but the firmware is for a non windows device. I scanned the zip file that I downloaded after removing the website block and Malwarebytes detects nothing. The webpage with the Link on it to the firmware update and update tool is not blocked: hxxps://www.smoktech.com/faq/273 but the download link for the firmware update and update tool on the above webpage is blocked & listed as a Trojan, but like I said, Malwarebytes detects nothing when I scan the zip file. So what I need to know is was it just a false positive?, or was the connection to the Domain the problem?. 14984687013583gjox1savd4.zip
  11. *Update: (literally) it is now updating again, the Main database updated but the Rootkit database stayed the same, I presume that there is just no update for the Rootkit database?.
  12. Hi, update failed, it was working earlier today, any problems with the server?.
  13. I did try that a few times myself on Windows 7 Ultimate but the service wouldn't stop, it just got stuck on "stopping". I also tried to turn off "Start Malwarebytes at Windows Startup" in the Malwarebytes/settings/Protection Tab, but that didn't work either as it just kept resetting itself back to On so I uninstalled it and reinstalled it later.
  14. It was throwing up Windows memory low errors for me within about 6 to 8 minutes (at a guess) after each reboot making my PC unusable *see pic at the bottom of my post.. yikes!. Web protection said it was off on my system and on my friends, it's back on again now since it's been fixed. After figuring out that it was MBAMService doing it I quit Malwarebytes but MBAMService couldn't be stopped, it was stuck on stopping and it wouldn't stop manually so it never did, nor obviously did the memory problem. I watched MBAMService slowly eating up all of the memory on my PC via Resource Monitor after a restart. The switch [Start Malwarebytes at Windows Startup] doesn't work!, the program just starts up again at reboot, the switch just kept resetting to on, maybe if I'd done it 12 odd times it would of stayed off, see *things you still need to fix below. I cut my internet connection and did a system restore before figuring it out, I then uninstalled Malwarebytes so I could use my PC again. Friends were phoning me up for help as I was still trying to work out for myself what was causing it, they said their laptops were running slow. * Things you still need to fix: After reinstalling Malwarebytes I had to keep switching [Usage and Threat Statistics] and [Scan for rootkits] on and off at least 12 times each over many minutes to finally get one of them to stay on and the other to stay off as they kept automatically resetting. The switch [Start Malwarebytes at Windows Startup] doesn't work either, the program just starts up again at reboot, the switch just kept resetting back to on, maybe 12 tries would of done it maybe not. Perhaps more switches that I've never tried also do the same?. When I set a password in Malwarebytes why do I have to keep entering it for every single new tab that I click on after already having entered the password once?, the old version of Malwarebyes used to let you navigate around all of the settings tabs after entering the password only once and it only locked again after closing the program interface. Why does Malwarebytes keep trying to contact the license server when I have a lifetime license and even when I have no internet connection?, what's the point other than the annoyance?, it's a lifetime license so how many times does it really need to check it?!. Other than the glitches, thanks.
  15. One of the Total Video Converter install files (Kdc.exe) is being reported as Trojan.Dorkbot.ED http://www.effectmatrix.com/total-video-converter/ Log file: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25/07/2014 Scan Time: 11:59:22 Logfile: scan log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.25.02 Rootkit Database: v2014.07.17.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: not tellin Scan Type: Threat Scan Result: Completed Objects Scanned: 1 Time Elapsed: 0 min, 40 sec Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 Trojan.Dorkbot.ED, C:\Program Files\Total Video Converter\Kdc.exe, Quarantined, [7244950ec4b749ed8a2d1b4ca75a31cf], Physical Sectors: 0 (No malicious items detected) (end) Kdc.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.