Kahai

Yeah, I find that if I click on the link directly (or paste it in the search bar) the website comes up fine. This middle man web page only comes up when I click on google results.

I am not sure if this is just my paranoia, or if I have got some nasty browser hijack, but since last week, every hyperlink on google results seems to redirect me through some middle-man 'url' website. For instance, the hyperlink http://www.malwarebytes.org First redirects me to http://www.google.com.au/url?sa=t&sour...=1&ved=0c... etc etc Otherwise the web page loads just fine afterward. Is this normal for google? Virus scans turn up clean, but I don't think it hurts to be too careful.

1. Windows XP Media Centre Edition 2. 34 Bit. 3. Norton Internet Security 2005 4. The firewall which comes with that ^ 5. I also use SpyBot: Search and Destroy 6. No I haven't tried the clean removal tool, I'm a little nervous about turning off my antivirus software. 7. Yes This problem was non existent in the previous version of MBAM and only cropped up after the update.

I apologise for adding to what is already a crowded issue, but I have tried most of the solutions here regarding the updating problems but have still got problems with updating the new version of MBAM. I am able to successfully ping data-cdn.mbamupdates.com with my firewalls active, but I still cannot auto-update due to the error code in the topic's title.

I am pretty sure this is a false positive, checked file creation and modification date and it was the same as 80% of the other files in the drivers folder. I didn't want to accidentally delete anything critical, so I thought it'd be safer just to get a few second opinions. Details are as follows. Malwarebytes' Anti-Malware 1.44 Database version: 3818 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 4/03/2010 12:34:41 AM mbam-log-2010-03-04 (00-34-40).txt Scan type: Quick Scan Objects scanned: 133749 Time elapsed: 10 minute(s), 9 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asyncmac (Trojan.MultipleAV) -> Not selected for removal. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\drivers\asyncmac.sys (Trojan.MultipleAV) -> Not selected for removal.

I like the idea of flushing my System Restore folder although I don't really know how. I've heard that the folder is essential for the stable running of windows, so I don't want to delete anything hastily and removing something I shouldn't.

Hi, I am not sure if this is a false positive or not, but I've run a full scan and found one infection entitled Malware.Packer.Gen as C:\System Volume Information\_restore{FDD9614E-CF40-43E1-9C20-263B0BDC362F}\RP167\A0064576.DLL On inspection, this file was last created and modified back in 2003! The year of the computer's purchase. I would like to make sure that it is in fact a malicious file before I go deleting it.

I thought I'd add my five cents too. I got the same warning about atapi.sys and three registry infected registry keys after my daily scan. Like all of you, I've had no problems with viruses or malware for over a year now so this was rather surprising. I checked the created / modified files and apparently it's been on my computer since 2004 (year of purchase) so I am a little reluctant to remove it. After hearing problems people are having with their computers after the removal, I'm inclined to say it is a false positive. I am by no means an expert on the matter. So more information would be helpful before I come to a conclusion.

Thanks a lot for the fast response!

I got warned on the exact same files a few minutes ago. Not too sure what to make of it though.

Updated, scanned and found two infected files. Malwarebytes' Anti-Malware 1.40 Database version: 2661 Windows 5.1.2600 Service Pack 2 20/08/2009 6:17:58 PM mbam-log-2009-08-20 (18-17-52).txt Scan type: Quick Scan Objects scanned: 106656 Time elapsed: 5 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\wextract.exe (Worm.Autorun) -> No action taken. C:\WINDOWS\system32\netsetup.exe (Worm.Autorun) -> No action taken. I am 'pretty sure' these are false positives after flipping through a few general security websites. But since I am no expert in the matter, I am not sure.