Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About mbjoe

  • Rank
    New Member
  1. Just got a flag for Trojan.injector on the following: C:\Drivers\WIN\Ethernet\APPS\PROSET\W2KWS03\NCS_CORE.CAB Looks like a driver file that's been there awhile.
  2. I am getting the same alerts on the files below: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IUserCnv.dll and C:\Apps\M025R\engine32.cab
  3. I get this alert periodically but when I go to clean up there is nothing there. I've also scanned with over detection tools and nothing else is detected. Below is the alert as well as where it browses to when in quarantine: Browse to location: HKEY_CLASSES_ROOT\wincredprovider.Cwincredprovider\CurVer Alert: Malwarebytes Management Server Notification -------------------------------------------- Alert Time: 9/2/2015 5:25:52 AM Server Hostname: SERVER Server Domain/Workgroup: Domain.com Server IP: 10.X.X.X Notification Catalog: Client Description: Malware threat detected, see details be
  4. We had 3 systems get flagged for Trojan.agent.rc on this file: C:\i386\pngfilt.dll I saw another post similar but not for this specific dll.
  5. On the home version of Malwarebytes if I have website blocking enabled I cannot load ANY websites in any browser. It actually causes Firefox to crash and not open. When I again disable website blocking, everything works fine. I've had this for several months, any suggestions?
  6. Just got this on two PCs, is this a false positive? 5/11/2015 9:21:08 PM Server-name 10.x.x.x Trojan.Tracur Quarantined C:\Program Files (x86)\Microsoft SQL Server\100\COM\AXSCPHST.DLL 5/11/2015 9:21:08 PM Server-name 10.x.x.x Trojan.Tracur Quarantined D:\Software Installs\SQL 2008\x86\Setup\sql_is.msi 5/11/2015 9:21:08 PM Server-name 10.x.x.x Trojan.Tracur Quarantined D:\Software Installs\SQL 2008\x86\Setup\sql_engine_core_shared_msi\PFiles\SqlServr\100\COM\AXSCPHST.DLL
  7. We have an application that allows us to create a print preview by creating an Adobe PDF with Reader. When trying to do so we get the following error that we cannot exclude: "Exploit code executing from Heap memory blocked"
  8. Attached is the zip of the file that was flagged.
  9. They were only systems running Windows 7 32bit that turned up this item (all in fact).
  10. I had several workstations last night flag the following file as Backdoor.Bladabindi.MS C:\Windows\winsxs\x86_microsoft-windows-rascmak.resources_31bf3856ad364e35_6.1.7600.16385_en-us_3b1d19548de2fbf0\cmbins.exe Has anyone seen this before? There isn't much I can find when Googling for that specific file and infection.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.