Jump to content

debra09

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by debra09

  1. Oh yes please consider this issue resolved :-)
  2. Hi Thank you so very much for your help on this issue. I understand all that you have posted and so appreciate your time and expertise. I am a computer reseller/tech and always install, recommend and use MBAM on new systems as well as repaired systems. I am impressed by the help I have received from you and will continue to use MBAM on all systems I sell or work on! Thanx again D
  3. Hi and thank you for answering! The screen shot was just to show the file name -- of no importance. Yes this is the log of the files that were quarantined on June 23, 2015. I restored one of these files last night, ran a scan and no issues. There was only one of the below files in quarantine last night. Trojan.Vawtrak.ED, G:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\usp10.dll-k.mbam, Quarantined, [5ec5dae48efc290ddd09c2b4f70bec14], Trojan.Vawtrak.ED, G:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\usp10.dll-u.mbam, Quarantined, [ba693f7f58326cca24c242342fd321df], ** Still in quarantine is this file which is my concern as it is a windows file and will not restore: Trojan.Vawtrak.ED, G:\Windows\winsxs\Backup\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f_usp10.dll_8785b649, Quarantined, [1e052797f199a1958e583e389e64d729], Do not understand what you are referring to here - "The file "8afc49b02429a - Copy" - I have no clue what that is.." - as I do not see this in the log file I sent you. I am going to retest the Windows 7 drive for boot now. Thank you "What is drive G:\ - the unbootable Windows7 Drive? (from the f/p back in June?)" Yes this is the Win 7 unbootable drive from the fp back in June
  4. Below is a copy of the scan log that originally detected the 2 quarantined files detected by MBAM as Vawtrak.Trojan.ED. I apologize for forgetting to post above. Please note log state running Win 8 but actualy running Win 10 Insider Preview Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 6/23/2015 Scan Time: 4:07 PM Logfile: vawtrak-detectionlog-06-23-2015.txt Administrator: Yes Version: 2.01.6.1022 Malware Database: v2015.06.23.07 Rootkit Database: v2015.06.22.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 8 CPU: x64 File System: NTFS User: Tester Scan Type: Custom Scan Result: Completed Objects Scanned: 668837 Time Elapsed: 27 min, 16 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 3 Trojan.Vawtrak.ED, G:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\usp10.dll-k.mbam, Quarantined, [5ec5dae48efc290ddd09c2b4f70bec14], Trojan.Vawtrak.ED, G:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\usp10.dll-u.mbam, Quarantined, [ba693f7f58326cca24c242342fd321df], Trojan.Vawtrak.ED, G:\Windows\winsxs\Backup\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f_usp10.dll_8785b649, Quarantined, [1e052797f199a1958e583e389e64d729], Physical Sectors: 0 (No malicious items detected) (end)
  5. There are conflicting answers to the issue of whether Trojan Valtrak.ED is a false positive. June 23,2015 MBAM detected this trojan on my system and quarrantined 2 files. One is - shown in the attached screen shot - and another which was under MBAM program data files which I restored as per instructions in another post that this trojan is a FP. The file showing in the in screenshot will not restore from MBAM saying access is denied. MBAM Pro removed this file from a Windows 7 slave drive in my computer that now will no longer boot. In other posts here and the day of the Vawtrak detection we were told Vawtrak is a FP. Can I get a straight answer here as I am running Win 10 insider preview which has expired and wish to use the secondary win 7 hd to operate system as I have moved all data files there from the Win 10 hd. Thank you for your help in advance. Attached is screenshot of the Vawtrak quarantined file with a check mark next to it -- a very long Windows file name. Please advise. Thank you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.