G1111
Honorary Members-
Posts
63 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
7,785 profile views
-
I should have posted complete scan report: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/5/18 Scan Time: 11:22 PM Log File: 36a80d7b-6941-11e8-afca-7427ead93fb9.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.365 Update Package Version: 1.0.5374 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: XXXXXXXXX -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 247404 Threats Detected: 3 Threats Quarantined: 3 Time Elapsed: 2 min, 24 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 3 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__FilterToConsumerBinding.Consumer="CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__EventFilter.Name="BVTFilter", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:CommandLineEventConsumer.Name="BVTConsumer", Quarantined, [14221], [528083],1.0.5374 (end)
-
Scan found this. I quarantined. Can I delete. Did not return on reboot (so far). WMI: 3 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__FilterToConsumerBinding.Consumer="CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__EventFilter.Name="BVTFilter", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:CommandLineEventConsumer.Name="BVTConsumer", Quarantined, [14221], [528083],1.0.5374
-
Files attached. Malwarebytes Anti-Ransomware.7z RootkitBusterV5.0-1198x64.7z
-
Okay thanks Pedro. 1.05 working good. No problems thus far,
-
Just loaded 1.05 over 1.04 Premium and license now reads "Experimental" Will I have to reactivate license when 1.05 is public release? I know I wil have to manually load 1.05 public release, but what will happen to my preium license?
-
Installed over 1007. Only problem noted so far is Shielded applications counter does not reset. Currently showing 22. On Windows 7 x64 SP1 Professionsal.
-
Updated to 5363 and quick scan & single file (right-click) scan no longer detects as malicious. Thanks for the quick fix Rich.
-
-
I had same problem with Gen.dll. Scans with Hitman Pro and Emsisoft indicated this file was clean. I believe it is a FP.
-
Okay thanks Bruce for the quick fix.
-
MBAM 1.46 4250 started detecting the HIPS program Malware Defender http://labs.360.cn/malwaredefender/index.html as a trojan today. I believe this is a false positive. 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\Program Files\Malware Defender\mdservice.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\program files\malware defender\malwaredefender.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\Program Files\Malware Defender\mdservice.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\Program Files\Malware Defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\malwaredefender.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\PROGRAM FILES\MALWARE DEFENDER\MDSERVICE.EXE Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW
-
IP blocking - how is decision made?
G1111 replied to beckx020's topic in Malwarebytes for Windows Support Forum
It would be interesting to see the list and how many IP's are being blocked. -
Signed up. Looking forward to trying the new version.
-
Running Updates from Tray Icon
G1111 replied to G1111's topic in Malwarebytes for Windows Support Forum
Thanks but I did that already. Also after rebooting from safe mode I ran CCleaner and RegSeeker to clean any remnants. I reinstalled the latest version and the problem persists. I also did a clean install after running mbam-clean.exe. It is a minor problem as the program scans and runs updates when I open the program.