G1111
Honorary Members-
Posts
63 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by G1111
-
I should have posted complete scan report: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/5/18 Scan Time: 11:22 PM Log File: 36a80d7b-6941-11e8-afca-7427ead93fb9.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.365 Update Package Version: 1.0.5374 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: XXXXXXXXX -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 247404 Threats Detected: 3 Threats Quarantined: 3 Time Elapsed: 2 min, 24 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 3 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__FilterToConsumerBinding.Consumer="CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__EventFilter.Name="BVTFilter", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:CommandLineEventConsumer.Name="BVTConsumer", Quarantined, [14221], [528083],1.0.5374 (end)
-
Scan found this. I quarantined. Can I delete. Did not return on reboot (so far). WMI: 3 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__FilterToConsumerBinding.Consumer="CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:__EventFilter.Name="BVTFilter", Quarantined, [14221], [528083],1.0.5374 Hijack.BitCoinMiner.WMI, \\XXXX-PC\ROOT\subscription:CommandLineEventConsumer.Name="BVTConsumer", Quarantined, [14221], [528083],1.0.5374
-
Files attached. Malwarebytes Anti-Ransomware.7z RootkitBusterV5.0-1198x64.7z
-
Okay thanks Pedro. 1.05 working good. No problems thus far,
-
Just loaded 1.05 over 1.04 Premium and license now reads "Experimental" Will I have to reactivate license when 1.05 is public release? I know I wil have to manually load 1.05 public release, but what will happen to my preium license?
-
Installed over 1007. Only problem noted so far is Shielded applications counter does not reset. Currently showing 22. On Windows 7 x64 SP1 Professionsal.
-
Updated to 5363 and quick scan & single file (right-click) scan no longer detects as malicious. Thanks for the quick fix Rich.
-
-
I had same problem with Gen.dll. Scans with Hitman Pro and Emsisoft indicated this file was clean. I believe it is a FP.
-
Okay thanks Bruce for the quick fix.
-
MBAM 1.46 4250 started detecting the HIPS program Malware Defender http://labs.360.cn/malwaredefender/index.html as a trojan today. I believe this is a false positive. 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:22 Gordon Garcia DETECTION C:\Program Files\Malware Defender\MalwareDefender.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\Program Files\Malware Defender\mdservice.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\program files\malware defender\malwaredefender.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\Program Files\Malware Defender\mdservice.exe Trojan.Agent ALLOW 10:17:58 Gordon Garcia DETECTION C:\Program Files\Malware Defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\malwaredefender.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\PROGRAM FILES\MALWARE DEFENDER\MDSERVICE.EXE Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW 10:18:53 Gordon Garcia DETECTION C:\program files\malware defender\mdservice.exe Trojan.Agent ALLOW
-
IP blocking - how is decision made?
G1111 replied to beckx020's topic in Malwarebytes for Windows Support Forum
It would be interesting to see the list and how many IP's are being blocked. -
Signed up. Looking forward to trying the new version.
-
Running Updates from Tray Icon
G1111 replied to G1111's topic in Malwarebytes for Windows Support Forum
Thanks but I did that already. Also after rebooting from safe mode I ran CCleaner and RegSeeker to clean any remnants. I reinstalled the latest version and the problem persists. I also did a clean install after running mbam-clean.exe. It is a minor problem as the program scans and runs updates when I open the program. -
In the last two versions I can no longer run a scan or do updates from the tray Icon. I have to open the program. I did a clean install (removed previous version) and also ran mbam-clean.exe and rebooted. Anyone else have this problem? Otherwise MBAM is running smoothly. The problem started for me with version 1.29 and also is occurring in version 1.30.
-
I use both MBAM and KAV (both with upfront protection enabled). I have both a hardware and software firewall (OutPost), a HIPS (Ghost Security AppDefend/Regdefend and WinPatrol) and a HOSTS file (MVPS & hpHosts with HostsXpert). They all run smoothly together. I believe you need something to counter a 0-Day type attack. Signature based programs can't handle them until they get a sample and then add an item to their database. KAV is very fast at that, but for me not fast enough.
-
There have been no updates to the program or database in some time. I am just curious what is going on.
-
No problems, running smooth Malwarebytes' Anti-Malware 1.28 Database version: 1137 Windows 5.1.2600 Service Pack 2 9/10/2008 12:38:52 PM mbam-log-2008-09-10 (12-38-52).txt Scan type: Quick Scan Objects scanned: 43746 Time elapsed: 4 minute(s), 51 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
Installed and running smoothly Malwarebytes' Anti-Malware 1.13 Database version: 800 9:36:46 PM 5/29/2008 mbam-log-5-29-2008 (21-36-46).txt Scan type: Full Scan (A:\|C:\|D:\|E:\|) Objects scanned: 84964 Time elapsed: 27 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
Yes, I am now at 799. Thanks.
-
The update this morning goes from 797 to 797.
-
Update went smooth. No problems thus far. Malwarebytes' Anti-Malware 1.12 Database version: 722 Scan type: Full Scan (A:\|C:\|D:\|E:\|) Objects scanned: 85658 Time elapsed: 22 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
No problems with update. New version scanned all drives. Malwarebytes' Anti-Malware 1.09 Database version: 507 Scan type: Full Scan (A:\|C:\|D:\|E:\|) Objects scanned: 79196 Time elapsed: 21 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
I like the current blue banner one in Marcin's signature. Add the product name there. The brown-orange version for RogueRemover.