Jump to content

tanmx

Members
  • Posts

    21
  • Joined

  • Last visited

Everything posted by tanmx

  1. As a student, this problem is really RIDICULOUS. I lost so much time (DAYS) trying to find a fix when I SHOULD be doing my assignments in peace. Really, MBAM is a let-down. Period. You could had jolly well sent an email telling us about this temporary hotfix, saving us the trouble. AND I merely found the solution by LUCK. I googled "word hang when save" and read through so many results before I found a forum post on Microsoft which leads to here which leads to the hotfix. What about others who did not land on the microsoft forum? I've read through the petty fights past few posts by self-proclaimed IT professionals with no compassion for end users / consumers like me who are not adept at IT. You all need to learn to put yourselves in our shoes. And you can go on barking about how we should be patient on the official update. WE ARE PATIENT. What we wanted is an email or something telling us about this. As a student, I am telling you to grow up. Please feel ashamed about yourself.
  2. Just ran a full scan and MBAM flagged ORGCHART.EXE and 2 other registry keys as a ransom software, but I am pretty sure it is not. Can someone confirm this? I have not yet removed what are found in the scan yet, and still on the Total Threats Detected page. What should I do? I just just click cancel at the bottom right? Thanks!
  3. Hey nosirrah, There still false postive, but just lesser. There are 2 now. But exile 360 told me one of them can be ignore, so it should be only 1 false postive. --------------------------------------- Malwarebytes' Anti-Malware 1.43 Database version: 3485 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 3/1/2010 3:25:43 PM mbam-log-2010-01-03 (15-25-32).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 209724 Time elapsed: 11 minute(s), 9 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ----------------------------------------------------
  4. Oh, the "Last time" means that *Before* you asked me to use the mbam.exe /developer. I posted "10 false positves" thread right? When i scanned with mbam.exe /developer, it's 9 false postives. Weird. And i am saying, how do you know which log is from mbam.exe /developer and which log isn't? The 2 logs i posted "Last time" and "Mbam.exe /developer thing" is to show that i can't find the difference. =P Now i am scanning with the updated version of normal mbam, updated. Seems clean. Will look later.
  5. Hi, thx. I am rescanning now to comfirm it. However, why is my scan without developer thing give 10 results last time? Please advise. Thx ----------- Last Time ----------- Malwarebytes' Anti-Malware 1.43 Database version: 3478 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18865 2/1/2010 11:08:41 PM mbam-log-2010-01-02 (23-08-39).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 223918 Time elapsed: 13 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. --------------------------------- With developer thingie -------------------------------- Malwarebytes' Anti-Malware 1.43 Database version: 3479 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 3/1/2010 1:00:07 AM mbam-log-2010-01-03 (01-00-04).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 192803 Time elapsed: 10 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 6 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725] HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. [985FFFC484CD1BA8FEFF5342773080F7] Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3] Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725] -------------------------- 1 items less, why? Nonetheless, how are those 2 different?
  6. Hello? Is there something wrong? It looks the same as my last post... Sorry if i did something wrong. I ran a full system scan on "mbam.exe /developer" and it still gave me this. Anything i can do?
  7. It's late now. i will look at ur reply tomorrow
  8. Malwarebytes' Anti-Malware 1.43 Database version: 3479 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 3/1/2010 1:00:07 AM mbam-log-2010-01-03 (01-00-04).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 192803 Time elapsed: 10 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 6 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725] HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. [985FFFC484CD1BA8FEFF5342773080F7] Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3] Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962] C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]
  9. Look, i've no idea what i am doing wrong. I've typed in mbam.exe /developer on "run" But it shows me the same malwarebytes, so i scanned it. It has been reduced to 9 items. I don't know why But i saved the logs without removing the scanned items. And it gave me the same thing. I don't know what you are talking about. I will post it in my next post. Sorry if it isn't what you wanted. I've no idea what you want. I did what it says. I typed in mbam.exe /developer and it gave my malwarebytes a strange number, but i still scanned.
  10. Ok, but i uninstalled Winzip, does it matter if i don't zip it up?
  11. Argh, isn't that what i just did. Nonetheless, fine. But is it ok if i dont zip it up. Thx
  12. Oh, you want me to post it too? 1st post is the attachment. Here is the post: -------- Malwarebytes' Anti-Malware 1.43 Database version: 3478 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18865 2/1/2010 11:08:41 PM mbam-log-2010-01-02 (23-08-39).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 223918 Time elapsed: 13 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. -------
  13. I did, it's all set and attached?
  14. Took me awhile to get all the things done. Well, it's here. NOTE : I dont know if i did it correctly. I never ever zip a file b4 =( ............ Tell me how it goes. THX. i want to know if it is REALLY false positive. mbam_log_2010_01_02__23_08_39_.zip
  15. UPDATE : Did e-recovery back to factory default. Now scanning with Malwarebytes. Same thing, "infection" Same infection, saved logs, now what do i do? Thx
  16. Same thing! E-recovery to factory default. Infected with 8 things, probably the false positives, Now still scanning, going to look at the "infected" files later on.
  17. Thx for the reply, I am sorry for posting so much things in anger because i was too paranoid =( Forgive me and accept my apologies. =) I feel so so so much less nervous now. BUT, i wonder why MBAM did not detect all these false positives on that computer in the past when it doesn't have Acer stuffs. Nonetheless, i have another question, please answer it, thx =) In the past when i downloaded MBAM, i can download it from malwarebytes.org itself. But now, it redirects me to 2 other websites, and i can't download from malwarebytes.org anymore. http://download.cnet.com/Malwarebytes-Anti...&tag=button And another website which i can't get to anymore, even after clicking the download. lol Is it something wrong? If it's not, which is the other site? =P
  18. Uhhh, i was told to post here. So here goes. ---------------------------------------------------------- Malwarebytes' Anti-Malware 1.43 Database version: 3468 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18865 1/1/2010 6:49:34 PM mbam-log-2010-01-01 (18-49-25).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 250192 Time elapsed: 26 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. --------------------------------------------------------------------------- These scanned results was right after i e-recovered my computer with acer e-recovery. Er, as i was too paranoid, i did another e-recovery, still on the way to finish. (On another PC) So er, i can't do anything on that PC now. Seems to be from Acer though. More info here, http://www.malwarebytes.org/forums/index.php?showtopic=35187 Thx.
  19. Argh, you should've said it earlier, i just did the acer e recovery again, if you want, i can do a scan after the recovery, but i know it'll be the same. Lots of acer computers come with them, after i read them from the web 10 minutes ago. I was pretty scared as it was the first time my computer got a virus, i am very very careful and only visit legit sites. The only thing i got was from flashdrives. It looks like acer has too much thingies in them. Look at this http://www.computerhope.com/forum/index.php?topic=73024.0 Brand new acer computer, full of things which MBAM detected, i guess from acer too.... Nonetheless, e recovery going to be done.
  20. Argh, now norton people are also saying that it's false postive, gurus at norton. Who am i to trust? Even someone with a NEW acer PC, with almost the same things detected as me. Read this http://community.norton.com/norton/board/m...thread.id=90925 And read the link on my post. How similar? Thanks. Note : I use Acer Desktop windows vista home premium 64 bit. I just did acer e recovery when i scanned with malwarebytes. And those 10 things came out. Please, who am i to trust? Norton or you? Thx.
  21. Please look at this, http://community.norton.com/norton/board/m...id=94467#M94467 Norton had green light for me. Why did malwarebytes report all these bad things for me. --------------------------------------------------------------- Malwarebytes' Anti-Malware 1.43 Database version: 3468 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18865 1/1/2010 6:49:34 PM mbam-log-2010-01-01 (18-49-25).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 250192 Time elapsed: 26 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. -------------------------------------------------------------
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.