Jump to content

edge

Members
  • Content Count

    18
  • Joined

  • Last visited

Community Reputation

0 Neutral

About edge

  • Rank
    New Member
  1. I not sure if this is the right forum for a false positive with Kaspersky AV 8.0.0.454. I am running KAV 8.0.0.454 and did the manual update for MBAM 1.37 . KAV reports suspicious activity: MBAB-setup is trying to download driver in a hidden way. What choices in KAV : Allow or Add to Exclusions? I would assume Quarantine and Terminate are not the correct choices.
  2. What would be the best way to confirm a false positive? Run a HJT log? The latest MBAM database 1851 give this same results and I did not changed the security notifications prior to the scan . When I checked the security center after the MBAM scan I found Windows firewall enabled, which I then disabled.
  3. I have two entries after a scan for Hijack.Security Center as below. What do these entries mean? Will it change the registry if I remove? I am running a Kaspersky AV 2009 and Online Armor Firewall. I found the Windows Firewall on, which should be off with OA FW. Malwarebytes' Anti-Malware 1.34 Database version: 1849 Windows 5.1.2600 Service Pack 2 Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDis
  4. I rescanned with def update Database version: 1821 and the system came up clean. When I first detected this on the previous def, the only action MBAM gave was removal. Does this put the file in quarantine or delete it? If it deletes, how do I quarantine first? Thanks
  5. Malwarebytes' Anti-Malware 1.34 Database version: 1820 Windows 5.1.2600 Service Pack 2 3/5/2009 10:59:02 AM mbam-log-2009-03-05 (10-58-33).txt Scan type: Quick Scan Objects scanned: 68231 Time elapsed: 2 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected:
  6. I re-ran the scan after restoring the boot.ini file with the same data base and with an updated database and both showed no infection was found. I did a deep scan with KAV no infection was found. Should I conclude this a false positive with the MBAM 1782 database as in other forum threads? Is there anything else I should try? Thx.
  7. After the first run I have the boot.ini quarantined, but as stated in previous posts the system will not boot without this file. I restored the boot.ini file and ran MBAM in developer mode as in first scan. This second scan no infection was found . MBAM 1.34, database version 1782, fingerprints 70193. mbam_log_2009_02_20__14_36_15_.txt mbam_log_2009_02_20__14_36_15_.txt
  8. I have the boot.ini quarantined, but as stated in previous posts the system will not boot without this file. Should I restore this file until we are sure it is not a false positive? If not, how do I create another boot.ini. I am running MBAM 1.34, database version 1782, fingerprints 70193. Thanks
  9. After the install, I receive an error during the reboot : mbamext.dll unable to register DLL/OCX. I was running Online Armor firewall during the reboot. I allowed the process is-K1PHD.EXE to run, but the firewall didn't allow is-K1PHD.EXE to start regsvr32.exe. MBAM version is 1.24, but don't think it installed correctly. I rebooted a second time and there was no error. Is there a way to complete the install by starting is-K1PHD.EXE and allowing to run with the firewall off? Or do I need to reinstall MBAM? Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.