Jump to content

Jamin4u

Honorary Members
  • Posts

    63
  • Joined

  • Last visited

Posts posted by Jamin4u

  1. Malwarebytes' Anti-Malware 1.29

    Database version: 1292

    Windows 6.0.6001 Service Pack 1

    10/19/2008 8:20:04 PM

    mbam-log-2008-10-19 (20-19-56).txt

    Scan type: Quick Scan

    Objects scanned: 41096

    Time elapsed: 59 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 2

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 2

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dell webcam manager (Trojan.Lop.H) -> No action taken. [3857535134305383807566791545808115411301414438586445483634456446343641424738615

    24839535634513861467468838084807185615674796980888461368683837079855570838474807

    9

    6151867993113011011101111532323232323232]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\comodo firewall pro (Trojan.Lop.H) -> No action taken. [3857535134305383807566791545808115411301414438586445483634456446343641424738615

    24839535634513861467468838084807185615674796980888461368683837079855570838474807

    9

    615186799311301101111532323232323232]

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Trojan.Lop.H) -> No action taken. [3857535134305383807566791545808115411301414438586445483634456446343641424738615

    24839535634513861467468838084807185615674796980888461368683837079855570838474807

    9

    6151867993113011011101111532323232323232]

    C:\Program Files\COMODO\Firewall\cfp.exe (Trojan.Lop.H) -> No action taken. [3857535134305383807566791545808115411301414438586445483634456446343641424738615

    24839535634513861467468838084807185615674796980888461368683837079855570838474807

    9

    615186799311301101111532323232323232]

  2. Malwarebytes' Anti-Malware uses Regedit to quarantine items from the registry. This was a sort of hack that we threw together and just left since it was working so well. I plan to change that in an upcoming release.

    The protection module stops every executable from starting, interrogates it, and releases it if it is deemed clean to the database. We plan on adding multiple heuristics to the protection module soon.

    Hey RubbeR DuckY,

    I think you have a solid application with great potential.

    Thanks for the reply.

    Jamin4u

  3. I've used MBAM since it came out of Beta. I like the ease of use, and the speed of scanning. It found 4 - Adware.Hotbar in The Desktop Weather Channel program.

    I uninstalled the Desktop Weather program and rescanned with MBAM. It found two entries leftover after using Revo Uninstaller in the advanced mode.

    Registry Keys Infected:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.

    Registry Values Infected:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

    I have a host intrusion prevention system that alerted me that MBAM asked to run regedit.exe. I have other programs that edit the registry and don't have permission to use it.

    Is there a way for a program to edit the registry other than using regedit.exe?

    If so, why does MBAM choose to use regedit.exe?

    I guess this would be three questions : Can you tell me more about how the Malwarebytes' Anti-Malware Protection Module works? I'm thinking of purchasing it, and dropping my HIPS because it pops up to much.

    Thank you,

    Jamin4u

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.