Jump to content

Kajisight

Members
  • Posts

    18
  • Joined

  • Last visited

Everything posted by Kajisight

  1. Sorry that it took me a while to reply, I changed the value in the registry and the tooltip now appears when stuff is blocked. I feel a lot safer now since it's able to tell me now right when it blocks something, thank you so much for the help.
  2. OS: Windows XP Home Edition I tried going to "http://iptest.malwarebytes.org/" to test it, the log shows it blocked it but I never saw an alert. I even left it trying to open the page for a minute just in case.
  3. I just recently started using the protection module, an for some reason the tooltip balloon never appears when it blocks something. I can see in the log that it did block something, it just never warns me.
  4. I just updated to 2907, the loop looks like it's gone.
  5. I have database version 2905 and when I click update it downloads an then says "The database was successfully updated from version 2905 to version 2905.". If I click update again it does same thing, is this just my pc or is there something wrong?
  6. Thank you so much for replying, knowing I'm not the only one made me feel better. Anytime a scan picks up something my heart skips a beat lol.
  7. I just right clicked actskin4.ocx an scanned it with MBAM but it found nothing, why would the quick scan find it but not the manual file scan?
  8. i just ran a quick scan and it found 19 infections, I then ran the scan in the developer mode. Malwarebytes' Anti-Malware 1.41 Database version: 2880 Windows 5.1.2600 Service Pack 2 9/30/2009 10:15:29 PM mbam-log-2009-09-30 (22-15-27).txt Scan type: Quick Scan Objects scanned: 92798 Time elapsed: 1 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 17 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{3831331e-0d11-4716-871d-68f3b11d23c9} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\TypeLib\{90f3d7b3-92e7-44ba-b444-6a8e2a3bc375} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\Interface\{4921908c-7090-4d37-a6b3-fc447f08378a} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\Interface\{750fc67c-0311-4391-9864-a2efed49bd28} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\Interface\{f3fc950c-7583-4377-bad8-efbeaa33273c} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{0944d16c-d0f4-4389-982a-a085595a9eb3} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{3dcd2bc5-8489-48ae-891f-90c8b2f19f56} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{52c01a76-19e2-4a50-ae8a-38ffbccf9182} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{5954ea75-9bfa-461a-bd34-cea3a861ff19} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{762ec429-1a5d-4ab8-844a-9a552e1241da} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{a506ef88-9efc-4522-bfe1-a8e886a64d80} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{a5704c37-40da-49ef-904b-97e5f5f9b1c5} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{b87799af-2ce9-4daa-93cf-65f002035369} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{bbc73c94-337c-43cc-b52c-31eb9fa34013} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{c406f816-318d-4f7d-81cb-ba93ca7b70d5} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{d502d4a3-03e6-4eae-a14e-69606ca63430} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] HKEY_CLASSES_ROOT\CLSID\{ec22770d-3343-4c56-8a8d-3e560475f655} (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\actskin4.ocx (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\actskin4.ocx (Trojan.Agent) -> No action taken. [4054423730538380756679153472707985130192202520182020187014176918181421241823142 5241869142325712067181869192068269413014739] I uploaded the actskin4.ocx file to VirusTotal, here's the link to the results.(Only 1 scanner on VirusTotal found something, it was eSafe that detected "Win32.Flooder.IM.VB." Since just 1 at VT found it, it prolly is a FP?)
  9. Updated and then restored the file that was in quarantine, an scanned after doing that and it all came up clean. Thanks for the quick replies guys, you guys are so fast when it comes to fixing FPs.
  10. Thank you for posting! I feel so much better knowing I'm not the only one, should we wait for a reply before we let MBAM take it out of quarantine an back to where it was.
  11. I scanned my computer with MBAM and it found nothing, I had Database version: 1708 at the time and it found nothing. Then I clicked update after the scan an let it up so scanned again an it found this. Malwarebytes' Anti-Malware 1.33 Database version: 1709 Windows 5.1.2600 Service Pack 2 1/30/2009 1:16:40 PM mbam-log-2009-01-30 (13-16-40).txt Scan type: Quick Scan Objects scanned: 50705 Time elapsed: 3 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\drivers\beep.sys (Trojan.Patched) -> Quarantined and deleted successfully. I let MBAM remove it an let it reboot like it said. After the reboot I scanned again and it found nothing, should I be clean now if it's not a FP?
  12. Trend Micro Housecall 6.5 is saying C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe is infected with JOKE_AGENT.
  13. Updated to the newest version and everything is fine now. You guys are really fast when it comes to fixing FP, keep up the great work.
  14. It wouldn't let me upload it, it told me "Upload failed. You are not permitted to upload this type of file". I figured it's because of it being a .exe so I put it in a compressed zip folder. _is3.zip _is3.zip
  15. Sorry that I didn't read the "Before reporting" thread before posting the above, I will post what it told me to. Malwarebytes' Anti-Malware 1.28 Database version: 1229 Windows 5.1.2600 Service Pack 2 10/4/2008 7:58:19 PM mbam-log-2008-10-04 (19-58-17).txt Scan type: Quick Scan Objects scanned: 44833 Time elapsed: 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Blake\Local Settings\Temp\_is3.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is4.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is5.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is6.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is7.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is93.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_isF7.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is1.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is11.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is1C.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is1D.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is2.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539] C:\Documents and Settings\Blake\Local Settings\Temp\_is23.exe (Rogue.Installer) -> No action taken. [5253514247405230518072867015427984856677777083130126232025211301192217171917172 12517361917211717222022222223222425353918382519361726171717172020373525353638222 0 22202334182323341726382538371724171717172535193736362320212117172334172639392423 1 72139393722222022173939182236252321212117172535212320252520392517212422212122202 2 20233419192334171825353638382536201724171717172535212317363539]
  16. I updated to DB 1229 and ran a quick scan an found this. Malwarebytes' Anti-Malware 1.28 Database version: 1229 Windows 5.1.2600 Service Pack 2 10/4/2008 7:32:38 PM mbam-log-2008-10-04 (19-32-36).txt Scan type: Quick Scan Objects scanned: 44708 Time elapsed: 1 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Blake\Local Settings\Temp\_is3.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is4.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is5.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is6.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is7.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is93.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_isF7.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is1.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is11.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is1C.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is1D.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is2.exe (Rogue.Installer) -> No action taken. C:\Documents and Settings\Blake\Local Settings\Temp\_is23.exe (Rogue.Installer) -> No action taken. I uploaded each file to VirusTotal an they all came back clean, since they all came back clean should I just ignore it?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.