Jump to content

sho-dan

Malware Hunters
  • Posts

    3,200
  • Joined

  • Last visited

Everything posted by sho-dan

  1. aha #31 reminds me of a few co-workers.
  2. Hello Marcin Have updated to Database version: 163 and smooth sailing all the way. Malwarebytes' Anti-Malware Version 0.68 Database version: 163 - Fingerprints loaded 8309 This logfile was saved before the removal process. Scan type: Quick Scan = 4min.36sec Objects scanned: 13937 Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 This 163 ver. is about 3mins. faster then previous 2 updates. Nice and no problems to report, outstanding work guys. Cheers
  3. Malwarebytes' Anti-Malware Version 0.68 Database version: 152 Fingerprints loaded: 8131 Scan type: Quick Scan Objects scanned: 13760 ver. 152 is faster, Quick scan times 4.min 10 sec compare to Quick scan time 7m + in ver.150 . Most excellent work I have no problems. woo hoo
  4. sho-dan

    Hello

    Welcome to Malwarebytes, Scotty. Enjoy your stay
  5. Hello nosirrah Yes, all updated and no problems. Malwarebytes' Anti-Malware Version 0.68 Database version: 141 Fingerprints loaded 7775
  6. Hello marcin Have added the AntiVir tmps' to the Ignore list and MBAM has done its job, no more AV tmps' are showing . Outstanding, a most excellent program you have, Congrats to all involved. Malwarebytes' Anti-Malware Version 0.68 Database version: 139 This logfile was saved before the removal process. Scan type: Quick Scan Objects scanned: 11703 Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  7. Hello Marcin Rogue=trustedantivirus Malwarebytes' Anti-Malware Version 0.68 Database version: 133 This logfile was saved after the removal process completed. Scan type: Quick Scan Objects scanned: 10672 Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 12 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\BrowserObjects (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuAllUsers (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuCurrentUser (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnce (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnceEx (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnce (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnceEx (Rogue.Anti.Virus.Pro) -> Quarantined and deleted successfully. Files Infected: (No malicious items detected)
  8. Hello Marcin MBAM went through this Rouge AntiSpyware like a hot knife thro butter. I've seen the AntiSpyware (Newest Rogue Threats) thread and it was recommended in a forum(I mod at) which I deleted that post outright, some people can be outright dangerous. Malwarebytes' Anti-Malware Version 0.68 Database version: 132 This logfile was saved after the removal process completed. Scan type: Quick Scan Objects scanned: 10473 Memory Processes Infected: 2 Memory Modules Infected: 4 Registry Keys Infected: 1 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 12 Files Infected: 32 Memory Processes Infected: c:\program files\antispywareapp\antispyware.exe (Rogue.Antispyware) -> Unloaded process successfully. c:\program files\antispywareapp\antispywaresrv.srv.exe (Rogue.Antispyware) -> Unloaded process successfully. Memory Modules Infected: c:\program files\antispywareapp\spycleaner.plg.dll (Rogue.Antispyware) -> Unloaded module successfully. c:\program files\antispywareapp\microsoft.vc80.atl\atl80.dll (Rogue.Antispyware) -> Unloaded module successfully. c:\program files\antispywareapp\microsoft.vc80.crt\msvcp80.dll (Rogue.Antispyware) -> Unloaded module successfully. c:\program files\antispywareapp\microsoft.vc80.crt\msvcr80.dll (Rogue.Antispyware) -> Unloaded module successfully. Registry Keys Infected: HKEY_CURRENT_USER\Software\AntiSpyware (Rogue.Antispyware) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpyware (Rogue.Antispyware) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\AntiSpywareApp (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Databases (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\FilterDrv (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Log (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.ATL (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.CRT (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpyware (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Log (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Quarantine (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Registry Backups (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings (Rogue.Antispyware) -> Quarantined and deleted successfully. Files Infected: C:\Program Files\AntiSpywareApp\AntiSpyware.exe (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\AntiSpyware.url (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\AntiSpywareSrv.srv.exe (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Launcher.exe (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\SpyCleaner.plg.dll (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\vistaCPtasks.xml (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Databases\spy.ref (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\FilterDrv\antispyfilter.amd64.sys (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\FilterDrv\antispyfilter.cat (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\FilterDrv\antispyfilter.inf (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\FilterDrv\antispyfilter.x86.sys (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Log\2007 Aug 24 - 07_48_39 AM.log (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.ATL\atl80.dll (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.CRT\msvcp80.dll (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Program Files\AntiSpywareApp\Microsoft.VC80.CRT\msvcr80.dll (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpyware\AntiSpyware on the Web.lnk (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpyware\AntiSpyware.lnk (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\DataBaseNew.ref (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\rs.dat (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Log\2007 Aug 24 - 07_48_30 AM_890.log (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Log\2007 Aug 24 - 07_48_32 AM_062.log (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Log\2007 Aug 24 - 07_52_45 AM_125.log (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings\CustomScan.stg (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings\IgnoreList.stg (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings\ScanInfo.stg (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings\ScanResults.stg (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings\SelectedFolders.stg (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\Application Data\AntiSpyware\Settings\Settings.stg (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Desktop\AntiSpyware.lnk (Rogue.Antispyware) -> Quarantined and deleted successfully. MBAM v.o68 DB 132 Quick Scan time 1m.53s. I have no problems to report in the scanning, quarantined and deleting process of MBAM. And its very fast. ps I did download antispyware.com, installed, updated and scanned my computer.
  9. mmm make that two Hardhead. Found this on a Spanish web site. http://www.feedwhip.com/feed/url/www.softonic.com/
  10. Hello Marcin I did about about hours google search for MBAM and the only info I found is the annoucement for Malwarebytes'Anti-Malware public beta 0.67. All the sites I checked, there were no downloadable links available for the MBAM file to be found, (even on a Russian site). HTH
  11. Malwarebytes'Anti-Malware public beta 0.67 Softpedia download Most excellent to see this, Marcin [links removed - no longer valid pages. AdvancedSetup]
  12. Hello Marcin I still get the AntiVir tmp. files which are produced and created by the AntiVir auto updater, manual updating does'nt create these tmps in the log. This is the manual update file preupd.exe found in the AntiVir folder, which I use now. My question is: If MBAM ignored AntiVirs update.exe file would it stop the tmps from showing up in MBAM? Thank You Malwarebytes' Anti-Malware Version 0.67 Database version: 125 This logfile was saved after the removal process completed. Scan type: Quick Scan Objects scanned: 10282 Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\temp\Upd9.tmp (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\temp\UpdA.tmp (Heuristics.Malware) -> Quarantined and deleted successfully. No problems with scanning, updating and is still very fast.
  13. Thats good to hear Jean , I went thro the same remove/reinstalled MBAM 730 error processe. Hello Marcin The Comodo popup thread is closed. If this in the wrong place, Please move it if needed. Thank You Comodo firewall users, this setup will stop the many comodo popup boxes. Click Allow for the MBAm updater, I now only get this one now. (Let me know if this works.) 0pen Comodo Firewall, on the menu page > clic Application Behavior Analysis > clic Configure in Miscellaneous > Slide the Alert Freguency Level toggle to Very Low. 1.In the 'How many alerts at a time should be displayed' box, change it to 1. 2.How long should an alert remain on the screen if left unanswered box, change to 20 sec. Option: Uncheck the 2 automatically check boxes in Program Settings. Click OK and close Cheers Edit: me so sorry, Jean
  14. Thanks Jean. It was the request part I could'nt remember
  15. Hello I removed v.067/reinstalled v.065 > reupdated to v.67 with DB124 > replaced old ref filed w/new zipped ref file. Open MBAM and did quick scan no problems, until I try to add to Ignore list and I got the Error code:730 I now get the 730 code error when opening MBAM, no problem scanning. Edit: Hope I'm not out of line with this question. Does MBAM really need a Ignore List?
  16. Hello Jean v 067 DB:123 I have that same 730 error, and the ignore list did not take. Restart mbam and got the same 730 error again, closing it not a probblem. Continue with quick scan and got this error: Runtime error "13" type mismatch, close error finish scanning. reran mbam and the 730 error showed up only.
  17. Hello Version 0.66 Database version: 120 I removed/reinstalled, updated and enabled all protection in spywareblaster, all is good. This the Quick scan 0 infections after spywareblaster process.
  18. I believe they are FP's, due DB 118 show no infection in the quick scan and updating to DB 119 and doing a Quick scan. I have 693 infections. btw, I Q/D and removed them.
  19. Hello All is well with the memory module window in safe mode. Fix OS XP PRO: mbam 0.62 to database:110 When closing the scanner welcome screen page via the close button (X), its still running in Task Manager at zero CPU usage. Re-opening MBAM I get Malwarebytes AntiMalware application is running window. Click OK to close window. Need to end task in Task Manager to exit program. This happens in safe and normal mode, before or after using the scanners. It doesnt happen at all when using the EXIT tab button.
  20. Hello Ver.061-DB 104, Ran Full scan in safe mode and the *Please wait while Memory modules are scanned* window frozed. Scanning Memory 1028 PSAPI.DLL, I was still able to run the full scan with no problems. object scanned 38852-Time 28min. no infected files. Once scan was finish I closed MBAM window and the Memory window closed. This happen only this one time. I will rerun updated full scan in safe mode tommorrow and report back.
  21. Hello ver. 061 DB103 and all is well in both Quick/Full scans. No problems with installer for newest version. Good job,guys.
  22. Outstanding gentlemen, job well done. MBAM v.60 Database 100, Quick and Full scans no problems, no bugs to report. All is well.
  23. Hello Sorry for the delay I was still getting the Avtivir tmps and I did the Q&D steps, but every time AV was updated the tmps continue to show up. The ver59 Quick scan time was 1min.36secs. So I treated MBAM as a finish product and ran ATF-Cleaner first (I do this with all scanners I use and is part of my CS in HJT log cleaning.) and no tmps to found and the ver59 Quick scan time was 54secs. woohoo very fast I follow what you posted and I got the Runtime Error 0 = Could not load English language. Did a total removal via ADD/Remove,Win.Explorer and Search and then reinstalled ver57, then updated to ver59. Ran the Qscan as stated above, no problems at all. btw I have'nt any problems with the Abort scan function. In ver59 I get a Please select at least one drive error trying to run the Full Scan now. Did the uncheck and checked drive processe and still a no go. cheers
  24. Hello Outstanding job to the developers and the malware fighters First MBAM run on my clean test machine and only thing that pop up were Avira Anti Vir updtmps. I always beta test on a clean machine before infecting it, then will run more test. I will post results back here. Malwarebytes' Anti-Malware Version 0.54 This logfile was saved before the removal process. Database version: 091 Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\temp\Upd1.tmp (Heuristics.Malware) C:\WINDOWS\temp\Upd3.tmp (Heuristics.Malware) C:\WINDOWS\temp\Upd4.tmp (Heuristics.Malware) C:\WINDOWS\temp\Upd6E.tmp (Heuristics.Malware) ps. hello Jean.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.