Jump to content

Kristov

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Rich, Thanks for the ultra prompt reply - excellent work.
  2. Hi, My full system scan today (Saturday 22 March 2014) on my XP Pro SP3 desktop revealed several PUP updater reqistry items now dealt with but also the following reported trojan which I believe to be a false positive:C:\WINDOWS2\system32\dllcache\cfgwiz.exe (Trojan.FakeMS). When checked on the VirusTotal website, the file was reported only by Malwarebytes out of a total of 5 different scans. I have attached the file in zipped form cfgwiz.zipfor checking. Thank you.
  3. Hi sUBs, This is to confirm that, since running the update for Malwarebytes and then completing a full system scan, IZArcZip.dat previously reported asTrojan.Ransom, Converber.exe previously reported as Trojan.Injector and PhotoFiltre7\StudioEN.plg previously reported as Trojan.Ransom, are no longer reported. We can now say that this particular issue is resolved. Thank you for your efforts, regards Kristov.
  4. Hi sUBs, Thanks for getting back so quickly and for the reassurance your comment has given. Best regards.
  5. My System is Windows XP Pro SP3 with all crucial Windows updates. Today's (Saturday 03 November 2012) regular weekly manual scan of my system reported three possible trojans. All items have been scanned by other anti-malware software and have not been reported and Malwarebytes, before today's update prior to the scan, has not reported them. I have attached the logfile and zipped files of the reported files. Thank you. mbam-log-2012-11-03 (12-48-45).txt Converber.zip IZArcZip.zip StudioEN.zip
  6. Hi Maurice, As I said, in my previous reply to you, I would run the MBAM-clean sequence and then download and install Malwarebytes. I have now done this and am pleased to report that all went well and Malwarebytes is up and running properly on my system. I have just completed a full system scan (took about 1 hour 35 minutes which is not bad for my system) and this ran smoothly without problems and finding no suspect files. Thanks for your help, the problem for me is resolved. I hope the others posting here have their issues resolved with equal efficiency. Regards and Happy New Year.
  7. Hi Maurice, No, I did not run the MBAM-clean sequence. I will do as you suggest and report back. Thanks.
  8. Additional information to my previous post: Since posting, I have checked the Event Viewer which reports the following that may be of interest: Event Viewer information: Faulting application mbam.exe, version 1.60.0.59, faulting module mbamcore.dll, version 1.60.0.52, fault address 0x00060ae0 Data (Bytes): 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 46 61 69 6c ion Fail 0010: 75 72 65 20 20 6d 62 61 ure mba 0018: 6d 2e 65 78 65 20 31 2e m.exe 1. 0020: 36 30 2e 30 2e 35 39 20 60.0.59 0028: 69 6e 20 6d 62 61 6d 63 in mbamc 0030: 6f 72 65 2e 64 6c 6c 20 ore.dll 0038: 31 2e 36 30 2e 30 2e 35 1.60.0.5 0040: 32 20 61 74 20 6f 66 66 2 at off 0048: 73 65 74 20 30 30 30 36 set 0006 0050: 30 61 65 30 0d 0a 0ae0.. Data (Words); 0000: 6c707041 74616369 206e6f69 6c696146 0010: 20657275 61626d20 78652e6d 2e312065 0020: 302e3036 2039352e 6d206e69 636d6162 0030: 2e65726f 206c6c64 30362e31 352e302e 0040: 74612032 66666f20 20746573 36303030 0050: 30656130 0a0d
  9. I have also experienced similar problems to those previously reported in this topic. My system is Windows XP Professional SP3 running AVG 2012 Free anti-virus and Outpost Firewall 2009. I update and then run a Malwarebytes (free version) scan every Saturday. Today (Saturday 31 December 2011), I ran the updater which installed the latest version (1.60.0.1800)on my PC. Immediately the program crashed generating a Windows error and asking if I wished to report to Microsoft. It seems that neither my firewall nor anti-virus application were a cause of the Malwarebytes problem. I uninstalled Malwarebytes and then reinstalled it but the problem persisted. I have now uninstalled Malwarebytes and cleaned the registry of all the Malwarebytes references that I could find. I now await a fix for the problem before I reinstall Malwarebytes which, up to now, has been a useful and valuable part of the security on my system. Presumably news of the progress of this issue will be issued in this forum topic so I shall monitor the posts with interest.
  10. Hi David and Shadowwar, Thanks for your related links and clear explanation relating to my post. I don't think there was anything sinister in the CNET file as I was given the option not to install the unwanted bits but, as this option could easily have been missed and the unwanted items installed, I shall look for other sites for items such as GMER in future.
  11. Hi, I downloaded an application from the CNET site. Initially the site provides an exe file that must be run to obtain the installer for the required application (in this case, GMER). It is the initial file that Malwarebytes identified as a PUP Adware downloader. I feel sure that the file is ok - it was picked up neither by my AVG 2012 anti-virus software background operation nor its full system scan. The appropriate files are attached. Thanks. cnet2_rt60ln90_exe.zip mbam-log-2011-12-24 (12-57-21).txt
  12. Hi Shadowwar, Thank you for your post. After the next update, should I restore the affected registry keys or are they surplus anyway? Since quarantining them, my system has not developed any odd behaviour but I do not know if they are important for any applications I have not used since Malwarebytes reported them as Trojans. Any advice would be much appreciated. Thanks.
  13. Hi Lucie, Yes, thanks for that link - as well as the recent reports, I was also able to find references to the same false positive occurring a few months ago. It seems odd that it was resolved then but has cropped up again after an update. If I understand correctly, the reporting of possible malware by Malwarebytes that is found only in registry keys and not linked to other folders on the system, suggests it is the residue of something cleared by anti-virus software previously and is in itself harmless. AVG Anti-Virus 2011 has not reported anything for many months so I am a little puzzled but I have, however, quarantined the affected registry keys anyway. If after a few weeks of no system problems, I will delete them entirely.
  14. Thanks for your reply Lucie and the link to the related set of posts. I use AVG 2011 Free on my system and do full system scans every weekend followed by a Malwarebytes scan. AVG has not picked up anything for months and neither has Malwarebytes until today when I scanned immediately after updating. I notice that the threats/false positives mentioned, in the posts you kindly directed me towards, were sometime ago (last April in one case), so it is strange that previous Malwarebyte scans did not find anything on my system (false or otherwise) as I am sure the registry keys detected this time are not new.
  15. Hi, The attached logfile shows what I believe to be a false positive but for the time being I have quarantined the suspect keys. I would be grateful for any reassurance that this is indeed a false positive. If it is not, is my system now safe that the keys are quarantined and should deletion be my next step. Thanks. mbam-log-2011-07-23 (13-38-22).zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.