Lucie
-
Posts
45 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Lucie
-
-
The june 13 kb was a malicous software removal tool that runs once on your comp when downloaded according to m.s. i guess thats why its not in the add/remove section as its not exactly an update??
-
Ok thanks just seen your reply about the update agent
-
Thanks. i dont think im ibfected as ive done scans and had a look on google just was wanting some advice.
should the update agent show in the add/remove section. it shows as installed in the update view installed update section. same with the kb890830 update from june 13
also to add the june 4th update kb2718704 does show in the add/remove sections. read before with some updates that they over ride others so the updates that are over ridden dont show in
add/remove section
just abit concerened that even though the update agent update from june 19 and june 13 update kb 890830 show in my windows check whats been installed section they dont show in add/remove. personally i have no idea if every update should show in add/remove or only some do
-
Thanks could you advise about my last question. as i never even knew till recently about some updates appearing in the add/remove section
-
Thanks. i dont think im ibfected as ive done scans and had a look on google just was wanting some advice.
should the update agent show in the add/remove section. it shows as installed in the update view installed update section. same with the kb890830 update from june 13
-
Ive looked through m.s forums and it seems to be ok interms of when the two updates were installed and the time inbetween and also re the activex update. as others on m.s boards had this update message aswell.
-
if the possible problem happened on my comp around 16th was i protected from the june 4th KB2718704 update? or was there still a problem with m.s security until the update agent was updated on the 19th?. trying to work out if there was a chance it could have been something bad on the 16th but because the update agent update didnt happen until the 19th did it leave me with a possible risk? or am i ok becasue of the update from the 4th june?. seems strange that M.S did an critical update on the 4th june but then left it till the 19th to update the agent if the problems were connected.
thanks for your help
-
ok ive checked my comp and i have the update KB2718704 installed on the 4th june . from googling that tells me that was the patch that was released on june 3rd to correct the security issue in regards to flame.
can you advise as to what the update agent update was for.was it also inrelation to flame?
-
Yes i have the update agent from the 19th. my concern is if i had the problem around the 16th then the update wasnt installed until the 19th. i will be able to chrck my comp in a few mins so will look for the update and come back
-
Looking on google the update agent is diff from the one put out on the third june which was kb2718704 which was put out because of this security issue.
I think the possible problem with the axtivex happened around the 16th. i clicked to check for updates and as normal it checks to make sure u have the right activex it said i didnt and the
download came up.. is this how flame was causing issues?
-
I see the update for this problem came out on june 3rd but as i cant get on my comp at the mo i cant see if the patch was installed then or in the the june 12th update as some articles say the update was sent then and there was only an advisory on the 3rd.
-
Does mbytes free scanner detect the virus flame that was been installed by a fake microsoft certificate. as some reports say some
antivirus dont detect it because the a.v thinks its come from microsoft when infact it hasnt. bit concerned as i had a activex update when checking for microsoft updates around the middle of june and after abit of googling its got me concerned. ive scanned several times with kaspersky and mbytes and nothing has come up and the comp is working fine
-
-
Does a full scan scan more objects than if im just doing a quick scan
-
I use kaspersky internet security for real time protection and scan with the mbam free version ontop.i scanned earlier today and it only took 1 hour 20 so sometimes it takes a whiel and is very slow so i have to abort and start again and sometimes its quick
-
thank you. i did a scan and it said i had version 1.60.1.1000 so i guess i have the updated version. although it took over 6 hrs to scan! sometimes it takes 2-3 hrs then if its quick it can take 1.5hrs rarely does it take this long. although MB is quite tempremental with my comp and sometimes freezes when scanning. i guess cause my comp is quite old?
-
I just have the basic free download. after i downloaded the new version or thought i had and then updated it said the updates were 23 days out of date though. so it must be a diff version as i just updated the database befire i downloaded the new version
-
Sorry this version being the pro version? do you only get that if you pay for it
-
Is this version just for the paid and not free version? i updated via the link from the news bit on the scanner but i still seem to be using the old one
-
Thanks subs.
-
No need to do a full scan. Just right navigate to the folder - c:\program files\Java\jre6\bin\
Right click on it and have mbam scan it.
Now that I see your log, there's no need to do the scan. I can confirm it's the same false positive which we fixed earlier.
thanks alot. could you tell me what the system restore is and thats a f.p aswell along with the dropper in the windows
-
i started scanning around lunch time. it was updated then. took 4 hrs to scan so i guess i need to update it again to stop the false positive below is what came up
Files Infected:
c:\program files\common files\Java\java update\jaureg.exe (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\program files\Java\jre6\bin\javacpl.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\program files\Java\jre6\bin\javacpl.exe (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007511.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007512.exe (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007566.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007582.rbf (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\javacpl.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.
-
Hi -- I had MBAM block javacpl.exe this morning, identifying the 'Trojan.Dropper' also -- is this related?
i had trojan dropper today in java and also in system restore when ive scanned early this afternoon. system restore is a false positive aswell?
-
Thanks
flame virus
in Malwarebytes for Windows Support Forum
Posted
Thank you for your help. its very much appreciated