Jump to content

MBAM found Malware in Produkey, worried if something else might be infecting my PC

potterapple
 Share

Recommended Posts

potterapple

potterapple

Posted
Posted

I ran Malwarebytes Anti-Malware and it detected 2 objects which were ProduKey. I am slightly worried if my PC has been infected in any other way. I have included FRST log files and MBAM CheckResults.txt in this post. If any other diagnostic files are needed let me know I shall provide them. 

Thank you!
PS: I read the post that P2P applications should be disabled after I had run MBAM if needed I can run MBAM again. 

FRST.txt

Addition.txt

CheckResults.txt

Link to post
Share on other sites
yardbird

yardbird

Posted
Posted

                            Then Post a new topic here

 Which will take you to Malware Removal Help forum (to the right "Start New Topic")

 

 Where the experts will help you remove the infection/issue.         Thank You!    You have an issue where you need to go to the Malware Remove forum & an expert will advise you......

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Hi, @potterapple:

 

Actually, we would like very much to be able to assist you with malware cleanup.

 

However, your logs show evidence of pirated/illegal software/media.

Such items violate the forum piracy policy.

 

Even though you have already started a new topic in the malware removal section here, no further help can be provided at this time in either thread.

Both topics will be locked by the forum Moderator team.

If you would like further help, please remove/uninstall all illegal/cracked/pirated software and items from the computer.

Then, please send a PM to a form mod requesting that your topic be reopened.

 

Thanks for your understanding,

 

Link to post
Share on other sites
David H. Lipman

David H. Lipman

Posted
Posted

For potterapple and those reading this thread:
 
There are two problems here ( at least )
 
1.  Lack of information
 
2.  Misinterpretation
 
potterapple indicated that MBAM "detected 2 objects which were ProduKey" and in the subject "found Malware in Produkey" yet at no point did potterapple explain what "Produkey" is.
 
Therefore it leaves the thread open to presumption and misinformation.  If we go simply by the word ProduKey we may presume ProduKey is Nir Sofers ProduKey utility
But any file can be named anything and that is where potterapple  is providing a complete lack of information
 
Let's assume that the post was about Nir Sofers ProduKey utility.  MBAM does detect it.  However potterapple did not provide what it was detected as, or a log or log snippet or a report from Virus Total or other service.
 
However if it is Nir Sofers ProduKey utility then MBAM detects this as "PUP.Optional.ProductKeyFinder".   That is NOT a malware detection.  It was detected as a Potentially Unwanted Program ( PUP ) which is not a malware declaration.  Other vendor detections will use the declaration "hacktool" and "passview" .  Presuming we are discussing Nir Sofers ProduKey utility, the utility is not malicious.  It is a tool for recovering the Product Key of applications. Because of its nature it is not detected because it is a malicious utility but because in the hands of someone with nefarious or dubious intentions it can be used maliciously.
 
That is where the misinterpretation lies.
 

daledoc1 indicated...
 

However, your logs show evidence of pirated/illegal software/media.
Such items violate the forum piracy policy.


Software Piracy is one reason the utility is flagged.  Since it obtains application Product Keys it *may* be used to pirate software.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

2016-01-10 12:38 - 2016-01-10 14:47 - 00000000 ____D C:\Users\Tushar\Desktop\New Girl S05E01 HDTV x265[HEVC] AAC-TREGO
2016-01-10 12:37 - 2016-01-10 12:37 - 00020296 _____ C:\Users\Tushar\Desktop\[kat.cr]new.girl.s05e01.hdtv.x265.hevc.aac.trego.torrent
 

These are considered piracy and need to be removed. The software used to download them also needs to be either disabled, or removed as well in order to reopen the topic and continue to provide help.

 

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.