Jump to content

Help please, i need to know!


Recommended Posts

Please look at this,

http://community.norton.com/norton/board/m...id=94467#M94467

Norton had green light for me. Why did malwarebytes report all these bad things for me.

---------------------------------------------------------------

Malwarebytes' Anti-Malware 1.43

Database version: 3468

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18865

1/1/2010 6:49:34 PM

mbam-log-2010-01-01 (18-49-25).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 250192

Time elapsed: 26 minute(s), 40 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken.

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken.

-------------------------------------------------------------

Link to post
Share on other sites

  • Staff

Greetings and welcome :)

Those do appear to be false positives, I believe those files and entries are related to Google. You can add Hijack.DisplayProperties to the Malwarebytes' Anti-Malware Ignore list because under Windows Vista and Windows 7 that is the default setting, and therefore is normal and safe. As for the others, please refer to this post: Read before reporting a false positive!

and post the info here: False Positives so that the staff can have a look and correct the issue.

Thanks :)

Link to post
Share on other sites

Greetings and welcome :)

Those do appear to be false positives, I believe those files and entries are related to Google. You can add Hijack.DisplayProperties to the Malwarebytes' Anti-Malware Ignore list because under Windows Vista and Windows 7 that is the default setting, and therefore is normal and safe. As for the others, please refer to this post: Read before reporting a false positive!

and post the info here: False Positives so that the staff can have a look and correct the issue.

Thanks :)

Argh, now norton people are also saying that it's false postive, gurus at norton.

Who am i to trust?

Even someone with a NEW acer PC, with almost the same things detected as me.

Read this

http://community.norton.com/norton/board/m...thread.id=90925

And read the link on my post.

How similar?

Thanks.

Note : I use Acer Desktop windows vista home premium 64 bit.

I just did acer e recovery when i scanned with malwarebytes.

And those 10 things came out.

Please, who am i to trust?

Norton or you?

Thx.

Link to post
Share on other sites

  • Staff
Please, who am i to trust?

Norton or you?

I'd say both considering I and Norton both said these appear to be false positives. Please update Malwarebytes' and do another Quick Scan and if they show up again then please follow the instructions in my previous post so that the developers can take a look at why it was detected and correct it.

Thanks :)

Link to post
Share on other sites

I'd say both considering I and Norton both said these appear to be false positives. Please update Malwarebytes' and do another Quick Scan and if they show up again then please follow the instructions in my previous post so that the developers can take a look at why it was detected and correct it.

Thanks :)

Argh, you should've said it earlier, i just did the acer e recovery again, if you want, i can do a scan after the recovery, but i know it'll be the same.

Lots of acer computers come with them, after i read them from the web 10 minutes ago.

I was pretty scared as it was the first time my computer got a virus, i am very very careful and only visit legit sites. The only thing i got was from flashdrives.

It looks like acer has too much thingies in them.

Look at this

http://www.computerhope.com/forum/index.php?topic=73024.0

Brand new acer computer, full of things which MBAM detected, i guess from acer too....

Nonetheless, e recovery going to be done.

Link to post
Share on other sites

  • Staff
Argh, you should've said it earlier
I did, right here
Those do appear to be false positives, I believe those files and entries are related to Google.
I guess you'd already started your recovery by then though :) . Either way, creating a developer log as instructed here in a new topic in this area will assist the developers in correcting this detection once and for all :) .

By the way, yes, Acer's come with TONS of stuff preinstalled :) .

Link to post
Share on other sites

I did, right hereI guess you'd already started your recovery by then though :) . Either way, creating a developer log as instructed here in a new topic in this area will assist the developers in correcting this detection once and for all :) .

By the way, yes, Acer's come with TONS of stuff preinstalled :huh: .

Thx for the reply,

I am sorry for posting so much things in anger because i was too paranoid =(

Forgive me and accept my apologies. =)

I feel so so so much less nervous now.

BUT, i wonder why MBAM did not detect all these false positives on that computer in the past when it doesn't have Acer stuffs.

Nonetheless, i have another question, please answer it, thx =)

In the past when i downloaded MBAM, i can download it from malwarebytes.org itself.

But now, it redirects me to 2 other websites, and i can't download from malwarebytes.org anymore.

http://download.cnet.com/Malwarebytes-Anti...&tag=button

And another website which i can't get to anymore, even after clicking the download. lol

Is it something wrong?

If it's not, which is the other site? =P

Link to post
Share on other sites

Thx for the reply,

I am sorry for posting so much things in anger because i was too paranoid =(

Forgive me and accept my apologies. =)

I feel so so so much less nervous now.

BUT, i wonder why MBAM did not detect all these false positives on that computer in the past when it doesn't have Acer stuffs.

Nonetheless, i have another question, please answer it, thx =)

In the past when i downloaded MBAM, i can download it from malwarebytes.org itself.

But now, it redirects me to 2 other websites, and i can't download from malwarebytes.org anymore.

http://download.cnet.com/Malwarebytes-Anti...&tag=button

And another website which i can't get to anymore, even after clicking the download. lol

Is it something wrong?

If it's not, which is the other site? =P

Same thing!

E-recovery to factory default.

Infected with 8 things, probably the false positives,

Now still scanning, going to look at the "infected" files later on.

Link to post
Share on other sites

  • Staff
Thx for the reply,

I am sorry for posting so much things in anger because i was too paranoid =(

Forgive me and accept my apologies. =)

Of course, I understand, I know how nerve wracking something like this can be. I'm fairly paranoid when it comes to computer security myself :welcome: .
In the past when i downloaded MBAM, i can download it from malwarebytes.org itself.

But now, it redirects me to 2 other websites, and i can't download from malwarebytes.org anymore.

http://download.cnet.com/Malwarebytes-Anti...&tag=button

And another website which i can't get to anymore, even after clicking the download. lol

Is it something wrong?

If it's not, which is the other site? =P

Yes, the download is available at Download.com and also from MajorGeeks :) . I believe the download page at Malwarebytes.org simply directs your browser at random to one or the other, although for me at least, it usually sends me to Download.com.

Anyway, I'm glad this is getting sorted out and that your mind has been set at ease. I'm certain that Nosirrah will assist you in getting this issue resolved and should you need anything else just post.

Thanks :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.