Jump to content
Sign in to follow this  
tanmx

10 fales positives (UPLOAD)

Recommended Posts

Took me awhile to get all the things done.

Well, it's here.

NOTE : I dont know if i did it correctly. I never ever zip a file b4 =(

............

Tell me how it goes. THX. i want to know if it is REALLY false positive.

mbam_log_2010_01_02__23_08_39_.zip

Share this post


Link to post
Share on other sites
I did, it's all set and attached?

Oh, you want me to post it too?

1st post is the attachment.

Here is the post:

--------

Malwarebytes' Anti-Malware 1.43

Database version: 3478

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18865

2/1/2010 11:08:41 PM

mbam-log-2010-01-02 (23-08-39).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 223918

Time elapsed: 13 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

-------

Share this post


Link to post
Share on other sites

No , you posted a regular scan , that is not what the instructions tell you to do . The instructions will allow you to produce a developers log and this will have more info in it , info we need to fix this .

Share this post


Link to post
Share on other sites
Just post the text log in your post , no need to attach it .

Look, i've no idea what i am doing wrong. I've typed in mbam.exe /developer on "run"

But it shows me the same malwarebytes, so i scanned it. It has been reduced to 9 items. I don't know why

But i saved the logs without removing the scanned items.

And it gave me the same thing. I don't know what you are talking about.

I will post it in my next post.

Sorry if it isn't what you wanted. I've no idea what you want. I did what it says. I typed in mbam.exe /developer and it gave my malwarebytes a strange number, but i still scanned.

Share this post


Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.43

Database version: 3479

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

3/1/2010 1:00:07 AM

mbam-log-2010-01-03 (01-00-04).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 192803

Time elapsed: 10 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. [985FFFC484CD1BA8FEFF5342773080F7]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3]

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

Share this post


Link to post
Share on other sites

Hello? Is there something wrong?

It looks the same as my last post... Sorry if i did something wrong.

I ran a full system scan on "mbam.exe /developer" and it still gave me this.

Anything i can do?

Share this post


Link to post
Share on other sites
It should be fixed , let me know if there is still an issue .

Hi, thx.

I am rescanning now to comfirm it.

However, why is my scan without developer thing give 10 results last time?

Please advise. Thx

-----------

Last Time

-----------

Malwarebytes' Anti-Malware 1.43

Database version: 3478

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18865

2/1/2010 11:08:41 PM

mbam-log-2010-01-02 (23-08-39).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 223918

Time elapsed: 13 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken.

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken.

---------------------------------

With developer thingie

--------------------------------

Malwarebytes' Anti-Malware 1.43

Database version: 3479

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

3/1/2010 1:00:07 AM

mbam-log-2010-01-03 (01-00-04).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 192803

Time elapsed: 10 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. [985FFFC484CD1BA8FEFF5342773080F7]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3]

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

--------------------------

1 items less, why?

Nonetheless, how are those 2 different?

Share this post


Link to post
Share on other sites
Because you did not update to the newest defs , update and scan again .

Oh, the "Last time" means that *Before* you asked me to use the mbam.exe /developer.

I posted "10 false positves" thread right?

When i scanned with mbam.exe /developer, it's 9 false postives. Weird.

And i am saying, how do you know which log is from mbam.exe /developer and which log isn't?

The 2 logs i posted "Last time" and "Mbam.exe /developer thing" is to show that i can't find the difference. =P

Now i am scanning with the updated version of normal mbam, updated. Seems clean. Will look later.

Share this post


Link to post
Share on other sites

Hey nosirrah,

There still false postive, but just lesser.

There are 2 now. But exile 360 told me one of them can be ignore, so it should be only 1 false postive.

---------------------------------------

Malwarebytes' Anti-Malware 1.43

Database version: 3485

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

3/1/2010 3:25:43 PM

mbam-log-2010-01-03 (15-25-32).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 209724

Time elapsed: 11 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

----------------------------------------------------

Share this post


Link to post
Share on other sites

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

That should also be gone now , I missed it the first time .

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.