Jump to content

10 fales positives (UPLOAD)


tanmx
 Share

Recommended Posts

I did, it's all set and attached?

Oh, you want me to post it too?

1st post is the attachment.

Here is the post:

--------

Malwarebytes' Anti-Malware 1.43

Database version: 3478

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18865

2/1/2010 11:08:41 PM

mbam-log-2010-01-02 (23-08-39).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 223918

Time elapsed: 13 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

-------

Link to post
Share on other sites

Just post the text log in your post , no need to attach it .

Look, i've no idea what i am doing wrong. I've typed in mbam.exe /developer on "run"

But it shows me the same malwarebytes, so i scanned it. It has been reduced to 9 items. I don't know why

But i saved the logs without removing the scanned items.

And it gave me the same thing. I don't know what you are talking about.

I will post it in my next post.

Sorry if it isn't what you wanted. I've no idea what you want. I did what it says. I typed in mbam.exe /developer and it gave my malwarebytes a strange number, but i still scanned.

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.43

Database version: 3479

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

3/1/2010 1:00:07 AM

mbam-log-2010-01-03 (01-00-04).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 192803

Time elapsed: 10 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. [985FFFC484CD1BA8FEFF5342773080F7]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3]

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

Link to post
Share on other sites

It should be fixed , let me know if there is still an issue .

Hi, thx.

I am rescanning now to comfirm it.

However, why is my scan without developer thing give 10 results last time?

Please advise. Thx

-----------

Last Time

-----------

Malwarebytes' Anti-Malware 1.43

Database version: 3478

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18865

2/1/2010 11:08:41 PM

mbam-log-2010-01-02 (23-08-39).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 223918

Time elapsed: 13 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken.

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken.

---------------------------------

With developer thingie

--------------------------------

Malwarebytes' Anti-Malware 1.43

Database version: 3479

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

3/1/2010 1:00:07 AM

mbam-log-2010-01-03 (01-00-04).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 192803

Time elapsed: 10 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partner service (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken. [985FFFC484CD1BA8FEFF5342773080F7]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3]

Folders Infected:

(No malicious items detected)

Files Infected:

C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. [27A8895C583249482A03B564C346C962]

C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> No action taken. [608AEAE21B7A0F490DB0A2D3B8B23725]

--------------------------

1 items less, why?

Nonetheless, how are those 2 different?

Link to post
Share on other sites

Because you did not update to the newest defs , update and scan again .

Oh, the "Last time" means that *Before* you asked me to use the mbam.exe /developer.

I posted "10 false positves" thread right?

When i scanned with mbam.exe /developer, it's 9 false postives. Weird.

And i am saying, how do you know which log is from mbam.exe /developer and which log isn't?

The 2 logs i posted "Last time" and "Mbam.exe /developer thing" is to show that i can't find the difference. =P

Now i am scanning with the updated version of normal mbam, updated. Seems clean. Will look later.

Link to post
Share on other sites

Hey nosirrah,

There still false postive, but just lesser.

There are 2 now. But exile 360 told me one of them can be ignore, so it should be only 1 false postive.

---------------------------------------

Malwarebytes' Anti-Malware 1.43

Database version: 3485

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

3/1/2010 3:25:43 PM

mbam-log-2010-01-03 (15-25-32).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Objects scanned: 209724

Time elapsed: 11 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

----------------------------------------------------

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.