Jump to content
skoop

Samsung Kies False Positive?

Recommended Posts

Samsung Kies program for using with Samsung cell phones is now being reported as a trojan agent. Please check as I believe this is a false positive

Share this post


Link to post
Share on other sites

Kies stated as Trojan Agent.txt

Hello, please follow the instructions below for posting false\positive results:

http://www.malwarebytes.org/forums/index.php?showtopic=3228

This is not being detected by a scan but by the Malwarebytes protection module ( paid for version) when I try to open Kies. Did a compete scan and it does not find Kies as a Trojan Agent only when I try to open the program (Kies)does the protection moldule display.

Attached is the log and as you can see I allowed Kies to open.

Share this post


Link to post
Share on other sites

This was already submitted to the team, they're working on it. Please be patient.

Share this post


Link to post
Share on other sites

i installed kies yesterday and did a scan today (free version) and got the trojan notice.around 30 of them malware deleted them all and im curently scanning again after uninstalling kies. so far 12 issues have come up (scan nearly done) i presume its the kies again or whats left of it on my comp after uninstalling i use kaspersky and it hasnt picked up anything from kies

Share this post


Link to post
Share on other sites

can someone advise on the volume information restore at the bottom of the text. is that connected to klies false positive. i did another scan and all the kies issues were gone but the 12 info restore issues came up again. please can someone advise

below are my first and second scan logs

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6443

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

25/04/2011 21:41:08

mbam-log-2011-04-25 (21-41-08).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 214330

Time elapsed: 53 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 12

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 24

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\KiesHelper (Trojan.Agent) -> Value: KiesHelper -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\KIES.EXE (Trojan.Agent) -> Value: KIES.EXE -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\COMMON\KIES.COMMON.MEDIADB.DLL (Trojan.Agent) -> Value: KIES.COMMON.MEDIADB.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\COMMON\KIES.COMMON.PIMS.DLL (Trojan.Agent) -> Value: KIES.COMMON.PIMS.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\COMMON\KIES.COMMON.UTIL.DLL (Trojan.Agent) -> Value: KIES.COMMON.UTIL.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\COMMON\KIES.TEST.PIMS.DLL (Trojan.Agent) -> Value: KIES.TEST.PIMS.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\PLUGINS\ASTORE\ASTOREPLUGIN.DLL (Trojan.Agent) -> Value: ASTOREPLUGIN.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\PLUGINS\DEVICEHOST\SYNCPROVIDER .DLL (Trojan.Agent) -> Value: SYNCPROVIDER.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\PLUGINS\DISCRIPPING\DISCRIPPING .DLL (Trojan.Agent) -> Value: DISCRIPPING.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\PLUGINS\MUSICSTORE\MUSICSTORE.D LL (Trojan.Agent) -> Value: MUSICSTORE.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\PLUGINS\PHONEBOOK\PHONEBOOK.DLL (Trojan.Agent) -> Value: PHONEBOOK.DLL -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\PROGRAM FILES\SAMSUNG\KIES\PLUGINS\PHOTOMANAGER\PHOTOMANAG ER.DLL (Trojan.Agent) -> Value: PHOTOMANAGER.DLL -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\Samsung\Kies\kieshelper.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Kies.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.common.mediadb.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.common.pims.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.common.util.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.test.pims.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\AStore\astoreplugin.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\devicehost\syncprovider .dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\discripping\discripping .dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\musicstore\musicstore.d ll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\phonebook\phonebook.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\photomanager\photomanag er.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140299.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140340.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140342.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140344.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140346.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140614.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140636.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140641.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140649.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140650.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140651.rbf (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1086\A0140785.exe (Trojan.Agent) -> Quarantined and deleted successfully.

second log

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6443

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

25/04/2011 23:49:17

mbam-log-2011-04-25 (23-49-17).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 212387

Time elapsed: 1 hour(s), 44 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 12

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141221.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141222.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141223.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141224.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141225.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141226.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141227.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141228.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141229.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141230.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141231.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP1089\A0141232.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Share this post


Link to post
Share on other sites

These are most likely still false positives. Can you restore all the files from quarantine in mbam and zip and attach a few of the file below?

c:\program files\Samsung\Kies\kieshelper.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Kies.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.common.mediadb.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.common.pims.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.common.util.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Common\kies.test.pims.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\AStore\astoreplugin.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\devicehost\syncprovider .dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\discripping\discripping .dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\musicstore\musicstore.d ll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\phonebook\phonebook.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\Samsung\Kies\Plugins\photomanager\photomanag er.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Share this post


Link to post
Share on other sites

I have kies as well and with my version I get about 25 (just 12 if you look at it because the rest just pertain to the reg edits of those 12 files so 2 birds 1 stone deal) Infected files Would you like me to upload mine as well?

Share this post


Link to post
Share on other sites

is this system volume info restore on my malware report apart of the kies F.P? as there were 12 direct lies issues and 12 of these

Share this post


Link to post
Share on other sites

is this system volume info restore on my malware report apart of the kies F.P? as there were 12 direct lies issues and 12 of these

Maybe related since i got 24 kies results too. But Slightly different.


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6444

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

26/04/2011 6:42:47 AM
mbam-log-2011-04-26 (06-42-45).txt

Scan type: Full scan (C:\|)
Objects scanned: 344447
Time elapsed: 6 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 12
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 12

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KiesHelper (Trojan.Agent) -> Value: KiesHelper -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\KIES.EXE (Trojan.Agent) -> Value: KIES.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\COMMON\KIES.COMMON.MEDIADB.DLL (Trojan.Agent) -> Value: KIES.COMMON.MEDIADB.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\COMMON\KIES.COMMON.PIMS.DLL (Trojan.Agent) -> Value: KIES.COMMON.PIMS.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\COMMON\KIES.COMMON.UTIL.DLL (Trojan.Agent) -> Value: KIES.COMMON.UTIL.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\COMMON\KIES.TEST.PIMS.DLL (Trojan.Agent) -> Value: KIES.TEST.PIMS.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\PLUGINS\ASTORE\ASTOREPLUGIN.DLL (Trojan.Agent) -> Value: ASTOREPLUGIN.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\PLUGINS\DEVICEHOST\SYNCPROVIDER.DLL (Trojan.Agent) -> Value: SYNCPROVIDER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\PLUGINS\DISCRIPPING\DISCRIPPING.DLL (Trojan.Agent) -> Value: DISCRIPPING.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\PLUGINS\MUSICSTORE\MUSICSTORE.DLL (Trojan.Agent) -> Value: MUSICSTORE.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\PLUGINS\PHONEBOOK\PHONEBOOK.DLL (Trojan.Agent) -> Value: PHONEBOOK.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\PLUGINS\PHOTOMANAGER\PHOTOMANAGER.DLL (Trojan.Agent) -> Value: PHOTOMANAGER.DLL -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\Samsung\Kies\kieshelper.exe (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Kies.exe (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Common\kies.common.mediadb.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Common\kies.common.pims.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Common\kies.common.util.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Common\kies.test.pims.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Plugins\AStore\astoreplugin.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Plugins\devicehost\syncprovider.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Plugins\discripping\discripping.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Plugins\musicstore\musicstore.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Plugins\phonebook\phonebook.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\Samsung\Kies\Plugins\photomanager\photomanager.dll (Trojan.Agent) -> No action taken.

Below I've ziped and attached all the files in question :D

fpbank.zip

Share this post


Link to post
Share on other sites

ive done another scan now after malwarebytes deleted the system volume info restore for a second time last night and the scan came back all clear.i was advised to turn the system restore off and then back on again to stop the system restoer files from popping back up even when they have been deleted. do i still need to do this as malwarebytes hasnt detected them on a third scan or will they kepp appearing every so often if i dont

Share this post


Link to post
Share on other sites

ive done another scan now after malwarebytes deleted the system volume info restore for a second time last night and the scan came back all clear.i was advised to turn the system restore off and then back on again to stop the system restoer files from popping back up even when they have been deleted. do i still need to do this as malwarebytes hasnt detected them on a third scan or will they kepp appearing every so often if i dont

System restore will keep showing these files if you leave it on. I'm not saying you should turn off system restore but if you don't yes it will probably keep coming up as the System restore makes new restore points every day so often (I don't know if it's daily).

Share this post


Link to post
Share on other sites

I hope I am not doing something wrong - but I get the same (hopefully) false positive. It doesn't matter if I "ignore" or "Quarantine" I get it each time I start up (it started about 3 days ago).

Here is my scan log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6424

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

4/26/2011 12:58:19

mbam-log-2011-04-26 (12-57-55).txt

Scan type: Quick scan

Objects scanned: 191532

Time elapsed: 16 minute(s), 40 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 1

Registry Keys Infected: 0

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

c:\program files (x86)\Samsung\Kies\kieshelper.exe (Trojan.Agent) -> 4072 -> No action taken. [77a1f62313ed60a027e930618878a060]

Memory Modules Infected:

c:\program files (x86)\Samsung\Kies\Common\kies.common.util.dll (Trojan.Agent) -> No action taken. [1602d247758b5ea2f61a71207b85718f]

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KiesHelper (Trojan.Agent) -> Value: KiesHelper -> No action taken. [77a1f62313ed60a027e930618878a060]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\SAMSUNG\KIES\COMMON\KIES.COMMON.UTIL.DLL (Trojan.Agent) -> Value: KIES.COMMON.UTIL.DLL -> No action taken. [1602d247758b5ea2f61a71207b85718f]

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files (x86)\Samsung\Kies\kieshelper.exe (Trojan.Agent) -> No action taken. [77a1f62313ed60a027e930618878a060]

c:\program files (x86)\Samsung\Kies\Common\kies.common.util.dll (Trojan.Agent) -> No action taken. [1602d247758b5ea2f61a71207b85718f]

Share this post


Link to post
Share on other sites

Database version: 6424 <- you are 25 updates out of date, please update and then scan again.

Share this post


Link to post
Share on other sites

System restore will keep showing these files if you leave it on. I'm not saying you should turn off system restore but if you don't yes it will probably keep coming up as the System restore makes new restore points every day so often (I don't know if it's daily).

thanks ive turned my system restore off and then back on so they should all be cleared now. just doing another scan (did 2 b4 turning SR off and back on and they were both clean)

Share this post


Link to post
Share on other sites

These were f/p.. Thanks for the files. Fixed in the next update.

These can be restored or the app can be reinstalled.

Share this post


Link to post
Share on other sites

Thank You Shadowwar and other members of the Malwarebytes Team. I can confirm that this f/p has now been fixed.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.