Jump to content

Conflicting info via Google as to Good/Bad catches by MBAM newest


ShyWriter

Recommended Posts

Hello;

Wondering if the following 3 items (shown as 3 worms) are false positives or actual threats. They are currently quarantined per MBAM detection with database shown. Not picked up by SAS, Emisoft AM or MBAM previous to newest version of MBAM.. The "pmmig.exe" is supposedly the Pale Moon browser importer. The 2 "registry worms" are 50/50 on various sites as to good or bad. :unsure:

Steve :: PROTEUS-ONE [administrator]

Protection: Enabled

4/10/2012 13:22:28

mbam-log-2012-04-10 (13-22-28).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 525037

Time elapsed: 2 hour(s), 27 minute(s), 22 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 2

HKCR\Typelib\{8C2B40D2-963F-4307-AD3E-44A17D530D67} (Worm.Agent) -> Quarantined and deleted successfully.

HKCR\Interface\{1551601C-141C-4499-9C05-557CA1440A05} (Worm.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\Steve\Downloads\pmmig.exe (Worm.Agent) -> Quarantined and deleted successfully.

(end)

Thanks in advance!

Steve

Link to post
Share on other sites

Rich,

Newer database updates must have fixed whatever was causing PMMIG.EXE to be detected as a worm by MBAMPro...

Sorry for the uncertainties about it.

Also VT gave it a clean sweep as well:

Virus Total

https://www.virustotal.com/file/b0e18cf70a7f22343d4b5998722a8edd8b7899e974e87f1cb09b3d41c4bfb301/analysis/1334112365/

SHA256:b0e18cf70a7f22343d4b5998722a8edd8b7899e974e87f1cb09b3d41c4bfb301

File name: pmmig.exe

Detection ratio: 0 / 42

Analysis date: 2012-04-11 02:46:05 UTC ( 1 minute ago )

You can close and lock this thread; thank you for your patience.

Steve

Link to post
Share on other sites

Ok Rich;

I put the pmmig.exe from the Recycle Bin back in its original location and UN-quarantined the 2 "worm" registry entries and put them back; rebooted, updated and ran a scan.

All is goot!

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.12.01

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Steve :: PROTEUS-ONE [administrator]

Protection: Enabled

4/12/2012 01:08:18

mbam-log-2012-04-12 (01-08-18).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 254189

Time elapsed: 14 minute(s), 39 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Look very, VERY good..

Thanks for the quick work on the definition fixes. :)

Steve

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.