melboy

Experts
  • Content count

    333
  • Joined

  • Last visited

About melboy

  • Rank
    True Member

Contact Methods

  • ICQ
    0
  1. Hello PUP detections (Potentially Unwanted Programs) are explained here: http://helpdesk.malw...hey-be-deleted- In addition I would read the terms of use & privacy policies before downloading & installing programs. http://shopping-sidekick.com/terms.php http://shopping-sidesidekick.com/privacy.php
  2. What MBAM Pro can do is potentially block Ransomware threats on three fronts - 1. The IP of the exploit. (Website Blocking) 2. The IP of the payload. (Website Blocking) 3. The payload itself. (Filesystem Protection) Add to that the advice above to keep all your software up to date - especially those programs with browser plugins - then you stand a better chance than if you didn't have this protection.
  3. Update > Restore all & re-scan
  4. Hi TableLamp Malwarebytes' Anti-Malware (MBAM) Open Malwarebytes' Anti-Malware Click the Quarantine tab Click to Highlight the item Updater.fpi & click Restore Repeat for Speech.fpi Update & rescan
  5. Yes, I think they are all false positives. The foxit ones have been reported and confirmed to be fixed in the next update. http://forums.malwarebytes.org/index.php?showtopic=124166 The MP3.dll may well also be fixed by that update, if not, I've found a download & can attach the file and dev log. Malwarebytes Anti-Malware (PRO) 1.75.0.1100 www.malwarebytes.org Database version: v2013.03.22.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 mel :: OURS [administrator] Protection: Enabled 3/22/2013 18:20:44 MBAM-log-2013-03-22 (18-20-54).txt Scan type: Custom scan (c:\sandbox\mel\defaultbox\drive\c\program files\replay7\mp3 magic\mp3.dll|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Memory | Startup | Registry | Heuristics/Extra Objects scanned: 1 Time elapsed: 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 c:\Sandbox\mel\DefaultBox\drive\C\Program Files\Replay7\MP3 Magic\MP3.dll (Trojan.Passwords.LD) -> No action taken. [6da4c202e08bf83e154e422b88784ab6] (end) MP3.zip
  6. You can restore those too. Choose Restore all
  7. @ slack7639 The warning is not applicable in your case, it is relevant only to that user's problems in that thread. This is a confirmed false positive. Follow these instructions to restore the file. Malwarebytes' Anti-Malware (MBAM) Open Malwarebytes' Anti-Malware Click the Quarantine tab Click to Highlight the following file only: Trojan.Vilsel - 2013-03-21 - File - C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe [*]Click Restore Update mbam & re-scan.
  8. You are correct , It is still being detected after updating to Database version: v2013.03.21.14. (Now I've removed it from the ignore list )
  9. File attached. Malwarebytes Anti-Malware (PRO) 1.75.0.1100 www.malwarebytes.org Database version: v2013.03.21.13 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 mel :: OURS [administrator] Protection: Enabled 3/21/2013 20:44:26 MBAM-log-2013-03-21 (20-44-36).txt Scan type: Custom scan (c:\program files\common files\installshield\engine\6\intel 32\ikernel.exe|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Memory | Startup | Registry | Heuristics/Extra Objects scanned: 1 Time elapsed: 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKCR\TypeLib\{91814EB1-B5F0-11D2-80B9-00104B1F6CEA} (Trojan.Vilsel) -> No action taken. [4f627c479bd05dd949f1f946e71aab55] HKCR\Interface\{0BA4BA22-2EF0-11D3-88C8-00C04F72F303} (Trojan.Vilsel) -> No action taken. [4f627c479bd05dd949f1f946e71aab55] Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\ENGINE\6\INTEL 32\IKERNEL.EXE (Trojan.Vilsel) -> Data: 3 -> No action taken. [4f627c479bd05dd949f1f946e71aab55] Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 c:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe (Trojan.Vilsel) -> No action taken. [4f627c479bd05dd949f1f946e71aab55] (end) IKernel.zip
  10. I would urge you to get your system cleaned. Sirefef is a serious infection. http://www.microsoft...Win32%2FSirefef
  11. Excuse me for "butting in" I can't see it mentioned in the topic previously, but there's signs of the Sirefef rootkit (ZeroAccess) in the original DDS log. I would repost in the Malware Removal forum. http://forums.malwarebytes.org/index.php?showforum=7
  12. Wherever possible, always run mbam in normal mode, as outlined here - http://helpdesk.malw...e-in-Safe-Mode-
  13. Very sad news - matt was a real gent. RIP Matt.
  14. You're not stuck using that method, but that's the method I'd recommend. It might take a few more seconds of your time, but it's more secure.