Author Topic: Malwarebytes log  (Read 10000 times)

0 Members and 1 Guest are viewing this topic.

Saty

  • Guest
Malwarebytes log
« on: September 14, 2009, 06:59:08 PM »
hello forum!

ive been experiencing iexplorer lockups for the past couple days, so i ran malwarebytes, and it found 4 items...........can someone tell me what they are? i tried searching for the .dll files but nothing really came up.

thank you

Saty


Objects scanned: 237350
Time elapsed: 38 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Microsoft Works\cpitv11.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\Microsoft Works\pibase11.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\SWSetup\MSWorks\PFiles\MSWorks\cpitv11.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\SWSetup\MSWorks\PFiles\MSWorks\pibase11.dll (Rogue.Installer) -> Quarantined and deleted successfully

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Malwarebytes log
« Reply #1 on: September 14, 2009, 10:24:01 PM »
They look like they might be false positives to me.

See if you can extract them from quarantine and send them to VirusTotal.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

YoKenny

  • Guest
Re: Malwarebytes log
« Reply #2 on: September 15, 2009, 02:06:38 AM »
Post a complete Malwarebytes log as you have edited the important header information out.

Saty

  • Guest
Re: Malwarebytes log
« Reply #3 on: September 15, 2009, 09:05:14 AM »
ok, sorry, here is the complete log with header info....

i didnt send anything to virus total yet, Ill probably need some step by step instruction on how to go about doing that.

thanks again

Malwarebytes' Anti-Malware 1.41
Database version: 2795
Windows 6.0.6002 Service Pack 2

9/14/2009 12:40:51 PM
mbam-log-2009-09-14 (12-40-51).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 237350
Time elapsed: 38 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)


Files Infected:
C:\Program Files\Microsoft Works\cpitv11.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\Microsoft Works\pibase11.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\SWSetup\MSWorks\PFiles\MSWorks\cpitv11.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\SWSetup\MSWorks\PFiles\MSWorks\pibase11.dll (Rogue.Installer) -> Quarantined and deleted successfully

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Malwarebytes log
« Reply #4 on: September 15, 2009, 03:14:52 PM »
I'm with FWF here as this looks like it could be a false positive.

You can only Restore items from the Quarantine (tab in MBAM), that unfortunately places them in the original location (which isn't the best idea), just do two of them (C:\Program Files\Microsoft Works\cpitv11.dll and the other in the same folder) then upload to virustotal, see below.

Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page.

Before doing this I would suggest scanning them again with MBAM, just in case the possible FP has been corrected.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Saty

  • Guest
Re: Malwarebytes log
« Reply #5 on: September 15, 2009, 05:29:18 PM »
thank you david for your reply,

im a lil confused, i cant seem to see how to rescan the items in quarantine, so am I to restore those two files, then re run malwarebytes and see if it picks those two up again? the two being /microsoft works/ cpitdvll.dll and /microsoft works/ pibase.dll correct?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Malwarebytes log
« Reply #6 on: September 15, 2009, 05:40:47 PM »
You would have to restore them first, so restore the two files mentioned, run a Quick scan and see if they are still detected, if so upload to VT.

You have made a typo as the cpitdvll.dll doesn't match any of the MBAM detections, they are cpitv11.dll (that is a 11 and not an ll) and pibase11.dll (also with the number 11 and not ll (LL), those are the two to restore, scan and upload.

The other two in quarantine are the same file but in a different location so it is pointless uploading everything.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Saty

  • Guest
Re: Malwarebytes log
« Reply #7 on: September 15, 2009, 05:43:40 PM »
than you DavidR, will do, and yes, a typo, my bad lol

Ill update malwarebytes before doing a quickscan after restoreing those two files.

Saty

  • Guest
Re: Malwarebytes log
« Reply #8 on: September 15, 2009, 05:52:42 PM »
ok, restored those two files, updated Malwarebytes and did a quickscan, all clean! Ill restore those two other files now, and run another quick scan, for my piece of mind if for anything lol

thank you for all your help David, Kenny and FWF

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Malwarebytes log
« Reply #9 on: September 15, 2009, 06:04:34 PM »
You're welcome, saves you having to report them to MBAM as an FP ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Spiritsongs

  • Guest
Re: Malwarebytes log
« Reply #10 on: September 15, 2009, 09:08:15 PM »
 :)  Hi Saty :

 When it comes to Items in a malwarebytes log, Best to start by asking on
 the Malwarebytes Support Forums at www.malwarebytes.org/forums .

Saty

  • Guest
Re: Malwarebytes log
« Reply #11 on: September 16, 2009, 09:46:42 AM »
yes it does DavidR ;D

Ive never done it, so Im sure Ill need step by step instuctions on how to do it lol, I was stuck with norton for the last few years so this is all new to me.


SpiritSongs......

true enough, BUT,

Im comfortable with this forum and the people in it.......and ive found that there are people here quite knowledgeable in reading other logs besides avast, and are more than williing to lend a helping hand when they can. Im pretty sure if they didnt want to help with non avast issues they would say so

so Ill keep asking my questions here, until I come upon a issue that stumps everyone, which, from what Ive seen in reading the boards for the past two months religiously, rarely happens..........

but until then, please dont waste your time trying to send me elsewhere

thank you

Saty

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Malwarebytes log
« Reply #12 on: September 16, 2009, 01:36:33 PM »
Spiritsongs, many people complain that you send people elsewhere... Did you think on that? ???
The best things in life are free.