About Malwarebytes

Sorry if im in the bad section but i just want to say that Malwarebytes is really nice and i like it with Avast! its destroy everything !!! I just installed it and its found like 3 virus. Thank you to the suggestion guy ! I feel more secure now.

What you think of my security. (Avast! 4.8 Home,Malwarebytes Free,Windows Defender(Inclued on my OS),Windows Vista Firewall (2 ways),UAC,Windows Update Automatic On)

Thank.

Mr.Agent

Looks good and I am wondering if you are French-Canadian?

I like WinPatrol as well as it is a SECURITY MONITOR that will alert you to hijackings, malware attacks and critical changes made to your computer without your permission.

It is available in French.

For sure Malware Bytes is a anti malware so i dont need WinPatrol as i got Malwarebytes :slight_smile: I gotta love this program.

Hi Mr.Agent,

But combining MBAM with SAS is even better, MBAM sitting there, and the non-resident Super Anti Spyware as an addition and your anti-spyware solution is complete. Mind to update it regularly,

polonus

Well i found MBAM,Windows Defender with Avast! more usefull.

And i got same friend that use this too. So i did say why no try. They telled me that if i got like a fake anti virus or something they will both save my cpu. So i did say Mbam is really low on ram and space so why no try it :slight_smile:

Sorry for double post but Malwarebytes find this tell me if its good to delete all or there are some false positive.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{7d5dd829-6c90-42c5-b54c-2afa82f988ba} (Rogue.Installer) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) → No action taken.
HKEY_CLASSES_ROOT\regfile\shell\open\command(default) (Broken.OpenCommand) → Bad: (“regedit.exe” “%1”) Good: (regedit.exe “%1”) → No action taken.
c:\endbuild.bat (Trojan.FakeAlert) → No action taken.

Here the virustotal of endbuild.bat http://www.virustotal.com/en/analisis/24cc61ecc8d7ca573aaf183fb2dc05d0b6100e07f6ffc97b599e4e4a14a7b81f-1246746371 is it a new trojan or something ?

Hi MrAgent,

This {3aa42713-5c1e-48e2-b432-d8bf420dd31d} is Virus Internet Antivirus Pro, it is a rogue antivirus solution, it is a fake av that threats you in to buying their solution by flag malware that is not there, if you react this will cost you for a program that does not do anything at best but worse can silently download further unwanted malware or trojans onto your computer. Still a lot of unaware users will get themselves infected because they think all pop-ups come from MS and they do not know that cybercriminals and fake av sellers have got a stronghold on trusted reputable sites now. Fix these entries and for the final one scan endbuild,bat at virustotal.com to know if that is really malcode,

polonus

Ok look at the virus scan i posted for the .bat and im really sorry for post this on the wrong section guy but well im really in panic when i got virus so i still need to post in the same thread… Sorry but next time i will post on the right section.

Please forgive me.

Thank.

Mr.Agent

Sorry for double post but i scanned again endbuild.bat with Malwarebytes and its come clear so i think all is ok now.

Thank you very mush.

A batch file (.bat) isn’t generally the problem, what the problem is, are the command lines within it used to run other files/actions (like format d:\ or delete commands, etc.) and it is these files that you need to seek out.

So a batch file in itself is inert, it needs a command to run that file, sending a ,bat file to virustotal would find nothing as it is an inert text file. It is the command lines within the file that are dangerous.

Well i run all my scanner and its didnt detect anything now. So im safe and i got great security :slight_smile:

Gratz Agent on discovering MBAM ;D.

Hi folks,

Yes the bat file would not give scanning results (you are right as one comes to think of it), it is a register find after all, well with file you think differently, alas the other findings were malcode, so I think better get rid of it.
DavidR, how do we get a second op there? Maybe Mr.Agent should fire up a fresh HJT to check:
download from here: http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

pol

It is rather unusual for a .bat file to be detected by any scanner as it is by its nature just a text file, it is the contents which can be malicious. So if the file still exists on your system you need to open it with notepad (don’t double click or you will run it) and check the contents. This will typically run commands or to run other files and it is these that you have to check out.

I don’t know if that would show anything as the actual detection with MBAM was on the actual file as there was no registry key, e.g. c:\endbuild.bat (Trojan.FakeAlert) → No action taken.

So essentially it is a check of the files contents, considering MBAM no longer considers this malware.

lol Shiw dont worry i just adding Malwarebytes with the current 1 i was having Avast! and Windows Defender. They work great together. Btw i think a Hijackthis log is no needed like MBAM said its was a FakeAlert. So if its was really a trojan he would told me its again when running the scan. But its didnt so im safe :slight_smile:

Other wise if you want i can send the file for a analysis to Avast! ? But i think its no needed.

So now i got like

Anti Virus
Anti Malware
Anti Spyware
Firewall

For secure my computer i hope its enought lol. Because i find MBAM really great to help so i heard that Windows Defender will shut down when MSE public will get out. So no problem because i will uninstall it if its shutted down. But for now im happy with all both of my protection and i dont think MBAM in addition will crash my computer. Because if its was really crashing David or any others Evangelist will told me it. But i think on my knownledge Malwarebytes Free is a on demand scan so i dont think its will conflict with Windows Defender or Avast!.

Correct me if im wrong.