Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible threat?


  • Please log in to reply
9 replies to this topic

#1 sniper8752

sniper8752

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 11 February 2012 - 09:43 AM

I got this messsage, and wasn't sure what to do...
http://www.mediafire.com/imageview.php?quickkey=ezexi2moilxivmq
not sure what it means by "process name" for the first one. what does malwarebytes have to do with the printer .exe file?
also, the other ones have the process name as C:\WINDOWS\explorer.exe. And when i click on it (not opening it), or run a scan, it adds the same file. what is going on here???

could it be that some software (secunia or brother) is downloading and update, and installing it?

Edited by sniper8752, 11 February 2012 - 09:46 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:14 AM

Posted 11 February 2012 - 10:37 AM

Hello, where did you download MBAM from?
It may be an infected download if not from MBAM site or sponsored link.

It may also be... This is possibly a False positive. We should double check it before we take action.

Lets' upload this file for a second opinion on what it actually is..

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.
<filepath>suspect.file

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/


NOTE:
For submission to a specific anti-virus vendor see Submitting Virus Samples: How to Submit a Virus.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 11 February 2012 - 02:17 PM

I actually bought it, from Circuit city. I know i got it from a safe site.

I had another post on here about i think it was, avast! calling intel bluetooth a threat... hahah weird!

i am getting this error for both when attempting to upload the .exe: http://www.mediafire.com/imageview.php?quickkey=l80v5uae6ebnhf4

Edited by sniper8752, 11 February 2012 - 02:23 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:14 AM

Posted 11 February 2012 - 04:30 PM

Hmm,what is the operating sytem?

Try to Take OWNERSHIP
Right click on the windows folder.

Goto properties.

Goto security

Goto advanced

Click on your username

Tick take ownership

Hit OK, if asked say all files and subfolders.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 11 February 2012 - 07:45 PM

there is a problem. the file size is 142 MB.

it's windows 7 by the way.

Edited by sniper8752, 11 February 2012 - 07:49 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:14 AM

Posted 11 February 2012 - 08:16 PM

I find no info on those files. Why do you say MBAm is related to your printer?
as they are infection did you quaratine/delete/remove them?
If so does MBAM work after?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 12 February 2012 - 05:36 PM

i use to click on properties for it, and avg would pop up. also, when i scanned it, it said it was malicious.
malwarebytes has always worked. not sure what was going on the the malwarebytes thing. i think i will just delete it, and hopefully that fixes the issue.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:14 AM

Posted 12 February 2012 - 09:07 PM

Quarantine it if you have that option, It cannot hurt the PC from there.

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility. Mbam clean
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here. http://www.malwarebytes.org/mbam-download.php
Note: You will need to reactivate the program using the license you were sent.
Note: If using Free version, ignore the part about putting in your license key and activating.
Launch the program and set the Protection and Registration.
Then go to the UPDATE tab if not done during installation and check for updates.
Restart the computer again and verify that MBAM is in the task tray and run a Quick Scan and post that log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 12 February 2012 - 09:57 PM

i installed it right from the disk. it seems to run fine.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:14 AM

Posted 12 February 2012 - 10:09 PM

Cool !! If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users