Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

how do you know what is legit / what is malware


  • Please log in to reply
7 replies to this topic

#1 Tenkillsmore

Tenkillsmore

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algonquin Highlands Ontario Canada
  • Local time:09:42 AM

Posted 17 January 2013 - 11:58 AM

Hello, sorry if this topic is here already, I tried every key word I could think of with no luck. Can someone point me to the post if there is one or tell me how to know what is malware and what is legit on the list after running malware bytes scan program. Thanks.

Edited by boopme, 17 January 2013 - 10:11 PM.
Moved from Am I Infected to AntiVirus, Firewall and Privacy Products and Protection Methods


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:42 AM

Posted 18 January 2013 - 05:27 AM

Hello and Welcome -
The only way that anyone can see is if you Copy / Paste the particular log for someone to see.

If you open Malwarebytes, along the top is a Logs tab, click on that and open the particular dated log that you wish to have someone look at.

A "blind" diagnosis is not available without seeing what it is that you refer to -

Thank You -

#3 Tenkillsmore

Tenkillsmore
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algonquin Highlands Ontario Canada
  • Local time:09:42 AM

Posted 18 January 2013 - 07:58 AM

Hello, thanks for the reply, I understand no one can tell me what is good/bad with out seeing the scan results of a particular scan. I should of asked my question more clearly, I was looking for info on how to learn the difference myself, having to come to a site and pester someone to help me is not some thing I like to do. But right now I am stuck, so I will get the scan a.s.a.p. and post it. I see I messed up and posted in the wrong section, which section should I post the scan results? Again thanks for your time.
P.S. there is no sarcasim or flipancy intended in any of this post.

#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:42 AM

Posted 18 January 2013 - 03:50 PM

Hello -
I think that you have understood my reply very well, and we will never treat a request for help lightly.

If you think that you may have a infection still, or wish to post a series of requested logs, please post in the Am I Infected area of the forum with the MBAM logs.
However if you only wish for a simple opinion first, you can post one log here for a reply, and we will try to explain the log.

Malwarebytes logs are not very long, so you can just post the full one that concerns you at this time, and we will give you more instructions if needed.
If you wish for more directions, please always ask us -

Thank You -

#5 Tenkillsmore

Tenkillsmore
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algonquin Highlands Ontario Canada
  • Local time:09:42 AM

Posted 19 January 2013 - 07:51 AM

Hello, thanks for your help, here is what I am looking at. I did a full scan the first time but I did nothing with the results as I did not know what to do. I just did a quick scan for the info, it is the same result as the full scan



Database version: v2013.01.18.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
War Pig :: DEATHTOY [administrator]

Protection: Enabled

1/19/2013 7:35:23 AM
MBAM-log-2013-01-19 (07-40-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243794
Time elapsed: 3 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{A666CBF9-6A04-43A1-AB7C-945FC8B6F055} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E62A18AC-1B05-4FFD-AE09-8C4B23AD6948} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{4E639460-8FC4-45B2-A13C-8BA6FD5478C7} (PUP.MyWebSearch) -> No action taken.
HKCR\VRQScanner.VRQDll.1 (PUP.MyWebSearch) -> No action taken.
HKCR\VRQScanner.VRQDll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr (PUP.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr\3.bin (PUP.MyWebSearch) -> No action taken.

Files Detected: 1
C:\Program Files\NortonVRQ\Engine\5.0.0.22\VRQScanner.dll (PUP.MyWebSearch) -> No action taken.

(end)

#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:42 AM

Posted 19 January 2013 - 03:31 PM

Hi -
That item is a minor infection that can / should be removed from your computer. It is often included in emails or "drive by" range of infections.
Usually the first idea you have of it is an extra tool-bar at the top of your screen, or you are informed by most Antimalware programs -

This Page Will give you a basic idea of the programs / Toolbar that is included with MyWebSearch - Do not install all the programs listed, as you already have one to remove it.
Any item listed as a PUP means it is a Potentially Unwanted Program and can always be removed.

After you read the listed page, visit Control Panel > Programs and Features, to try and remove it from there also.

Thank You -
EDITED to add link - > What are Potentially Unwanted Programs (PUPS)?

Edited by noknojon, 19 January 2013 - 05:51 PM.


#7 Tenkillsmore

Tenkillsmore
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algonquin Highlands Ontario Canada
  • Local time:09:42 AM

Posted 20 January 2013 - 06:09 AM

Ok, thanks for all your help, it is appreciated.

#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:42 AM

Posted 20 January 2013 - 04:48 PM

Hi -
You are more than welcome - Happy to help you -

If there are any other questions, you can list them under your Operating System (Vista), or select any suitable area of the forum -

Regards -




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users