Geeks, Geeks and More Geeks
Would you like to react to this message? Create an account in a few clicks or log in to continue.


THIS FORUM IS NO LONGER ACTIVE. SORRY! DO NOT ATTEMPT TO REGISTER; YOUR REQUEST WILL NOT BE ACCEPTED.
 
PortalPortal  HomeHome  GalleryGallery  Latest imagesLatest images  SearchSearch  RegisterRegister  Log in  

 

 Malwarebytes Threats

Go down 
2 posters
AuthorMessage
wcturner
Royal Geek
Royal Geek



Number of posts : 1165
Location : Ky.
Humor : Yes
Registration date : 2009-10-26

Malwarebytes Threats Empty
PostSubject: Malwarebytes Threats   Malwarebytes Threats Empty1/22/2016, 13:26

Repa,
1. This is the first time I've found threats with this scanner...I did manage to Quarantine them but unsure what to do now....Please advise?

2. Screenshot:

Malwarebytes Threats Malwar10

3. Can you tell me if I need to do the Export option or the Clipboard option, I don't know what they do?

4. Please advise?
Thanks



Back to top Go down
Repa
Site Administrator
Site Administrator
Repa


Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/25/2016, 10:10

It looks like these are false positives. Malwarebytes has created an update to their malware definitions to fix this problem. Read the following:

https://forums.malwarebytes.org/index.php?/topic/177645-hijackhost-false-positive/

https://forums.malwarebytes.org/index.php?/topic/177652-hijackhost-malware-or-not/

Take a look at your hosts file: C:\ > Windows > System32 > Drivers > etc > Hosts

When you click on Hosts, A window will pop up asking you what application you want to use to open the file. Choose Notepad.

Scan down the file after the lines that begin with # and observe the values in the left column. You should only see 127.0.0.1. You may see the last line in the file with a # also. If you see anything else make a copy of that entire row and post it here.

Update Malwarebytes and run it again to see if you are still getting the hijack detections or not.


Last edited by Repa on 1/25/2016, 19:51; edited 1 time in total
Back to top Go down
wcturner
Royal Geek
Royal Geek



Number of posts : 1165
Location : Ky.
Humor : Yes
Registration date : 2009-10-26

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/25/2016, 17:38

Repa, thanks.... I'll get back......

I spoke too quick where do I find:
Take a look at your hosts file: C:\ > Windows > System32 > Drivers > etc > Hosts

I opened Malwarebytes but didn't see hosts file?

I assume....the following is found with hosts file also? Scan down the file after the lines that begin with # and observe the values in the left column. You should only see 127.0.0.1. You may see the last line in the file with a # also

thanks

Back to top Go down
Repa
Site Administrator
Site Administrator
Repa


Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/25/2016, 19:53

WC, C:\ > Windows > System32 > Drivers > etc > Hosts is the path on your computer to the Hosts file. I want you to open it and look in it according to my instructions above to see what is in it. As always, you click on Computer > C drive, etc until you get to the Hosts file and then click on it and follow the rest of my instructions.
Back to top Go down
wcturner
Royal Geek
Royal Geek



Number of posts : 1165
Location : Ky.
Humor : Yes
Registration date : 2009-10-26

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/26/2016, 00:24

Repa wrote:
WC,  C:\ > Windows > System32 > Drivers > etc > Hosts is the path on your computer to the Hosts file. I want you to open it and look in it according to my instructions above to see what is in it. As always, you click on Computer > C drive, etc until you get to the Hosts file and then click on it and follow the rest of my instructions.

Repa, I went to C:\ > Windows just to make sure I was doing it correctly & it appears I'm on the right track, I'll try again tomorrow if I have the time & report back here.

One more thing, I can understand your frustration with me, but, the reason I had to ask how to find the hosts thing is I've never looked up Hosts file before....
Thank You.....
Back to top Go down
wcturner
Royal Geek
Royal Geek



Number of posts : 1165
Location : Ky.
Humor : Yes
Registration date : 2009-10-26

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/27/2016, 00:37

QUOTE:
It looks like these are false positives. Malwarebytes has created an update to their malware definitions to fix this problem. Read the following:

https://forums.malwarebytes.org/index.php?/topic/177645-hijackhost-false-positive/

https://forums.malwarebytes.org/index.php?/topic/177652-hijackhost-malware-or-not/     I read both web pages....appears the folks said they are updating to a "NEWER VERSION", Is this correct?


Take a look at your hosts file: C:\ > Windows > System32 > Drivers > etc > Hosts

When you click on Hosts, A window will pop up asking you what application you want to use to open the file. Choose Notepad.

Scan down the file after the lines that begin with # and observe the values in the left column. You should only see 127.0.0.1. You may see the last line in the file with a # also. If you see anything else make a copy of that entire row and post it here.   All I saw was  127.0.0.1

Update Malwarebytes and run it again to see if you are still getting the hijack detections or not.  Does  "Update Malwarebytes" mean  Update to the newest Version of Malwarebytes  or just update the "Database Version" that I currently have, which is an older version?


When I run the scan again, do I just run a "Quick" Scan or what?

One more thing, I can understand your frustration with me, but, the reason I had to ask how to find the hosts thing is I've never looked up Hosts file before....
Thank You.....
Back to top Go down
Repa
Site Administrator
Site Administrator
Repa


Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/27/2016, 01:22

false positives are caused a fault in the database definition of the malware, not the program. Just update the database malware definitions and rerun it the same way you did when you got the threats. If it doesn't happen again, problem with malwarebytes is solved.
Back to top Go down
wcturner
Royal Geek
Royal Geek



Number of posts : 1165
Location : Ky.
Humor : Yes
Registration date : 2009-10-26

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/27/2016, 16:35

Repa,
no threats found on just completed scan....

BTW, I assume I need to delete the "hijacks" in quarantine?

thanks very much for your help!
Back to top Go down
Repa
Site Administrator
Site Administrator
Repa


Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty1/27/2016, 23:52

No problem! Yes, you can delete them.
Back to top Go down
Sponsored content





Malwarebytes Threats Empty
PostSubject: Re: Malwarebytes Threats   Malwarebytes Threats Empty

Back to top Go down
 
Malwarebytes Threats
Back to top 
Page 1 of 1
 Similar topics
-
» Malwarebytes Might Be Bad Temporarily
» SuperAntiSpyware & Malwarebytes, Spybot

Permissions in this forum:You cannot reply to topics in this forum
Geeks, Geeks and More Geeks :: Windows Computer Help :: Computer Security-
Jump to: