Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Zfsearch, ugh.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Zfsearch, ugh.

Unread postby Katana » February 13th, 2009, 7:32 pm

Do you have the MBAM log I requested ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Advertisement
Register to Remove

Re: Zfsearch, ugh.

Unread postby MessianicLegacy » February 14th, 2009, 11:10 am

Sorry:

Malwarebytes' Anti-Malware 1.33
Database version: 1714
Windows 5.1.2600 Service Pack 3

14/02/2009 15:09:24
mbam-log-2009-02-14 (15-09-24).txt

Scan type: Full Scan (C:\|)
Objects scanned: 246811
Time elapsed: 1 hour(s), 47 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\tversity media server (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\TVersity\Media Server\TVersityConfigWizard_1_0.exe (Trojan.Downloader) -> Not selected for removal.
C:\Program Files\TVersity\Media Server\uninst.exe (Trojan.Downloader) -> Not selected for removal.
C:\Program Files\eMusic Download Manager\winamp_plugin.exe (Trojan.Downloader) -> Not selected for removal.
C:\Qoobox\Quarantine\C\WINDOWS\system32\userinit.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
MessianicLegacy
Active Member
 
Posts: 10
Joined: January 24th, 2009, 7:15 pm

Re: Zfsearch, ugh.

Unread postby Katana » February 14th, 2009, 11:32 am

Before reporting a false positive, we need to save a log in developer mode. This will allow us to figure out how the false positive came to be. Simply follow these directions.

1. Click the Start Menu.
2. Click Run.
3. Type in "mbam.exe /developer", without the quotes.
4. Run the same type of scan you did before and save the logfile and post it.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Zfsearch, ugh.

Unread postby NonSuch » February 20th, 2009, 1:52 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 31 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware