1. #1
    Mechagnome Punisher's Avatar
    Join Date
    Dec 2012
    Location
    Québec
    Posts
    569

    Unhappy Malwares byte detect a bad thing =(

    Here is the log

    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.02.24.06

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Samuel Yvon :: SAMUELYVON-PC [administrator]

    Protection: Disabled

    2013-02-24 16:00:56
    mbam-log-2013-02-24 (16-00-56).txt

    Scan type: Full scan (C:\|D:\|E:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 336254
    Time elapsed: 19 minute(s), 29 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Windows\AutoKMS\AutoKMS.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.

    (end)
    What do I need to do?
    I want to be sure that this shit is out of my computer !
    My first build:
    Storage: Kingston SSD Now V200+ 120G and WD Caviar Blue HDD 500 G
    Processing Units: i5-3570k @ 3.8 Ghz cooled by 212 Evo and MSI Twin Frozr 3, R7850 @ 900, 1200
    Mobo, Ram, PSU Gigabyte Z77-D3H and G.Skill ripjaw 2x 4G with XFX 550w
    If I am unreadable, its not because I hate grammar, its because Im french-canadian

  2. #2
    Have malware bytes remove it, this may require a restart (malware bytes will let you know)

    afterwards run another full scan on your comp to make sure its gone.

    Malware-bytes is pretty good at killing stuff you should be fine.

    Slaying 8bit dragons with 6 pixel long swords since 1987.
    [Pokemon Y Friend Code: 1521-3726-7197]

  3. #3
    That is from cracking office (autokms.exe)

  4. #4
    Quote Originally Posted by Diesta View Post
    That is from cracking office (autokms.exe)
    Yup. Also, it says that it quarantined it and deleted it.
    Kuroiwolf - 90 Brewmaster Monk
    Youtube Account Twitch TV
    Computer: Intel I7-3770k @ 4.5GHz | 16GB 1600MHz DDR3 RAM | AMD 7970 GHz @ 1200/1600 | ASUS Z77-V PRO Mobo|

  5. #5
    Mechagnome Punisher's Avatar
    Join Date
    Dec 2012
    Location
    Québec
    Posts
    569
    Rebooted, gonna rescan, I flushed the file in the quarantine

    My cousin gave me a hacked version of office 2010 =(
    I think its from there ^^

    (Of course uninstalled it)
    Running a Fsecure online scanner too
    (My normal av , avast ,saw nothing in a scan)
    My first build:
    Storage: Kingston SSD Now V200+ 120G and WD Caviar Blue HDD 500 G
    Processing Units: i5-3570k @ 3.8 Ghz cooled by 212 Evo and MSI Twin Frozr 3, R7850 @ 900, 1200
    Mobo, Ram, PSU Gigabyte Z77-D3H and G.Skill ripjaw 2x 4G with XFX 550w
    If I am unreadable, its not because I hate grammar, its because Im french-canadian

  6. #6
    Quote Originally Posted by PunisherQc View Post
    Rebooted, gonna rescan, I flushed the file in the quarantine

    My cousin gave me a hacked version of office 2010 =(
    I think its from there ^^

    (Of course uninstalled it)
    Running a Fsecure online scanner too
    (My normal av , avast ,saw nothing in a scan)
    Anti-virus / malware programs often detect software crack / hacks as being trojans. If that's the case then it was probably nothing harmful to your system just a false positive.

    Slaying 8bit dragons with 6 pixel long swords since 1987.
    [Pokemon Y Friend Code: 1521-3726-7197]

  7. #7
    Mechagnome Punisher's Avatar
    Join Date
    Dec 2012
    Location
    Québec
    Posts
    569
    Really? Don't knew this, anyway flushed it , gonna re-install my legit office 2007 =P
    My first build:
    Storage: Kingston SSD Now V200+ 120G and WD Caviar Blue HDD 500 G
    Processing Units: i5-3570k @ 3.8 Ghz cooled by 212 Evo and MSI Twin Frozr 3, R7850 @ 900, 1200
    Mobo, Ram, PSU Gigabyte Z77-D3H and G.Skill ripjaw 2x 4G with XFX 550w
    If I am unreadable, its not because I hate grammar, its because Im french-canadian

  8. #8
    Yeah, it was most likely a false positive. Malwarebytes doesn't like cracks/keygens etc.

  9. #9
    Mechagnome Punisher's Avatar
    Join Date
    Dec 2012
    Location
    Québec
    Posts
    569
    Yeah, but Caution is the mother of safety =P

    I have a little question, if mb would not have been able of deleting it, would reinstalling windows would have been a solution?
    My first build:
    Storage: Kingston SSD Now V200+ 120G and WD Caviar Blue HDD 500 G
    Processing Units: i5-3570k @ 3.8 Ghz cooled by 212 Evo and MSI Twin Frozr 3, R7850 @ 900, 1200
    Mobo, Ram, PSU Gigabyte Z77-D3H and G.Skill ripjaw 2x 4G with XFX 550w
    If I am unreadable, its not because I hate grammar, its because Im french-canadian

  10. #10
    Reinstalling windows is always a last-resort unless you already wanted to do it, and just didn't bother before.

  11. #11
    Quote Originally Posted by PunisherQc View Post
    Yeah, but Caution is the mother of safety =P

    I have a little question, if mb would not have been able of deleting it, would reinstalling windows would have been a solution?
    Malware bytes / any other good program can kill most things dead. However every once in a while you get something really bad that can be a pain in the ass to get rid of, in those cases yes I would recommended just reformatting your system and re-installing. But it's a last resort sort of thing.

    Slaying 8bit dragons with 6 pixel long swords since 1987.
    [Pokemon Y Friend Code: 1521-3726-7197]

  12. #12
    Mechagnome Punisher's Avatar
    Join Date
    Dec 2012
    Location
    Québec
    Posts
    569
    It was just a question ^^ I always thought it was a myth

    I'll post the new MB scan result in few mins

    ---------- Post added 2013-02-24 at 05:02 PM ----------

    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.02.24.06

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Samuel Yvon :: SAMUELYVON-PC [administrator]

    Protection: Enabled

    2013-02-24 16:48:43
    mbam-log-2013-02-24 (16-48-43).txt

    Scan type: Full scan (C:\|D:\|E:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 332402
    Time elapsed: 12 minute(s), 41 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
    I can breath now!

    Thx for your help =) much appreciated
    My first build:
    Storage: Kingston SSD Now V200+ 120G and WD Caviar Blue HDD 500 G
    Processing Units: i5-3570k @ 3.8 Ghz cooled by 212 Evo and MSI Twin Frozr 3, R7850 @ 900, 1200
    Mobo, Ram, PSU Gigabyte Z77-D3H and G.Skill ripjaw 2x 4G with XFX 550w
    If I am unreadable, its not because I hate grammar, its because Im french-canadian

  13. #13
    you should get open office. its free.
    i5-3570K 4.2GHz :: Cooler Master Hyper 212 EVO :: ASRock Z75 Pro3 :: Corsair XMS3 8GB :: Crucial M4 256GB :: Radeon HD 7870 XT :: NZXT Source 210 (Black) :: XFX 550W 80 PLUS Bronze Certified :: Microsoft Windows 7 Home Premium ::

  14. #14
    https://www.virustotal.com/en/ this is the best way to check suspect files, they even have an add-on to right click, send to virus total
    checks multiple anti-virus solutions

  15. #15
    Mechagnome Punisher's Avatar
    Join Date
    Dec 2012
    Location
    Québec
    Posts
    569
    Quote Originally Posted by Xecks View Post
    you should get open office. its free.
    I hate open office =(

    But I'll use google docs =P

    Quote Originally Posted by fatalwario View Post
    https://www.virustotal.com/en/ this is the best way to check suspect files, they even have an add-on to right click, send to virus total
    checks multiple anti-virus solutions
    Yeah but malwares byte deleted the file b4 I could scan it =(
    My first build:
    Storage: Kingston SSD Now V200+ 120G and WD Caviar Blue HDD 500 G
    Processing Units: i5-3570k @ 3.8 Ghz cooled by 212 Evo and MSI Twin Frozr 3, R7850 @ 900, 1200
    Mobo, Ram, PSU Gigabyte Z77-D3H and G.Skill ripjaw 2x 4G with XFX 550w
    If I am unreadable, its not because I hate grammar, its because Im french-canadian

  16. #16
    and in case of a format don't go with the awfull format of windows but just smash either bootandnuke on it or killdisk (both are included in the very valuable hiren's bootcd (that thing helped me so much at work i keep atleast one permanent copy with me :P)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •