PDA

View Full Version : Threat Detected ???



Nhashon
13-07-2012, 05:13 PM
This is urgent , my MSE security is saying pc is at risk , the virus defintions is updated but real time protection is showing a red cross . What could possibly be it , i guess a virus is trying to sneak into the system . I have used Malwarebytes to do a quick scan and here is the results .



Database version: v2012.07.13.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: USER-HP [administrator]

Protection: Enabled

13/07/2012 3:58:40 p.m.
mbam-log-2012-07-13 (15-58-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207314
Time elapsed: 3 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlko blmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Is this a virus - Registry Keys Detected: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlko blmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

and what should i do next ????

RUNNING A FULL SCAN NOW , WILL UPDATED YOU SOON WITH RESULTS.

Speedy Gonzales
13-07-2012, 05:18 PM
Looks like its a facebook addon / or toolbar (http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/what-causes-pup-funmoods-virus/1319a7c4-6111-4193-961f-14c9c344ac40?msgId=a97d50f3-1217-44df-9332-05a7a177de10)

Nhashon
13-07-2012, 05:30 PM
Hey speedy , what should i do , like i said i have run malwarebytes - quick scan , now running full scan and check chrome and internet for the fun mood ad on - none detected , have also ran CC cleaner ,what else ?????

Speedy Gonzales
13-07-2012, 05:34 PM
Pass. Might be a false positive. If you installed any Facebook addons in Chrome, uninstall it / them

Nhashon
13-07-2012, 05:38 PM
Like i said - none detected

Chilling_Silence
13-07-2012, 05:40 PM
Use this URL in Chrome:
chrome://chrome/extensions/

What have you got here?

Nhashon
13-07-2012, 05:54 PM
Hey Chilling Science - i have got avast web rep - 7.0.1456 and Website Logon 1.0

Nhashon
13-07-2012, 06:15 PM
Full Scan Results -


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.13.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: USER-HP [administrator]

Protection: Enabled

13/07/2012 4:03:57 p.m.
mbam-log-2012-07-13 (16-03-57).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 342080
Time elapsed: 1 hour(s), 6 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Chilling_Silence
13-07-2012, 07:37 PM
Disable Website Logon and see how you go. It's going to be one of those two, so just disable them and see what MSE picks up / stops detecting...

PPp
13-07-2012, 08:48 PM
Why arn't you full scanning with MSE after all thats what detected the problem

Nhashon
13-07-2012, 10:34 PM
Hey , i dont think Website Logon is harmful and i have unistalled MSE because i find it not a good protector , i have got myself an avast .

Speedy Gonzales
13-07-2012, 10:40 PM
Its probably better than Avast

icow
13-07-2012, 11:04 PM
Why arn't you full scanning with MSE after all thats what detected the problem

Because that would make sense.

wainuitech
13-07-2012, 11:43 PM
Because that would make sense. LOL nice one :lol:

From one other site:
PUP.Funmoods is a browser hijacker which may seem to be a legitimate and reliable web page which reminds Google or other well-known search systems but mostly it corrupts network connection and makes infected system unstable

Get a real antivirus, Download nod32 and do a scan with that, set it to its full operations, even if its only the trial.

Whats interesting - I'm using Esets Smart Security, ( has the firewall) and lots of sites that have removal instructions for pup.Funmoods are being blocked as they are actually attack sites, guess it working well ;)

Iantech
14-07-2012, 12:03 AM
You should have looked in the AV history to see what it had found and required action over. Dont know why you went and deleted the programme when it was doing its job and alerting you to a potential problem. :confused: Still, good luck with Avast !!

Slankydudl
14-07-2012, 12:38 AM
What it comes down to is if you want to have a computer with viruses that you dont know about or a computer with viruses that you do know about and the best virus protection is you, if you go to freegamesforever.co.ru and download battleduty modernfield 36 your going to get a virus. Wainuitech, how do you know that the AV you mention is not the virus itself DUN DUN DUUN.

Nhashon
14-07-2012, 11:15 AM
Well at the moment I have found no infections on pc , no unwanted software or addon and further pc performance much better than when I installed MSE , and avast to me looks good at the moment , I'm not saying MSE is not good . ok so I don't have to worry now . Thank you all for help .

Slankydudl
14-07-2012, 12:31 PM
wait so msse said you had a virsu so your reaction was to downgrade your virus protection until you got one that said there wasent a virus.... if it makes you happy.

Nick G
14-07-2012, 01:47 PM
wait so msse said you had a virsu so your reaction was to downgrade your virus protection until you got one that said there wasent a virus.... if it makes you happy.
I was wondering about his logic. Glad its not just me ;)

dugimodo
14-07-2012, 04:58 PM
Open MSE, go to settings, real-time protection, make sure the box is ticked?
From your description it sounds more like this is turned off rather than anything is being detected.