Jump to content

Malwarebytes

Re-Occuring Trojan.Agent found on CmdLineExt02.dll

Started by amyc, Jul 30 2008 01:58 PM

2 replies to this topic

#1
amyc
Posted 30 July 2008 - 01:58 PM

    New Member

  • Members
  • Pip
  • 3 posts
I keep getting the Trojan.Agent malware found. It's not on a daily basis, but nearly every other day. System Restore is off.

It seems that I keep getting this CmdLineExt##.dll found as infected. This appears to be related to SecureROM that the RollerCoaster Tycoon 2 program uses. Interestingly enough, Sintfnt.dll was infected with Proxy.ACWD as per AVG back on 7-20-2008. AVG has not found it since.

Any thoughts on how I keep getting this? I'm at mbam 1.23 and daily update the program.

I don't know if it's related, but I'm running mbam via the command line using a batch file called by the Windows Scheduler.
@echo off
mbam.exe /runupdate
mbam.exe /quickscanterminate

Operating System : Microsoft Windows XP Home Edition
Version : 5.01.2600 Service Pack 3
AVG 7.5.523

I'm starting to suspect its laying dormant until I play the game again. Each time I play it, the scan seems to find it.

Thanks!
Amy C.

#2
JeanInMontana
Posted 30 July 2008 - 05:04 PM

    Delete this account!!

  • Honorary Members
  • PipPipPipPipPipPip
  • 3,867 posts
  • Interests:would love to see some honesty around this site.
Hi Amy and welcome to Malwarebytes. Please follow the instructions here. Then start your own topic in that same forum and someone will be happy to help you.

#3
amyc
Posted 31 July 2008 - 12:45 PM

    New Member

  • Members
  • Pip
  • 3 posts

View PostJeanInMontana, on Jul 30 2008, 01:04 PM, said:

Hi Amy and welcome to Malwarebytes. Please follow the instructions here. Then start your own topic in that same forum and someone will be happy to help you.

Thanks. I've been running Spybot S&D for a few years and am up to date on the immunizing. I don't run Tea Timer because its a memory hog.

the Active Scan was clean - no surprise since my Malwarebytes cleaned it already.

Quote

Congratulations!
Today you are not infected.
We have detected that the AVG 7.5.523 protection on your PC is enabled and up-to-date.

I've had the logs turned off in Mbytes since it was interfering with my automatic batch I'm calling.

attached are previous logs that find the same CmdLineExt problem.

I am running a licensed copy of Mbytes with the Protection Module enabled.

My main concern is that despite running the Mbytes protection, this trojan reappears every time I play the Rollercoaster Tycoon game. I'm beginning to wonder if it is a false positive?

Mbytes cleans it each time and I remain "infection free" until the game is played again.

Thanks again!

Attached Files


Back to General Malwarebytes Anti-Malware Forum · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Malwarebytes Anti-Malware Support
  3. General Malwarebytes Anti-Malware Forum

Products

About

Partners

Follow Us