Jump to content

d.a.a

Honorary Members
  • Posts

    22
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Updated and scanned today and these two were detected. I recently installed an Avermedia capture card, but literally everything on my PC is running in a sandbox, so I can't really understand what's happened here. Both files on VT: https://www.virustotal.com/en/file/6648ffa82034fbc4e3047a946c2e3baeade31127be2b3c68d37b800b8815210b/analysis/1364459114/ https://www.virustotal.com/en/file/6648ffa82034fbc4e3047a946c2e3baeade31127be2b3c68d37b800b8815210b/analysis/1364459792/ ---- Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.28.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 d :: D-PC [administrator] 28/03/2013 18:30:01 MBAM-log-2013-03-28 (18-30-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 231747 Time elapsed: 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Windows\System32\core.dll (Trojan.Agent) -> No action taken. C:\Windows\SysWOW64\core.dll (Trojan.Agent) -> No action taken. (end)
  2. The file appears to have been deleted after a restart anyway. Not entirely sure what happened... thanks.
  3. Great, thanks. Should I wait for an update before removing, if it's harmless?
  4. Updated and scanned, and this thing showed up. No changes, aside from a Microsoft mouse driver being installed. 0/43 on VirusTotal Here's a developer log and the attached file: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4733 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 2/10/2010 2:52:37 PM mbam-log-2010-10-02 (14-52-37).txt Scan type: Full scan (C:\|E:\|F:\|) Objects scanned: 494816 Time elapsed: 1 hour(s), 6 minute(s), 20 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\e8ed5f9c4648ca30b1a4c53d98d2d47dd40b4eb3.HomeGroupClassifier\353d7bb469bb4834f371bd3e7681988b\grouping\edb003B1.log (Extension.Mismatch) -> No action taken. [88F127E9D8648C4D95FD86711C18BD28] edb003B1.rar
  5. Attached here. killer.rar
  6. Here you are: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4412 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/08/2010 7:08:54 PM mbam-log-2010-08-10 (19-08-54).txt Scan type: Full scan (C:\|) Objects scanned: 244320 Time elapsed: 26 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files (x86)\Last.fm\killer.exe (Worm.Koobface) -> No action taken. [66CBB64F59FA91A344C805C779E2D549]
  7. I haven't scanned since around August 6th, today I updated (the 10th), and this thing showed up. Did you fix it in the recent update or has something gone wrong with my MBAM? Thanks!
  8. 2Ton, try updating -- it shouldn't be detected with the latest updates.
  9. Yep.. as you can see there were some issues earlier, so let us hope this one is resolved quickly too!
  10. This issue appears to be fixed, but after scanning with 1820, wextract. exe is flagged as "Trojan.Vundo". Developer mode log: Malwarebytes' Anti-Malware 1.34 Database version: 1820 Windows 5.1.2600 Service Pack 3 3/5/2009 7:33:45 PM mbam-log-2009-03-05 (19-33-41).txt Scan type: Quick Scan Objects scanned: 58181 Time elapsed: 1 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\wextract.exe (Trojan.Vundo) -> No action taken. [5253514247403034173621171717182334393639392422172539391822352118181717171822373 61917251717363636363636363636362535393922222535383625182437173635181717171717172 4 22181725202437181717172422173425202437182139382422172120203617383518253939242218 2 13939242218173939242217363939242217253939202234173621171717183939182235361818171 7 171822373619]
  11. I've attached an image from when I click 'jump to location'. Seems it's to do with Process Explorer.
  12. Have just detected the same one -- you guys have "Process Explorer" installed? I'm inclined to believe that it may be related to the "take over taskmgr.exe" feature of it.
  13. Malwarebytes' Anti-Malware 1.34 Database version: 1792 Windows 5.1.2600 Service Pack 3 2/22/2009 2:44:54 PM mbam-log-2009-02-22 (14-44-54).txt Scan type: Quick Scan Objects scanned: 18664 Time elapsed: 10 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  14. Testing now. Why do you think this has occurred after the installation of Sandboxie? I guess chances are it isn't even related and I'm scanning at the wrong time, haha! Thanks again.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.