Jump to content

Vero44

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Yep, Virus Total comes back clean. PC Tools have not come back to me yet. Upgrading to Spyware Doctor 6 from version 5.5 flagged it as an infection. I have a test rig with 5.5 on which detects nothing (even with the hard drive mounted). Have tried lots of antivirus tools which don't pull it in as a virus either. Just wondering if the MBAM team knew of anything.
  2. Hi. I'm getting a persistent Backdoor.Agent.PBE threat on a customer's PC. File locations is c:\Windows\System32\igfxres.dll Have done a rename on this file but it still comes back. Spyware Doctor reports that it quarantines the agent on startup but this happens every startup and several times later too. The original infection came on the back of a UPS email attachment scam which the customer opened. I've done a Combofix scan and HJT logs are clean. Ran a couple of rootkit tools that come back clean. This laptop has the Intel hardware associated with the igfx files (igfxtray.exe etc) Running paid for SpyDoc 6.0.0.385 with AVG 8 free on XP Home SP3. Malwarebytes antimalware current DB1242 detects nothing. Is this a known threat or a false positive on Spyware Doctor's side?
  3. I think if you could list the installed programs (found in c:\Program Files) someone might spot the one holding off the registry change. Here's a quick way: Open notepad Copy this and paste it into the notepad window: dir c:\progra~1 > progs.txt Save the file as listprgs.bat on your desktop Double click the file to run it (make sure it's not called listprgs.bat.txt !!) This should put a file called progs.txt on your desktop Paste the contents of progs.txt back here To the mods on this forum, please feel free to edit/dump this post if you feel I'm stepping on your toes. I think this may help find the lock on the reg change if there is one though.
  4. Hi. First off congrats on a good product getting better all the time. I work 'in the field' being self-employed and owner of a PC repair business. I regularly clean viruses and spyware from customers PCs. I generally have my armoury of tools on a USB drive and have recently been surprised when adding the latest MBAM how much your product cleans off now. Antivirus XP 2008 etc were manual removal processes before so it's good to see a program touch these. A few shortcut stragglers left behind from an Antivirus XP 2008 infection: Location of shortcut = ..\All Users\Start Menu\Programs\Antivirus XP 2008 Shortcuts entitled "Register Antivirus XP 2008" and simply "Antivirus XP 2008" Not malicious as the infection was removed, but for the user to see the program 'still there' on the programs menu with its icon staring back is not great. I have lots of customers who would see that as still infected..... Anyway, great work guys. I'll be testing your latest versions out there in the malware jungle.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.