Jump to content


Photo

What To Do With This?


  • Please log in to reply
8 replies to this topic

#1 Deke40

Deke40

    New Member

  • Members
  • Pip
  • 34 posts
  • Location:Texas

Posted 12 July 2011 - 09:45 PM

I brought my pc out of sleep mode and decided to run Spybot for updates and got the following from MBAM. Here is the log file also.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7089

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

7/12/2011 9:30:31 PM
mbam-log-2011-07-12 (21-30-25).txt

Scan type: Quick scan
Objects scanned: 497
Time elapsed: 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{7CA92680-F7AA-4067-B7EE-8693FB265085} (Trojan.Agent) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\GRETECH\gomplayer\GAF.AX (Trojan.Agent) -> No action taken.

I checked the folder with MSE and it says not infection.

Also ran a quick scan with MBAM and it didn't show anything but if I do a right click on the folder it comes up with the two items in the log above.

What should I do to further be sure I am not deleting clean files?

Posted Image

#2 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,846 posts
  • Gender:Not Telling

Posted 12 July 2011 - 09:47 PM

Hello, and welcome to Malwarebytes, Deke40:

Sorry to hear that your computer may be infected.
Alas, we cannot review scan logs or work on malware detection/removal in this part of the General MBAM forum.

Excellent, self-help troubleshooting info for getting MBAM to run on an infected machine can be found here.
And there are specific, self-help malware removal instructions here.

If you would like expert assistance with cleaning your system, there are 3 support options from which to choose:
  • Option 1 -- Free, Expert advice in the Malware Removal Forum
  • Option 2 -- Paying customer using MBAM PRO -- Contact MBAM Support via email
  • Option 3 -- Premium, Fee-Based Support

OPTION 1
As we don't deal with malware removal in this General Malwarebytes' Anti-Malware Forum, you need to start a topic in the Malware Removal forum so that a qualified helper can help you fix any malware related problems/infections you may have.
  • First, please print out, read and follow the directions here, skipping any steps you are unable to complete.
  • If the infection has so crippled the computer that you cannot follow most/all of the requested steps, then please just proceed as advised below:
  • Then please post a NEW topic here.
  • When posting your new thread, please make sure that, under "options", you select Track this topic and choose Immediate Email Notification, so that you're alerted when someone has replied to your post.
  • One of the expert helpers there will give you free, one-on-one assistance when one becomes available.
  • Please refrain from making any further changes to your computer such as (Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) unless advised by a malware removal helper. Doing so can result in system changes which may hinder the attempts by a helper to clean your machine.
IMPORTANT NOTE: Please DO NOT post back to ("bump") your topic within the first 48 hours.
Replying to your own posts changes the post count from zero. Helpers are looking for topics with zero replies. If you reply to your own post, helpers may think that you're already being helped and thus may overlook your post. This will only delay your obtaining assistance.

o If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
Or
o You may send a Private Message to a Moderator asking for assistance.

OPTION 2
Alternatively, as a paying customer using MBAM PRO, you can contact the help desk at support@malwarebytes.org or here.

OPTION 3
If you would like to use the Malwarebytes Premium Services (Comprehensive solutions to all your computer support needs -- from installation and set-up to troubleshooting and tune-ups), please go to the Malwarebytes Premium Services support site.

Please be patient -- someone will assist you as soon as it is possible.

Thanks very much!

daledoc1

PS: Please use the Posted Image button instead of other ones when you reply here and at the other forums, so that it will be easier to read. :)

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#3 Deke40

Deke40

    New Member

  • Members
  • Pip
  • 34 posts
  • Location:Texas

Posted 12 July 2011 - 09:51 PM

Sorry about the above image. Don't know how to delete it so here is the one that should have been there.

Attached Images

  • ScreenShot006.jpg


#4 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,846 posts
  • Gender:Not Telling

Posted 12 July 2011 - 09:53 PM

Hi, Deke40:

I think our posts may have crossed in cyberspace.

Please read my reply above. :)

Thanks!

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#5 nosirrah

nosirrah

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 5,451 posts
  • Gender:Male
  • Location:Northampton, MA USA

Posted 12 July 2011 - 10:10 PM

This may be a FP that was fixed earlier. Make sure that you have the newest update.
Bruce Harrison
Vice President of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook

#6 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,846 posts
  • Gender:Not Telling

Posted 12 July 2011 - 10:13 PM

Thanks, Nosirrah.

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#7 Deke40

Deke40

    New Member

  • Members
  • Pip
  • 34 posts
  • Location:Texas

Posted 12 July 2011 - 10:55 PM

I uinstalled my Gom Player and reinstalled and that file is still in there and still checks ok with MSE and a quick scan with MBAM but MBAM finds it when I right click for a scan.

Going to wait and see as I even uploaded the file to a scan online and it was ok.

Thanks for the info.

#8 Deke40

Deke40

    New Member

  • Members
  • Pip
  • 34 posts
  • Location:Texas

Posted 12 July 2011 - 11:17 PM

Meant to post this earlier. My bedtime has already passed. Sorry for the confusion.

Attached Images

  • ScreenShot001.jpg


#9 Deke40

Deke40

    New Member

  • Members
  • Pip
  • 34 posts
  • Location:Texas

Posted 12 July 2011 - 11:25 PM

This may be a FP that was fixed earlier. Make sure that you have the newest update.


I finally realized when you said "fixed earlier" you might be talking real recent and I hadn't done my afternoon
update. After I did the update went back and checked the file with a right click and it is ok now.

Thanks guys now I can get a good nights sleep. :D




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users