Jump to content

Skipperl

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Updated and running again now. Any idea why all the FP's lately? Just curious.
  2. Same file in different location also passed Jotti's Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.10.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Skip :: SKIP-PC [administrator] 10/4/2012 11:27:19 AM mbam-log-2012-10-04 (11-44-22).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 82131 Time elapsed: 14 minute(s), 18 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Program Files (x86)\Atheros\libeay32.dll (Trojan.FakeAdb) -> No action taken. C:\Program Files (x86)\Gateway\WDAgent\libeay32.dll (Trojan.FakeAdb) -> No action taken. (end)
  3. Ran latest scan database and it came up with this file being infected. Has been run in the past with no problems. Core file that came with pc. Ran through Jotti's with no errors and norton as well. Jotti's malware scan Filename: libeay32.dll Status: Scan finished. 0 out of 19 scanners reported malware.
  4. See post in this forum titled: LSDriveDetect.exe and \Adobe AIR\Versions\1.0\Resources\template.exe This should answer your question.
  5. Developer log with attached zip file Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.09.24.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Skip :: SKIP-PC [administrator] 9/23/2012 11:22:35 PM mbam-log-2012-09-24 (00-02-52).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 325294 Time elapsed: 36 minute(s), 55 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{4C6E12E5-5905-4aa5-B462-E7DFC4BD75E5}\LSDriveDetect.exe (Spyware.Password) -> No action taken. [faf78be17de023138692bc0937c96f91] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe (Spyware.Password) -> No action taken. [549d6804174669cd7f99b70e7f81d22e] (end) mbam-log-2012-09-24 (00-02-52).zip
  6. File name: LSDriveDetect.exe File type: Win32 EXE Detection ratio: 0 / 43 Analysis date: 2012-09-24 03:46:16 UTC ( 0 minutes ago ) File name: template.exe File type: Win32 EXE Detection ratio: 0 / 26 Analysis date: 2012-09-24 03:52:09 UTC ( 0 minutes ago ) Both ran clean on virustotal as well.
  7. Ran MWB's (latest update) full scan tonight and got the following errors on a system that has run these same files clean for months. I also submitted them to Jotti's malware scan and they ran clean on all 9 programs. I suspect false positives. Both files came with new computer. Any advice appreciated. Rerunning in developer mode now. Files Detected: 2 C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{4C6E12E5-5905-4aa5-B462-E7DFC4BD75E5}\LSDriveDetect.exe (Spyware.Password) -> No action taken. C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe (Spyware.Password)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.