Jump to content

Tengil

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. The quick solution works, thanks. It seems a bit weak to identify a malware just by a start menu folder name, especially one as generic as Antivirus.
  2. It had to happen sooner or later, Mbam has turned on itself: Malwarebytes' Anti-Malware 1.41 Database version: 2934 Windows 5.1.2600 Service Pack 3 2009-10-10 07:00:10 mbam-log-2009-10-10 (07-00-04).txt Scan type: Quick Scan Objects scanned: 111873 Time elapsed: 6 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 6 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Lavasoft Ad-Aware SE Professional (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam\Logs (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\RogueRemover FREE (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Symantec Client Security (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] Files Infected: C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Lavasoft Ad-Aware SE Professional\Ad-Aware SE Manual.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Lavasoft Ad-Aware SE Professional\Ad-Aware SE Professional.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Lavasoft Ad-Aware SE Professional\Ad-Watch SE Professional.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Lavasoft Ad-Aware SE Professional\Uninstall Ad-Aware SE Professional.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam\Malwarebytes' Anti-Malware Help.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam\Malwarebytes' Anti-Malware.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam\Uninstall Malwarebytes' Anti-Malware.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam\Logs\Desktop.ini (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Mbam\Logs\target.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\RogueRemover FREE\Help.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\RogueRemover FREE\RogueRemover FREE.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\RogueRemover FREE\Uninstall RogueRemover FREE.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684] C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus\Symantec Client Security\Symantec AntiVirus.lnk (Rogue.AntiVirus) -> No action taken. [3742513051807286701534798574557483868413010649514840513446520661347985748774838 684]
  3. Greetings! The same update that caused the actskin4.ocx (Trojan.Agent) alerts also caused a NTSVC.OCX (Trojan.BHO) alert for me Malwarebytes' Anti-Malware 1.41 Database version: 2883 Windows 5.1.2600 Service Pack 3 2009-10-01 15:39:51 mbam-log-2009-10-01 (15-39-32).txt Scan type: Quick Scan Objects scanned: 113404 Time elapsed: 6 minute(s), 18 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 24 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\ntservice.control.1 (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{e7bc34a0-ba86-11cf-84b1-cbc2da68bf6c} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\Interface\{e7bc34a1-ba86-11cf-84b1-cbc2da68bf6c} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\Interface\{e7bc34a2-ba86-11cf-84b1-cbc2da68bf6c} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{e7bc34a3-ba86-11cf-84b1-cbc2da68bf6c} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{52c01a76-19e2-4a50-ae8a-38ffbccf9182} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{90f3d7b3-92e7-44ba-b444-6a8e2a3bc375} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{4921908c-7090-4d37-a6b3-fc447f08378a} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{750fc67c-0311-4391-9864-a2efed49bd28} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\Interface\{f3fc950c-7583-4377-bad8-efbeaa33273c} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{0944d16c-d0f4-4389-982a-a085595a9eb3} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{30f0d9ce-caf3-70a5-aebc-fef714d1cac6} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{3831331e-0d11-4716-871d-68f3b11d23c9} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{3dcd2bc5-8489-48ae-891f-90c8b2f19f56} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{5954ea75-9bfa-461a-bd34-cea3a861ff19} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{762ec429-1a5d-4ab8-844a-9a552e1241da} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{a506ef88-9efc-4522-bfe1-a8e886a64d80} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{a5704c37-40da-49ef-904b-97e5f5f9b1c5} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{b87799af-2ce9-4daa-93cf-65f002035369} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{bbc73c94-337c-43cc-b52c-31eb9fa34013} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{c406f816-318d-4f7d-81cb-ba93ca7b70d5} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{d2f7114a-c495-6889-0a60-630c480d9f91} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{d502d4a3-03e6-4eae-a14e-69606ca63430} (Trojan.Agent) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{ec22770d-3343-4c56-8a8d-3e560475f655} (Trojan.Agent) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\NTSVC.OCX (Trojan.BHO) -> No action taken. C:\WINDOWS\system32\actskin4.ocx (Trojan.Agent) -> No action taken.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.