Jump to content

smartdog

Honorary Members
  • Posts

    38
  • Joined

  • Last visited

Everything posted by smartdog

  1. nevermind..with the current update, it addressed it. I restored the files from quarantine and reran the scan..and nothing came up bad.
  2. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6752 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 6/2/2011 3:10:36 AM mbam-log-2011-06-02 (03-10-36).txt Scan type: Full scan (C:\|E:\|) Objects scanned: 429929 Time elapsed: 40 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\AVERY DENNISON\DESIGNPRO 5.5\TUTORIALS\SIGNTUTORIAL.EXE (Spyware.Passwords.XGen) -> Value: SIGNTUTORIAL.EXE -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\program files (x86)\avery dennison\designpro 5.5\tutorials\signtutorial.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
  3. ok great, ty for letting me know that I did a search on the machine, and the same file exists in much more important folders.
  4. yes, it's obviously an admin issue in win7 and although i have admin rights, it still does not let me reinstate the file back into the said folder
  5. My concern now is since MalwareBytes has deleted the file...I no longer have it, and I am assuming it may be an important file. And when trying to add it back it will not go back in the folder.
  6. c:\Windows\winsxs\amd64_wcf-icardagt_exe_31bf3856ad364e35_6.1.7600.16385_none_8dcc9c6f8b58a5eb\icardagt.exe (Backdoor.Bot) -> Quarantined and deleted successfully. If you look up this item on google it shows it as a system file. now the folder is empty, and I am not sure if I actually needed that file.
  7. Here's a screen pic of the actual pop up from MB.
  8. Just a quick note, I ran a quick scan and there is no issues, so don't understand why the pop up about the Trojan Downloader on this software, but a scan shows no threats. Thanks
  9. c:\program files (x86)\Bit Che\Bit_Che.exe (Trojan.Downloader) -> Quarantined and deleted successfully. Strange as this program was never bad before today. Please advise.
  10. One other question. What is this PREVX CSI site? Is it another malware scanner?
  11. I've checked my HiJack This log after running MB and I can't find anything else that is suspicious so I can pretty much be comfortable that I am safe then?
  12. I couldn't find any information about these two files. I had MB quarantine/delete them, but they must have come from something else on my computer no? Symantec hasn't picked up anything, and Malwarebytes shows me as clean now. Please advise. Thanks Malwarebytes' Anti-Malware 1.35 Database version: 1922 Windows 5.1.2600 Service Pack 3 3/31/2009 9:02:05 AM mbam-log-2009-03-31 (09-02-05).txt Scan type: Quick Scan Objects scanned: 69867 Time elapsed: 4 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\wr83877.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xwr83877.dll (Trojan.BHO) -> Quarantined and deleted successfully.
  13. This is mine after today's update: Malwarebytes' Anti-Malware 1.31 Database version: 1512 Windows 5.1.2600 Service Pack 3 12/17/2008 4:34:57 PM mbam-log-2008-12-17 (16-34-57).txt Scan type: Quick Scan Objects scanned: 51904 Time elapsed: 4 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) But...the bigger issue is that I am having problems getting the protection to load. I've posted another thread about this though. Hopefully marcin or someone will see it with a remedy.
  14. exile360: it appears that alot of us are not able to update from securitywonks server due to an error that we are getting that states: "Update failed.Make sure you are connected to the Internet and your firewall is set to allow MALWAYREBYTES ANTIMALWARE to access the internet".
  15. I am having unsuccsessful loading of the mbam protection module since today's update number 1512! This after the downtime that you were having. Any suggestions please and thank you.
  16. That would make sense as the GroupMail software that I use is a "bought and PAID FOR" version and since this thread had been started (originally by me) MBAM has been fine.
  17. Bruce: seeing as I am using the paid version of GroupMail and since the initial MBAM scan and an update of both GroupMail and MBAM..those infections have never come back again.
  18. well, seeing as I deleted the original file (secdrv.sys) from my system 32 folder and all the registry keys ..is this going to cause a problem now??
  19. Malwarebytes' Anti-Malware 1.26 Database version: 1126 Windows 5.1.2600 Service Pack 1 9/8/2008 8:30:01 AM mbam-log-2008-09-08 (08-29-54).txt Scan type: Quick Scan Objects scanned: 46403 Time elapsed: 5 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\secdrv (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\secdrv (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\secdrv (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\secdrv (Rootkit.Agent) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: D:\WINDOWS\system32\drivers\secdrv.sys (Rootkit.Agent) -> No action taken. I am curious because if I do a google search on secdrv.sys it doesn't come up as such. Please advise. and edited to add I am concerned because I let MBAM delete everything.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.