Jump to content

Nyphem

Members
  • Posts

    11
  • Joined

  • Last visited

Everything posted by Nyphem

  1. Yes, I'm getting this one too in a couple games, virus total saying it's clean https://www.virustotal.com/file/c9403a9d5d951629635a697487e965ed349067de205bb9b9fb4cdd3fc08af875/analysis/1349556105/ so pretty sure it's FP
  2. Just had these two pop up in my latest scan, VirusTotal says they're clean (jaureg.exe, javacpl.exe). Log and files included. mbam-log-2011-12-01 (13-52-37).txt jaureg.zip javacpl.zip
  3. To consolidate things a bit, I'd point out this is exactly that same as I'm asking about in my thread: http://forums.malwarebytes.org/index.php?showtopic=97044
  4. I've had this file flag up twice now, I've used VT and everyone else is saying it's clean. I've attached the first log it popped up in and the file. Any confirmation would be great, thanks! mbam-log-2011-10-05 (14-10-14).txt wininit.zip
  5. Awesome, again, thanks very much for the quick response.
  6. Thanks very much, so it'll be ok to restore everything from the other thread (http://forums.malwarebytes.org/index.php?showtopic=89683), Registry Keys and all?
  7. I also had these show up, along with the file in my thread.
  8. Sorry, mis-clicked, here's the file. cmdlineext01.zip
  9. Was advised to upload one of the a the files I recently had flagged here, unsure if it's a false positive or not, it (and a few others) had apparently been on my computer for a couple months, but was only picked up when I just updated to 1.51.1.1800, was also ignored by Avast and SAS.
  10. Full log Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7139 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 14/07/2011 21:52:42 mbam-log-2011-07-14 (21-52-42).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 325355 Time elapsed: 14 minute(s), 54 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 5 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{9869EFA6-18E9-11D3-A837-00104B9E30B5} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\administrator\AppData\Local\Temp\cmdlineext01.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\administrator\AppData\Local\Temp\SIntf32.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\administrator\AppData\Local\Temp\SIntfNT.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\System32\cmdlineext03.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\cmdlineext03.dll (Trojan.Agent) -> Quarantined and deleted successfully.
  11. I run Avast, MBAM and SAS (free versions) scans daily and haven't had anything but a couple of false positives on Avast since I put this computer together, but today after installing the 1.51.1.1800 version of MBAM I had 9 infections: Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{9869EFA6-18E9-11D3-A837-00104B9E30B5} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu (Trojan.Agent) -> Quarantined and deleted successfully. Files Infected: c:\Users\administrator\AppData\Local\Temp\cmdlineext01.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\administrator\AppData\Local\Temp\SIntf32.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\administrator\AppData\Local\Temp\SIntfNT.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\System32\cmdlineext03.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\cmdlineext03.dll (Trojan.Agent) -> Quarantined and deleted successfully. Now nothing had come up in any of my other scanners, and apparently c:\Users\administrator\AppData\Local\Temp\cmdlineext01.dll had been on my computer since May without being flagged, is there a chance they could be false positives? Because if not I have no idea how I became infected, because I keep all my security and programs up to date, and I use Mozilla with Noscrpit.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.