DaveM
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by DaveM
-
-
Hard to believe. I downloaded MBAM, installed, updated, and ran a quick scan. It found four files. I decided to remove/quarantine all, but it turned out three of them could not be quarantined. They were deleted on reboot. The fourth was msconfig.exe. I restored it from quarantine and submitted it to Jotti -- it came out clean. Then ran a quick scan in developer mode. Here's the log of that scan:
Scan type: Quick Scan
Objects scanned: 87434
Time elapsed: 5 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\msconfig.exe (Trojan.Agent) -> No action taken. [385753513430362761788468807971747215708970]
FP on msconfig.exe
in File Detections
Posted
Update. I ran fc and the file is identical to the one in the normal place (...pchealth\helpctr\binaries). I think it must have been flagged based on its location. Now if only I knew how a copy got put in the root directory. Probably I did it myself but when or why I have no recollection.
To the Malwarebytes wizards, sorry I wasted your time. Feel free to close this topic.