Jump to content

Trojan.Agent/Gen-Virut in Windows\installer.. misc.exe


Recommended Posts

Hi I have two computers - an HP desktop running WinXPSP3 and an HP laptop running Windows7 64bit. Both are protected by Norton Internet Security and I regularly run a full scan using Malwarebytes (normally once a week). I had some problems with a virus about 6 months ago but after full OS installs everything has been fine.

Last night Malwarebytes reported the same problem on both computers - Trojan.Agent/Gen-Virut detected in:

C:\WINDOWS\INSTALLER\{90110409-6000-11D3-8CFE-0150048383C9}\MISC.EXE

and

C:\WINDOWS\INSTALLER\{90A40409-6000-11D3-8CFE-0150048383C9}\MISC.EXE

I removed the threats and rebooted as instructed on the screen but I'm worried that my machines may have been, and may still be infected.

These files are related to MS Office 2003. Can anybody advise whether these is likely to be a false positives or is it too late now that I've removed the threats?

Any help much appreciated.

Thank you

Mike

Link to post
Share on other sites

Will do, many thanks for the quick response. I have a similar problem with a program I've created in Microsoft Visual Studio 2008. MBAM reports Backdoor.Bot.HPWGen for all versions of the EXE I've created, including those in the Recycle Bin.

I'll restore these files from quarantine too and post the log.

Thanks again,

Mike

Link to post
Share on other sites

Hi, the files from Windows\Installer had alredy been deleted so I couldn't restore from Quarantine. However my EXE created with VS2008 is still reporting a problem. Could you plese take look....

Log file and zipped EXE attached.

Many thanks

Mike

Link to post
Share on other sites

Hi, thanks for confirming the FalsePositive. I did an update last night and it MBAM downloaded a new version of the product as well as the definitions file. Is this expected behaviour? Sorry if it's a daft question but I'm very suspicious of additional downloads at the moment.

Many thanks

Mike

Link to post
Share on other sites

I did an update last night and it MBAM downloaded a new version of the product as well as the definitions file. Is this expected behaviour?

Many thanks

Mike

Hi, Mike:

Popping in only to answer your question. :)

Yes, there was a program version update a couple of days ago. The current version is 1.62.0.1300.

Malwarebytes 1.62 Released

Cheers,

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.