littlea Posted July 18, 2012 ID:572314 Share Posted July 18, 2012 So when i scan i always get these http://img157.imagevenue.com/img.php?image=555806847_malwarebytes_122_575lo.jpgI have removed those like over ten times, but it always finds those again. I dont even have nvidia folder on c:\. And I have looked that there is no also hidden nvidia folder (without windows api).So what are those? o.O Link to post Share on other sites More sharing options...
Staff S!Ri Posted July 18, 2012 Staff ID:572398 Share Posted July 18, 2012 HelloPlease, can you post (attach) the mbam log ? Link to post Share on other sites More sharing options...
littlea Posted July 20, 2012 Author ID:573917 Share Posted July 20, 2012 HelloPlease, can you post (attach) the mbam log ?Here is the mbam log Malwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.07.20.09Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Owner :: ÆÆÆ [administrator]21.7.2012 1:54:38mbam-log-2012-07-21 (02-06-25).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 231269Time elapsed: 6 minute(s), 43 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 1c:\nvidia\fjnwzi (Trojan.Agent) -> No action taken.Files Detected: 8c:\nvidia\dnlauncher_.dll (Trojan.Agent) -> No action taken.c:\nvidia\win2kxp\769\svchost.exe (Trojan.Agent) -> No action taken.c:\nvidia\displaydriver\ghng.ghfh (Backdoor.Agent) -> No action taken.c:\nvidia\displaydriver\regeit.dll (Backdoor.Agent) -> No action taken.c:\nvidia\displaydriver\time360.iou (Backdoor.Agent) -> No action taken.c:\nvidia\displaydriver\svchfst.exe (Trojan.Agent) -> No action taken.c:\nvidia\displaydriver\svchwst.exe (Trojan.Agent) -> No action taken.c:\nvidia\fjnwzi\svchpstb.vbs (Trojan.Agent) -> No action taken.(end) Link to post Share on other sites More sharing options...
littlea Posted August 20, 2012 Author ID:587578 Share Posted August 20, 2012 I have also scanned my pc with super antispyware, avast, comodo cleaning essentials, emsisoft antimalware, norman malware cleaner and dr. web cure it and they dont find anything. Only malwarebytes found those Link to post Share on other sites More sharing options...
TonyKlein Posted August 20, 2012 ID:587679 Share Posted August 20, 2012 No intention to hijack this thread, but I've found McAfee write-ups for each of the files detected by MBAM, in those exact locations, so these are most certainly no false positiveshttp://home.mcafee.c...key=883000#nonehttp://home.mcafee.c...key=567339#nonehttp://vil.nai.com/v...nt/v_567314.htmhttp://home.mcafee.c...aspx?key=567293http://home.mcafee.c...aspx?key=588405http://home.mcafee.c...aspx?key=730483http://home.mcafee.c...aspx?key=834387I strongly suggest you start by reading the following topic:I'm infected - What do I do now?Then start a new topic in the Malware Removal - HijackThis Logs section, and one of the analysts will come to your assistance as soon as one is available Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now