Jump to content

Am I clean - one trojan injector detected?

Recommended Posts

In the last day, a full scan detected one trojan: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe (Trojan.Inject). I made a screen print of the results from the scan and attached it (for what it's worth). I've attached the DDS.txt and Attach.txt files - in order to run as administrator I opened up a command prompt run as administrator and ran DDS.com from my desktop.

After detecting it, I first ignored it and sent the file to VirusTotal which showed 0/43 detecting anything (see attached). I ran the scan again in /developer mode thinking it might be a false positive and have attached the logfile generated. Afterwards I quarantined it, but thought I'd restore it to see if was detected by other scans and in case needed for further investigation. After highlighting and clicking restore several times it finally "disappeared" from the quarantine, but now it's nowhere to be found. It appears to have been deleted instead of restored as it was visible before quarantining...

I ran a full MBAM scan after the quarantine & attempted restore and all came up clean. I did try several other scans after but got the BSOD for IRQL_NOT_LESS_OR_EQUAL but chalk that up to trying to do too much at one time. Everything appears to be up and running fine since, but want to make sure I truly am clean, know if it was picked up somehow, or was an fp.

Thanks in advance!

Also meant to say I'd googled the executable and it appears this is a legitimate file, but unfortunately now can't compare it with known versions...oh and noticed I hadn't posted the VirusTotal scan (for what it's worth, lol).

Again thanks in advance for your assistance!



10-17-12 MBAM detection.rtf

mbam-log-2012-10-17 (07-05-50).txt

Virus Total scan.rtf

Link to post
Share on other sites

  • 1 month later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.