Jump to content

MBAM scan says that yupdate-exec-yabrowser.exe is a trojan--seems to be a Yandex browser exe so not sure if trojan


mkb

Recommended Posts

I originally posted this in the General forum. An admin suggested I post it here because it might be a false positive.

I ran MBAM today twice. The first time was Chameleon. It found this file and flagged it as a trojan:

C:\Users\michael\AppData\Local\Temp\yupdate-exec-yabrowser.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

After reboot, I ran an MBAM full-scan and it found this file and flagged it as a trojan also:

C:\Users\michael\AppData\Local\Yandex\Updater\yupdate-exec.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

I would post the logs using Developer mode except that I already let MBAM delete the "trojans" and now my system is clean. I'm not sure if a developer mode log would help since the "trojans" are gone. Here are the logs (not developer mode), starting with the first scan (Chameleon) and then the full-scan that I ran after rebooting (the full scan found an additional file that Chameleon didn't pick up):

FIRST SCAN (CHAMELEON):

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.03.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

michael :: MICHAEL-PC [administrator]

11/3/2012 3:46:56 PM

mbam-log-2012-11-03 (15-46-56).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 199156

Time elapsed: 3 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\michael\AppData\Local\Temp\yupdate-exec-yabrowser.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

(end)

_________________________________

SECOND SCAN (FULL):

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.03.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

michael :: MICHAEL-PC [administrator]

11/3/2012 4:25:57 PM

mbam-log-2012-11-03 (16-25-57).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 358614

Time elapsed: 38 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\michael\AppData\Local\Yandex\Updater\yupdate-exec.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

(end)

mbam-log-2012-11-03 (15-46-56).txt

mbam-log-2012-11-03 (16-25-57).txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.