Jump to content

adware.agent found and removed


Recommended Posts

I found it too and am trying to figure out where it came from.

I scanned with MalWare Bytes this morning and picked it up, these are my logs:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.17.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

End User :: ENDUSER-VAIO [administrator]

11/17/2012 10:39:32 AM

mbam-log-2012-11-17 (10-39-32).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 324007

Time elapsed: 38 minute(s), 10 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VAIO Satisfaction Survey.3.0 (Adware.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Program Files (x86)\Sony\VAIO Survey\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.

(end)

I deleted the files from Quarantine, scanned with HitManPro (found nothing), and scanned again with MWB the second time. Logs here:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.17.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

End User :: ENDUSER-VAIO [administrator]

11/17/2012 11:29:26 AM

mbam-log-2012-11-17 (11-29-26).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 323800

Time elapsed: 21 minute(s), 36 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

False positive, hidden well, or did I kill it?

Link to post
Share on other sites

Hi, guitarguy:

It's generally advisable to start a separate topic in these sorts of situations, since the MBAM detection on your system might be different from that on the OP's computer. :)

IOW "adware.agent" might have been detected in a completely different file from the one in which it was detected on the OP's computer.

Having said that, it's possible that it was/is a False Positive on a Sony VAIO help file.

If you've already deleted the file from the Quarantine, it may be impossible to tell.

For future reference, here are the steps for reporting a possible false positive: READ BEFORE REPORTING A FALSE POSITIVE!

And here is the FP forum sub-section in which they ought to be reported: False Positives

The MBAM engineers will analyze the file & the virustotal results, determine if it's a FP and, if it is, correct it.

Without submitting the actual file, it will be ~impossible for them to determine that.

(FYI: files in the MBAM Quarantine cannot harm your computer. So, it's generally quite safe to leave them there -- at least for a day or so -- in order to make sure that it's not a FP and to make sure that removing the file in question doesn't negatively impact your computer's performance. If either of those turns out to be the case, the file can be restored from the Quarantine. Once you've deleted it from there, it's gone.)

HTH,

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.