Jump to content

Spyware.Zbot.USBV false positive?


anna1

Recommended Posts

Hello.

Malwarebytes has idenfied as Spyware.Zbot.USBV a .dll file that seem legitimate to me. I do no understand whether this is a false positive or whether Spyware.Zbot.USBV is actually on my machine and is generating these fake alerts.

MBAM run as developer as per instructions. Log file pasted here and attached.

Anna

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Versione database: v2013.01.11.09

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Anna :: CITILABS-AC [amministratore]

Protezione: Attivata

11/01/2013 22:19:52

MBAM-log-2013-01-12 (00-45-28).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|)

Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM | P2P

Opzioni di scansione disattivate:

Elementi esaminati: 583863

Tempo impiegato: 2 ore, 24 minuti, 57 secondi

Processi rilevati in memoria: 0

(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0

(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0

(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0

(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0

(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0

(non sono stati rilevati elementi nocivi)

File rilevati: 4

C:\Program Files (x86)\Citilabs\Cube\salflibc.dll (Spyware.Zbot.USBV) -> Nessuna azione intrapresa. [2085a7caea811c1a236d2cc133cdd42c]

C:\Program Files (x86)\Citilabs\CubeVoyager\salflibc.dll (Spyware.Zbot.USBV) -> Nessuna azione intrapresa. [f1b4bfb28fdce94db8d8ac4131cfb947]

C:\Program Files (x86)\Citilabs\TPPlus\salflibc.dll (Spyware.Zbot.USBV) -> Nessuna azione intrapresa. [4b5a462b5a11ba7cc7c9df0ecc3444bc]

C:\Program Files (x86)\Citilabs\TRIPS32\progs\salflibc.dll (Spyware.Zbot.USBV) -> Nessuna azione intrapresa. [505595dc3734d1652f6100edd927a65a]

(fine)

MBAM-log-2013-01-12 (00-45-28).txt

Link to post
Share on other sites

  • 3 weeks later...

Hello I have got the same virus! Strange tho,came from a world of warcraft file!

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.28.02

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Michael :: MICHAEL-PC [administrator]

Protection: Enabled

1/28/2013 1:23:14 AM

mbam-log-2013-01-28 (01-23-14).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 304634

Time elapsed: 38 minute(s), 40 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Program Files\World of Warcraft\MovieProxy.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.