Jump to content

USBDeview....Trojan.PassThief


2Ton

Recommended Posts

USBDeview is flagged as Trojan.PassThief.

Malwarebytes' Anti-Malware 1.34

Database version: 1829

Windows 5.1.2600 Service Pack 3

3/10/2009 6:10:35 AM

mbam-log-2009-03-10 (06-10-18).txt

Scan type: Quick Scan

Objects scanned: 72153

Time elapsed: 6 minute(s), 16 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\NirSoft (Trojan.PassThief) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

-------------------------------------------

Thanks.

Link to post
Share on other sites

It wasn't detected with the latest update on my Vista system:

Malwarebytes' Anti-Malware 1.34

Database version: 1831

Windows 6.0.6001 Service Pack 1

3/10/09 8:55:40 AM

mbam-log-2009-03-10 (08-55-40).txt

Scan type: Quick Scan

Objects scanned: 54021

Time elapsed: 1 minute(s), 57 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Link to post
Share on other sites

One more added after the latest update.

Malwarebytes' Anti-Malware 1.34

Database version: 1832

Windows 5.1.2600 Service Pack 3

3/10/2009 9:53:55 PM

mbam-log-2009-03-10 (21-53-46).txt

Scan type: Quick Scan

Objects scanned: 72094

Time elapsed: 4 minute(s), 7 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\NirSoft (Trojan.PassThief) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WS2IFSL (Fake.Driver) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

adding developer log sorry:

Malwarebytes' Anti-Malware 1.34

Database version: 1832

Windows 5.1.2600 Service Pack 3

3/10/2009 10:03:58 PM

mbam-log-2009-03-10 (22-03-54).txt

Scan type: Quick Scan

Objects scanned: 72005

Time elapsed: 4 minute(s), 8 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\NirSoft (Trojan.PassThief) -> No action taken. [3857535134304144385864365451513847536454523851615248395356345138614774835280718

5]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WS2IFSL (Fake.Driver) -> No action taken. [3857535134304144385864454836344564463436414247386152585253384661368683837079853

68079858380775270856152708387746870846156521942395245]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Thanks.

Link to post
Share on other sites

On my XP Pro system:

Malwarebytes' Anti-Malware 1.34

Database version: 1832

Windows 5.1.2600 Service Pack 3

3/10/2009 6:27:57 PM

mbam-log-2009-03-10 (18-27-52).txt

Scan type: Quick Scan

Objects scanned: 67171

Time elapsed: 2 minute(s), 56 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WS2IFSL (Fake.Driver) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Matter fixed by 1833. Thanks.

Malwarebytes' Anti-Malware 1.34

Database version: 1833

Windows 5.1.2600 Service Pack 3

3/11/2009 9:27:55 AM

mbam-log-2009-03-11 (09-27-55).txt

Scan type: Quick Scan

Objects scanned: 72262

Time elapsed: 6 minute(s), 53 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.