Jump to content

Latest scan detecting paths and files that don't exist

rtdreep

By rtdreep
in File Detections

 Share

Recommended Posts

rtdreep

rtdreep

Posted
Posted

After updating my definitions today, I ran a scan, and MalwareBytes v1.75.0.1300 "found" hundreds of paths and files that it says are risks. However, even with system and hidden files showing, these paths and files simply don't exist. Here's an excerpt from the scan log, and all of these are bogus. 

 

Please advise!

 

"

c:\documents and settings\administrator\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\all users\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\azakiud\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\default user\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\dsanch6\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\esmws\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\gmatuti\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\mbrady9\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\p-inst\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\documents and settings\rdicks1\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\windows\system32\config\systemprofile\start menu\programs\windows\msn.exe (Backdoor.Agent.DC) -> No action taken.
c:\program files\javasuppot\msn.exe (Trojan.Agent) -> No action taken.
c:\windows\system\sexy.exe (Backdoor.Agent) -> No action taken.
c:\publicos windows\msn.exe (Trojan.Banker) -> No action taken.
c:\documents and settings\administrator\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\all users\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\azakiud\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\default user\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\dsanch6\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\esmws\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\gmatuti\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\k2admin\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\localservice\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\mbrady9\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\networkservice\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\p-inst\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\documents and settings\rdicks1\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\windows\system32\config\systemprofile\application data\installdir\msn.exe (Backdoor.Agent) -> No action taken.
c:\windows\system32\system 32\msn.exe (Backdoor.Bifrose) -> No action taken.
"
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:
 
Please run the following scans and post back the logs so that we can try to track down what's causing this.
 
Please create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead please attach the log CheckResults.txt file which should now be located on your desktop to your next post

Also please post the full log from the Quick Scan log.
 
Then run the following
Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.