Jump to content

Recommended Posts

Hi

today  i did a regular scan with malwarebytes free just to find that a file named RTInstaller32.dat in C:\Program Files (x86)\Realtek\NICDRV_8169 is infected with Trojan.Agent.ED. This file is about 3 years old. I did about 30 scans with malwarebytes since then and it was never detected. Its also actually signed by Realtek.

Scanning with virustotal it is only detected by mbam (https://www.virustotal.com/de/file/651d47881cb400ea163cd4a800cf77e440f47b3dbd1ed8383d59c460c954b171/analysis/1386762110/). However the file information reveals the the "certificate was explicitly revoked by its issuer". Maybe thats the problem?

But i think this is a false positive due to the virustotal results.

Thanks in advance!

RTInstaller32.zip

Link to post
Share on other sites

  • 1 year later...

Yes, I'm using the latest database. Cause I've update my Malwarebytes a few hours ago.

 

Here is my scan log:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/4/2015
Scan Time: 5:00 PM
Logfile: Scan Log.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.04.02
Rootkit Database: v2015.08.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: ASUS

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347431
Time Elapsed: 20 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Trojan.Agent, C:\Windows\RTInstaller32.dat, No Action By User, [fad8838186050333532d08b242c1827e],

Physical Sectors: 0
(No malicious items detected)


(end)

 

And here the link for the zip log file: https://www.dropbox.com/s/eywvwet6im1o5a3/Scan%20Log.zip?dl=0

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.