Jump to content

my MBAM Premium scan detected Trojan.Agent.ED


Recommended Posts

Hi guys :) ,

Well,  my MBAM Premium scan detected Trojan.Agent.ED today 19th October. When I try to run combofix, my laptop has been acting a bit estrange lately, so I decide to run McAfee internet security Antivirus software which found nothing on the system and my MBAM Premium which detected Trojan.Agent.ED.  :huh:

 

I thought that the reading of the Trojan.Agent.ED by MBAM Premium might be because I was running combofix. <_< Now the strange thing is that when I run combofix, the program found an infected file on my C: drive which is the following: c:\windows\SysWow64\userinit.exe and disinfected but also Restored a copy form - c:\windows\erdnt\cache86\userinit.exe  :wacko:

 

Now this is really strange because this seems to be the same infection that combofix disinfected few weeks ago. After installing and uninstalled Bitdefender and ESE antivirus from my computer. Because before my computer was running really smooth. <_<

 

So I don’t know if theses softwares left any traces on my computer and this is what is causing problems.

 

Here are the reports from combofix the first passed when the infected file was identify and second combofix passed after disinfected.

 

The last note, I found combofix after the second pass that was taking way too long to provide me with the report, when usually doesn’t take that long.

 

I will appreciate a helpful hand out there.  :)

conbo_first_pass.txt

combo_second_paas.txt

Link to post
Share on other sites

Hello and :welcome: :

 

There was a False Positive detection by MBAM of the Combofix file a while ago, but that issue has already been resolved: https://forums.malwarebytes.org/index.php?/topic/159112-combofix/

It's not clear if the issue you report may have been related to that.

 

In any event, we can't work on malware diagnostics and removal in this sub-section of the forum.

So, if you think you may be infected, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the preliminary steps to expedite the process.
A malware analyst will guide you through the cleanup process.

Thanks,

 

P.S. Running powerful malware removal tools -- such as Combofix -- without expert guidance can lead to system damage and can complicate recovery from malware.  It is suggested that users NOT "self medicate", but that they wait for expert assistance. ;)

Link to post
Share on other sites

Hello and :welcome: , TexAsh:

 

MBAM says Super AntiSpyware is Trojan.Agent.ED ~  10/23/2014

 

What you report is actually an unrelated False Positive, that is already slated for a fix soon.

Please see this very recent post by one of our staff malware researchers:

 

https://forums.malwarebytes.org/index.php?/topic/159450-mwb-quarantining-superantispywareexe-for-trojanagented/#entry895287

 

Thank you,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.