Jump to content

Recommended Posts

MBAM has identified a Trojan.Agent.ED in Cyberlink Richvideo.exe file and registry.  Online research suggests this is either a false positive or an infection.  No other anti-virus scan that I've run is identfying this as an infection. Restored .exe file, which is attached.  Please advise on Cyberlink file, reg value and key.

 

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2015.02.05.11

Windows 7 Service Pack 1 x64 NTFS

2/5/2015 9:07:14 PM
mbam-log-2015-02-05 (21-07-14).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 550845
Time elapsed: 1 hour(s), 47 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\TypeLib\{D37B5B2C-8D1B-4832-89E4-6FCE903B3A18} (Trojan.Agent.ED) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE (Trojan.Agent.ED) -> Data: 3 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.

(end)

RichVideo.zip

Link to post
Share on other sites

Thank you.  Log is below.  Scan with 2.00.4.1028 took less than a tenth the time of 1.61.0.1400.  Has the scanning process changed that much or am I missing something?

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/8/2015
Scan Time: 10:16:07 AM
Logfile: MBAM Log 2-8-15.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.08.04
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS


Scan Type: Threat Scan
Result: Completed
Objects Scanned: 359687
Time Elapsed: 10 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • Staff

2.04 has a lot of engine improvements and scanning improvements over 1.6. Its very important to stay up to date with the latest release to have the best protection and detection. Each new version has engine revisions and the older version wont have nearly as good of detection. The engine was completely rewritten since 1.6 and was greatly speeded up.

 

 

However i noticed that u ran a full scan with the first post. This would be equlivalent to a Custom scan in 2.x.

 

Threat scan is all that is really needed 99% of the time to remove any malware that may be active. You can do a custom scan once in a while.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.