Jump to content

meta4.exe and MOTA113.exe


xx521xx

Recommended Posts

Updated and scanned with latest database version. Still showing as infected.

This has me seriously worried now.

Hope this is fixed or (grimace) the MBAM experts confirm the infection.

Newbi3

-------------------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.37

Database version: 2263

Windows 5.1.2600 Service Pack 3

11/06/2009 9:51:40 PM

mbam-log.txt

Scan type: Quick Scan

Objects scanned: 80678

Time elapsed: 4 minute(s), 02 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\meta4.exe (Trojan.Agent) -> No action taken. [41345241302324712218671866251971671818676767266921252371246870211868692022]

c:\WINDOWS\MOTA113.exe (Trojan.Agent) -> No action taken. [41345241307166712623701720671720241922676825182368181869226671171726232518]

Link to post
Share on other sites

I HAD (months ago) SUPER installed, but have removed it almost 4 months ago... These files just showed up as malware by MBAM within the last 24-36 hours... Scanned them at VirusTotal.com and they appear to be relatively clean.

So now I don't know if I should just Quarantine and be safe or wait... Scanned my system with a-squared, SuperAntiSpyWare, and Avira and none of them found these files to be hazardous.

===================================================

Malwarebytes' Anti-Malware 1.37

Database version: 2263

Windows 5.1.2600 Service Pack 3

6/11/2009 3:06:53 PM

mbam-log-2009-06-11 (15-06-50).txt

Scan type: Quick Scan

Objects scanned: 111840

Time elapsed: 2 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\MOTA113.exe (Trojan.Agent) -> No action taken.

c:\WINDOWS\meta4.exe (Trojan.Agent) -> No action taken.

===================================================

Link to post
Share on other sites

This same issue came up long ago with these two same files. I believe they get detected because of the way they're packed and hidden by SUPER's installer. It's uninstaller is also very inefficient and leaves a lot behind. The files aren't malicious and neither is the software, it just has a bad install/uninstall routine ;) .

edit: I finally tracked down the old thread where this initially occurred. Here it is in case anyone's curious :) : http://www.malwarebytes.org/forums/index.php?showtopic=3556

Link to post
Share on other sites

Hi,

Thanks for the extra information. It corresponded exactly to the prior research I had read.

It also provided a little more piece of mind for this really worried Newbi3!!! ;):):)

Am really keen to hear a final 'verdict' or decision from the MBAM crew.

Best regards,

Newbi3

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.