Jump to content

Check a quarantined item?


ceomag

Recommended Posts

I just ran a full scan with MBAM 1.38, Database Version 2387, and it found a file that it reports as a Spyware Agent, reference #17429. The file is CP_setup.exe. It was in a folder that I have set aside for program installers. It's location in that folder suggests that I've had it in there a long time -- shortly after I made that folder I changed the way I stored things, but didn't go back and rearrange the old programs -- this one was not stored in my "new" format, so I believe it's a couple years old. I can't remember exactly what it is, but I think it installs an onscreen "scientific calculator" program. A few years ago I tried out several freeware calculators before I settled on one.

I had just run a moderate scan with Avast! last night and a thorough scan over the weekend and neither scans picked this up. I don't remember offhand how long ago I ran a full MBAM scan.

Anyway, I put the file in quarantine. MBAM finished up and rebooted.

What I'd like to know is, what do I really have in quarantine? Can I submit it for analysis?

Thanks.

Link to post
Share on other sites

Some additional info. I update and run a Quick Scan on a daily basis. The last time I ran a full scan was May 21. I think this file was there at the time (I don't think I put any installers in that folder in the past two months). The May 21 scan didn't report anything.

Link to post
Share on other sites

Thanks. I restored it and ran in Developer mode. I put it back in quarantine, just to bhe safe.

Here's the log:

Malwarebytes' Anti-Malware 1.38

Database version: 2388

Windows 5.1.2600 Service Pack 3

7/7/2009 7:11:42 PM

mbam-log-2009-07-07 (19-11-42).txt

Scan type: Full Scan (C:\|)

Objects scanned: 231825

Time elapsed: 1 hour(s), 10 minute(s), 18 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\documents and settings\Kevin\my documents\BIN\CP_Setup.exe (Spyware.Agent) -> Quarantined and deleted successfully. [5253514247405230202526192513011922242019171719171721242122222122172118222022202

224213922192121]

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.