Jump to content

Recommended Posts

Hi all, First post.

Did a scan today and got this result, Also had the

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Media Index

false positive which was sorted by the update.

I had the file c:\program files\microsoft visual studio\VB98\THREED32.oca (Trojan.Dropper)

tested on virus total and results were clean.

When I first saw the MWB scan result I reinstalled the C drive from a Macrium backup made

three days ago and still got the 14 infections. I've had the THREED32.oca for some years on

my computer with no trouble, In fact this is the first time I've had an infection reported by MWB.

May be another false positive? <_<

Kidd

Malwarebytes' Anti-Malware 1.39

Database version: 2534

Windows 5.1.2600 Service Pack 3

31/07/2009 10:27:47

mbam-log-2009-07-31 (10-27-38).txt

Scan type: Full Scan (C:\|)

Objects scanned: 137074

Time elapsed: 30 minute(s), 49 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 13

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{1b7a828c-9ee8-4927-875a-e2287476b2f9} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{0ffef9a8-d600-44cf-a2a1-fdd99a57e5a8} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{16f09c9f-2557-4920-a5cf-ed55d77cc6c2} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{4d42f038-c220-455e-9b86-124aa821c4db} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{55174b5d-f971-4708-8446-7b1ed152d418} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{683b6925-8999-4936-b0e0-dbb55ff57039} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{6a005dea-0d98-4b5a-b3f0-c5989fc6f5be} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{847c1733-3114-49f1-b8bb-cc6efb3e37f4} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{894479ca-9726-4b48-859c-e04a4d61c7a4} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{8fda40a0-8673-47f7-9faa-3c8f4cdeefda} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{9346e57f-e532-4f61-b479-ecbc927c7b4f} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{c5c57f00-c311-48bc-bf19-a243c611a996} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

HKEY_CLASSES_ROOT\Interface\{d39e9ffc-99ba-4dcc-9f77-e69518d0f8eb} (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\microsoft visual studio\VB98\THREED32.oca (Trojan.Dropper) -> No action taken. [5253514247405230202019251301171725171717171717172517251717172517171717171717251

71717251717172517251717171717361736173617171725172517251717171717171739391717171

7

39391717171717173939393917173939171717171717393917173939171739393939171717173939

3

9393939171724242424242424242424242424242424]

Link to post
Share on other sites

Hi nosirrah, Here's the File.

Kidd

Please zip and attach this again , I tried a few different unzipping application and they all failed to open this . If you are using some sort of exotic zipping application please use a more standard application like 7zip or winrar .

Link to post
Share on other sites

Please zip and attach this again , I tried a few different unzipping application and they all failed to open this . If you are using some sort of exotic zipping application please use a more standard application like 7zip or winrar .

Here's the file again nosirrah, I'd used Winzip 12 on max compression. I used legacy compression on this (my bad) <_<:unsure::angry:

THREED32.zip

THREED32.zip

Link to post
Share on other sites

This should be fixed in the next update .

Yes thanks nosirrah, the file THREED32.oca passes ok. <_<

The 13 registry keys still get flagged, As they first got flagged with THREED32.oca, are they associated? :unsure:

Link to post
Share on other sites

Yes thanks nosirrah, the file THREED32.oca passes ok. :unsure:

The 13 registry keys still get flagged, As they first got flagged with THREED32.oca, are they associated? :angry:

All ok now nosirrah, I received another update after I posted the last post and everything is clear, Registry keys fixed. ;):):blush::blush:<_<:blush:

Thanks for all your help.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.