Jump to content

wextract.exe


lurkingatu2
 Share

Recommended Posts

hello

i just updated Mbam deff. version to

8/20/09

database version: 2661

fingerprints loaded: 124284

and Mbam found

Malwarebytes' Anti-Malware 1.40

Database version: 2661

Windows 5.1.2600 Service Pack 3

8/20/2009 1:13:26 AM

mbam-log-2009-08-20 (01-13-10).txt

Scan type: Quick Scan

Objects scanned: 94297

Time elapsed: 1 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\netsetup.exe (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]

C:\WINDOWS\system32\wextract.exe (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]

C:\WINDOWS\system32\ERUpdateHidden.EXE (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]

and i scaned them at jotti's

Filename: ERUpdateHidden.EXE

Status: Scan finished. 0 out of 21 scanners reported malware

File size: 1168896 bytes

Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

MD5: 4bfa1831bdc58b5e7f077892e8b694e6

SHA1: 11647d69ce7fd25bad69d2089739a3c76eeabcc9

Filename: netsetup.exe

Status: Scan finished. 0 out of 21 scanners reported malware.

File size: 329728 bytes

Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

MD5: 04d08be5f163c108bafe2988182f62c2

SHA1: 6d359bfc9f19e046ccb5680240e6f48ada392c26

Filename: wextract.exe

Status: Scan finished. 0 out of 21 scanners reported malware.

File size: 65024 bytes

Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

MD5: 2fcca89ea18cbabad85b47d8d0cc375b

SHA1: 7c8e22667d62ef3dcf0ac80b3139c1768d5286e2

thanks <_<

Link to post
Share on other sites

Updated, scanned and found two infected files.

Malwarebytes' Anti-Malware 1.40

Database version: 2661

Windows 5.1.2600 Service Pack 2

20/08/2009 6:17:58 PM

mbam-log-2009-08-20 (18-17-52).txt

Scan type: Quick Scan

Objects scanned: 106656

Time elapsed: 5 minute(s), 55 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\wextract.exe (Worm.Autorun) -> No action taken.

C:\WINDOWS\system32\netsetup.exe (Worm.Autorun) -> No action taken.

I am 'pretty sure' these are false positives after flipping through a few general security websites. But since I am no expert in the matter, I am not sure.

Link to post
Share on other sites

VirusTotal (0/41)

Dev. log

Malwarebytes' Anti-Malware 1.40

Database version: 2661

Windows 6.1.7127

20.8.2009 г. 11:20:58

mbam-log-2009-08-20 (11-20-56).txt

Scan type: Quick Scan

Objects scanned: 73965

Time elapsed: 54 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Windows\System32\wextract.exe (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.