lurkingatu2 Posted August 20, 2009 ID:112533 Share Posted August 20, 2009 hello i just updated Mbam deff. version to8/20/09database version: 2661fingerprints loaded: 124284and Mbam found Malwarebytes' Anti-Malware 1.40Database version: 2661Windows 5.1.2600 Service Pack 38/20/2009 1:13:26 AMmbam-log-2009-08-20 (01-13-10).txtScan type: Quick ScanObjects scanned: 94297Time elapsed: 1 minute(s), 27 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 3Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\WINDOWS\system32\netsetup.exe (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]C:\WINDOWS\system32\wextract.exe (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]C:\WINDOWS\system32\ERUpdateHidden.EXE (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111]and i scaned them at jotti'sFilename: ERUpdateHidden.EXE Status: Scan finished. 0 out of 21 scanners reported malware File size: 1168896 bytes Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5: 4bfa1831bdc58b5e7f077892e8b694e6 SHA1: 11647d69ce7fd25bad69d2089739a3c76eeabcc9 Filename: netsetup.exe Status: Scan finished. 0 out of 21 scanners reported malware. File size: 329728 bytes Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5: 04d08be5f163c108bafe2988182f62c2 SHA1: 6d359bfc9f19e046ccb5680240e6f48ada392c26 Filename: wextract.exe Status: Scan finished. 0 out of 21 scanners reported malware. File size: 65024 bytes Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5: 2fcca89ea18cbabad85b47d8d0cc375b SHA1: 7c8e22667d62ef3dcf0ac80b3139c1768d5286e2 thanks Link to post Share on other sites More sharing options...
Kahai Posted August 20, 2009 ID:112535 Share Posted August 20, 2009 Updated, scanned and found two infected files.Malwarebytes' Anti-Malware 1.40Database version: 2661Windows 5.1.2600 Service Pack 220/08/2009 6:17:58 PMmbam-log-2009-08-20 (18-17-52).txtScan type: Quick ScanObjects scanned: 106656Time elapsed: 5 minute(s), 55 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 2Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\WINDOWS\system32\wextract.exe (Worm.Autorun) -> No action taken.C:\WINDOWS\system32\netsetup.exe (Worm.Autorun) -> No action taken.I am 'pretty sure' these are false positives after flipping through a few general security websites. But since I am no expert in the matter, I am not sure. Link to post Share on other sites More sharing options...
B-boy/StyLe/ Posted August 20, 2009 ID:112536 Share Posted August 20, 2009 VirusTotal (0/41)Dev. logMalwarebytes' Anti-Malware 1.40Database version: 2661Windows 6.1.712720.8.2009 г. 11:20:58mbam-log-2009-08-20 (11-20-56).txtScan type: Quick ScanObjects scanned: 73965Time elapsed: 54 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Windows\System32\wextract.exe (Worm.Autorun) -> No action taken. [5538515242484730563857535134365315385738010101010111] Link to post Share on other sites More sharing options...
Kahai Posted August 20, 2009 ID:112538 Share Posted August 20, 2009 I got warned on the exact same files a few minutes ago. Not too sure what to make of it though. Link to post Share on other sites More sharing options...
Staff miekiemoes Posted August 20, 2009 Staff ID:112539 Share Posted August 20, 2009 This has been fixed already. Please update the database Link to post Share on other sites More sharing options...
Kahai Posted August 20, 2009 ID:112542 Share Posted August 20, 2009 Thanks a lot for the fast response! Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now