Jump to content

MSCoree.dll

andy148

By andy148
in File Detections

 Share

Recommended Posts

andy148

andy148

Posted
Posted

I performed a full system scan with MalwarebytesAM, and it found several threats. I think all of them are legit except for the mscoree.dll. I had to reinstall .NET framework 2 after MalwarebytesAM removed it. My log is below:

Malwarebytes' Anti-Malware Version 0.72

Database version: 208

This logfile was saved before the removal process.

Scan type: Full Scan (C:\|)

Objects scanned: 33672

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 54

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 1

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{7a7f202e-af91-4889-9dd5-2fe241085cc1} (Rogue.Multiple) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{314f88d6-80ce-408a-9e8f-b2389b81e8b8} (Rogue.Multiple) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{faad2038-c371-473d-86f1-5b11d39c3775} (Rogue.Multiple) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d731a77d-a816-4730-96d2-14a5f9917255} (Rogue.Multiple) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{9ec61371-c3b9-fcc1-ee6f-2e4e8d12dffc} (Trojan.FakeAlert) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{16dd131d-c09f-4f83-a1e7-a2cf506ea27c} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{3e67e9dc-7294-44c3-bc99-ea6e29e74076} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{4ed5e198-e576-4676-93b8-2c401d1a67d0} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{69ebf0db-f6b5-4479-8352-aa632f522d34} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{7c1530bd-16b0-41a9-b428-17ee8cbd3e06} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{7c1530bd-16b0-41a9-b428-17ee8cbd3e06} (Rogue.MalwareDestructor) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{047a9a40-657e-11d3-8d5b-00104b35e7ef} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{0D17A350-6585-4f3d-B008-6827EBDE5D85} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{13F75875-5C54-4692-9C80-A5431FF1F773} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{1D2680C9-0E2A-469d-B787-065558BC7D43} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{1EC2DE53-75CC-11d2-9775-00A0C9B4D50C} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{24800CD0-0F4E-4df7-9F69-3C6903C89224} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{3F281000-E95A-11d2-886B-00C04F869F04} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{6619A740-8154-43BE-A186-0319578E02DB} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{6619A740-8154-43BE-A186-0319578E02DB} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{6FEF44D0-39E7-4C77-BE8E-C9F8CF988630} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{7B7C96BC-9CB1-43B0-4545-69A242D80F9D} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{90F1A06E-7712-4762-86B5-7A5EBA6BDB01} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{90F1A06E-7712-4762-86B5-7A5EBA6BDB02} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{99749841-0D55-4cf4-8D0D-F212ECE9409A} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{A138CF39-2CAE-42c2-ADB3-022658D79F2F} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{A6383CAD-E8B2-422A-BEBF-44CBB7CE73AA} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{A8220117-B52C-4012-8CB7-2E0202B3A624} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{A8F03BE3-EDB7-4972-821F-AF6F8EA34884} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{B81FF171-20F3-11d2-8DCC-00A0C9B00525} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{BF75277B-C02A-4D17-B8C9-C211CA00DB28} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{C6D2F26F-624E-4AB3-8C43-0F937D52897C} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{CA35CB3D-0357-11D3-8729-00C04F79ED0D} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{CB2F6723-AB3A-11d2-9C40-00C04FA30A3E} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{CC4014F5-B18D-439C-9352-F99D984CCA85} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{D2EAA715-DAC7-4771-AF5C-931611A1853C} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{E5CB7A31-7512-11D2-89CE-0080C792E5D8} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{EFB9A924-3760-49AF-B363-5A82DF3A960C} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{F5726551-CC9F-4873-9752-E1058CF0BCA5} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a301fab7-0853-9f4d-ba0d-be2f421e5a18} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{203b1eed-db9f-40fb-87bd-1990982017d2} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{566A2EFF-5651-4020-AC1A-EB48E4571EA3} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{ad763fa6-3b90-41ab-bd44-4f832beee55f} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{CD12A3CE-9C42-11D2-BEED-0060082F2054} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{DCF6C8B2-F6C0-461b-82DA-35945EADF54A} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{FB74F625-7D25-4455-B840-7B870B5B9322} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{b60f5afa-edd2-417d-a438-57f3ebd9e639} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{d0367d41-1c19-4e98-8f5d-006213c5b1bb} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{d59b2dd5-0609-4bdc-ab47-a9a28abc482a} (Rogue.MalwareDestructor) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{f8ff4547-4fa4-4fea-b689-7190c2a40364} (Rogue.MalwareDestructor) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\ugcw (Rogue.WinSecureAv) -> No action taken.

HKEY_CURRENT_USER\Software\OnlinePCGuard (Rogue.OnlinePCGuard) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\OnlinePCGuard (Rogue.OnlinePCGuard) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Program Files\Common Files\OnlinePCGuard (Rogue.AVSystemShield) -> No action taken.

Files Infected:

C:\WINDOWS\system32\MSCorEE.dll (Rogue.MalwareDestructor) -> No action taken.

C:\WINDOWS\system32\wmnetmgr.dll (Rogue.MalwareDestructor) -> No action taken.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept