Jump to content

worm.autorun.b


Lazer
 Share

Recommended Posts

I never had a worm before so I don't know if this is a false positive or not. It is in quarantine at this time. could I delete it from my system?

The log file below is when the worm was detected and the one below that is the last one that I ran with mbam.exe /developer

Malwarebytes' Anti-Malware 1.42

Database version: 3400

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/20/2009 10:34:29 PM

mbam-log-2009-12-20 (22-34-29).txt

Scan type: Quick Scan

Objects scanned: 141690

Time elapsed: 8 minute(s), 0 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\RECYCLER\S-1-5-21-752382520-236328481-773975309-1006\Dc30.exe (Worm.Autorun.:D -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.42

Database version: 3400

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/20/2009 10:59:15 PM

mbam-log-2009-12-20 (22-59-15).txt

Scan type: Quick Scan

Objects scanned: 141626

Time elapsed: 9 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Link to post
Share on other sites

  • 4 weeks later...
I'm sorry , not sure how I missed this one .

The first thing I need is for you to update and post a scan log . The last scan posted is 2 application and more than 150 definition updates behind .

Malwarebytes' Anti-Malware 1.44

Database version: 3580

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

1/16/2010 9:08:43 PM

mbam-log-2010-01-16 (21-08-43).txt

Scan type: Full Scan (C:\|)

Objects scanned: 242996

Time elapsed: 2 hour(s), 3 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\RECYCLER\S-1-5-21-583907252-926492609-839522115-500\Dd2\system32\calc.exe (Worm.Autorun.:) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-583907252-926492609-839522115-500\Dd2\system32\rundll32.exe (Worm.Autorun.:( -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-583907252-926492609-839522115-500\Dd2\system32\wbem\wmiprvse.exe (Worm.Autorun.:) -> Quarantined and deleted successfully.

first time for me. i hope this is what you need

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.44

Database version: 3580

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

1/16/2010 9:08:43 PM

mbam-log-2010-01-16 (21-08-43).txt

Scan type: Full Scan (C:\|)

Objects scanned: 242996

Time elapsed: 2 hour(s), 3 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\RECYCLER\S-1-5-21-583907252-926492609-839522115-500\Dd2\system32\calc.exe (Worm.Autorun.:) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-583907252-926492609-839522115-500\Dd2\system32\rundll32.exe (Worm.Autorun.:) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-583907252-926492609-839522115-500\Dd2\system32\wbem\wmiprvse.exe (Worm.Autorun.:) -> Quarantined and deleted successfully.

first time for me. i hope this is what you need

???????????????????????????????????????????

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.