Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Still finding remnants from march 26


Recommended Posts

Malwarebytes' Anti-Malware 1.11

Database version: 692

Scan type: Full Scan (C:\|)

Objects scanned: 56451

Time elapsed: 9 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\IDME\dimnet201.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\IDME\TGbn1dll.exe (Adware.Trafficsol) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\usnv\pax89104.exe (Adware.TTC) -> Quarantined and deleted successfully.

dimnet201.exe

A-Squared Found nothing

AntiVir Found RKIT/544.A

ArcaVir Found nothing

Avast Found Win32:Trojan-gen {UPX}

AVG Antivirus Found Generic10.CLZ

BitDefender Found Rootkit.544

ClamAV Found nothing

CPsecure Found nothing

Dr.Web Found nothing

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found nothing

Fortinet Found nothing

Ikarus Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

Panda Antivirus Found nothing

Sophos Antivirus Found Troj/SpyCore-A

VirusBuster Found nothing

VBA32 Found nothing

pax89104.exe

A-Squared Found Adware.Win32.TTC.d

AntiVir Found DR/TTC.D

ArcaVir Found Adware.Ttc.D

Avast Found Win32:Adware-gen

AVG Antivirus Found nothing

BitDefender Found Dropped:Trojan.AdClick.DX

ClamAV Found nothing

CPsecure Found nothing

Dr.Web Found nothing

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found not-a-virus:AdWare.Win32.TTC.d (4, 1, 400)

Fortinet Found Adware/TTC

Ikarus Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

Panda Antivirus Found nothing

Sophos Antivirus Found nothing

VirusBuster Found nothing

VBA32 Found AdWare.Win32.TTC.d

TGbn1dll.exe

A-Squared Found nothing

AntiVir Found TR/Drop.Agen.139457

ArcaVir Found Adware.Trafficsol.Ai

Avast Found Win32:Agent-VZS

AVG Antivirus Found nothing

BitDefender Found Adware.Trafficsol.S

ClamAV Found nothing

CPsecure Found nothing

Dr.Web Found nothing

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found not-a-virus:AdWare.Win32.TrafficSol.ai (4, 1, 400)

Fortinet Found Virtum!tr

Ikarus Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

Panda Antivirus Found nothing

Sophos Antivirus Found Troj/Virtum-Gen

VirusBuster Found nothing

VBA32 Found AdWare.Win32.TrafficSol.ai

Link to post
Share on other sites

I then sorted by date and saw another folder in the system 32 with the same time/date stamp

bz3/pnglft22.exe

A-Squared Found Trojan-Downloader.Win32.Small.tei

AntiVir Found TR/Crypt.ULPM.Gen

ArcaVir Found Adware.Agent.Bz

Avast Found Win32:Small-JMH

AVG Antivirus Found Downloader.Generic7.AUY

BitDefender Found Trojan.Retapu.D

ClamAV Found Trojan.Downloader-27654

CPsecure Found Troj.Downloader.W32.Aphex.020

Dr.Web Found Trojan.DownLoader.51158

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found Trojan-Downloader.Win32.Small.tei

Fortinet Found nothing

Ikarus Found Virus.Win32.Small.JMH

Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Small.tei

NOD32 Found Win32/TrojanDownloader.Small.IAW

Norman Virus Control Found W32/DLoader.GFES

Panda Antivirus Found Trj/Downloader.SZG

Sophos Antivirus Found Mal/DownLdr-O

VirusBuster Found Trojan.Matcash.Gen

VBA32 Found Trojan-Downloader.Win32.Small.tei

Link to post
Share on other sites

  • Staff

The issue is that this file is inside of a random named folder .

I am trying to find a way to keep the scan fast and catch these .

This malware is a setup file and does not get a start point so it is in effect dead .

The next update may have something that will catch this .

BTW the active protection of MBAM should not allow this file to run .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.