Jump to content

Recommended Posts

3-29-11)

ok , here are some pc spects.

windows XP home sp3.

dell dimension 2400

2 gigs of ram

60 gig hard drive.

-----------

i use avast free(the newest up to date)

malwarebytes antimaleware(your program)free version.

superAntispyware free version.

-----------

today i scanned my pc with avast, malwarebytes, superAntispyware.

avast found nothing, superAntispyware found nothing.

but Malwarebytes found a trojan.agent on my system, so i think, i know fulse positives happen and i actually ran into a few in the way past.

it said that the " userinit.exe " was a trojan.agent.

i checked it out , it did say it was from micosoft. but to be on the safe side i went ahead and removed it, its now sitting in quarantine.

when it removed it , it said to restart my pc, so i let it do that, so i logged onto the net, did a recheck on malware updates again , after it updated, i logged off my pc, and rescanned my pc.

the scan results this time said no infection.

do you want me to give you the log file that points out the infection, or the one that it says my pc

is now clean ?.

what do i do now?.

plus here is a screen shot of what it found, hope you can see it.

post-74580-0-09577700-1301448927.jpg

Link to post
Share on other sites

Hi!

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Link to post
Share on other sites

i'm giving you two scan logs. the 1st log is what it found and removed thay log was done on 3-29-11.

and the 2nd log is the scan i did, the quick scan that you told me to do, i did that 2nd scan today on

3-30-11, the second scan found no more infections after it put that yesterdays item in quarantine, its still in

quarantine now.

--------

ok here is yesterdays scan(full scan).

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6204

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

3/29/2011 3:48:08 PM-

mbam-log-2011-03-29 (15-48-08).txt

Scan type: Full scan (A:\|C:\|D:\|)

Objects scanned: 242101

Time elapsed: 2 hour(s), 44 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\$ntservicepackuninstall$\userinit.exe (Trojan.Agent) -> Quarantined and deleted successfully.

--------------------------------------------------------------

ok now here is todays(3-30-11)(quick scan) scan , it pretty much say no more infections found.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6218

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

3/30/2011 10:16:44 AM-

mbam-log-2011-03-30 (10-16-44).txt

Scan type: Quick scan

Objects scanned: 156880

Time elapsed: 12 minute(s), 51 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

--------------------------

so is that it, am i ok now ?.

and what do i do with yesterdays item thats still in quarantine ?.

do i keep it there for awhile ?or what ?.

i thank you for helping me.

Link to post
Share on other sites

Hi!

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

----------------------

ok, its 1:48pm 3-30-11 my time.

i feel like i'm wasting your time here,

i was surfing around this forum some and came across this post made by a user yesterday(same as me) he too had the same finding during his scan, and it turned out to be a fulse positive.

http://forums.malwarebytes.org/index.php?showtopic=79549

so this is what i'm going to do , i'm going to the FP part of this forum and upload the file , so that the owners of Malwarevytes can further investigate and hoefully get back to me.

---------------------

if they say its a fulse, then i would say that this post here is closed, if not then i will come back to this post,,,,, i wll let you know of there findings.

yours truly

"some what new at this"

Link to post
Share on other sites

It is first necessary to know is this happening even with the latest updates. If the answer is Yes, our research engineers will help you.

i just updated the deff's and did a scan of the file and whole PC, says no infection either way. , the scan looks good , as far as the scan goes. so i guess the answer is No

thats why i uploaded the file in the FB part of the forum to make sure, i'm just making sure is all.

nothing wrong with that is there ?.

Link to post
Share on other sites

i just updated the deff's and did a scan of the file and whole PC, says no infection either way. , the scan looks good , as far as the scan goes. so i guess the answer is No

thats why i uploaded the file in the FB part of the forum to make sure, i'm just making sure is all.

nothing wrong with that is there ?.

---------

ok, they said it was a false positive, i have no more worries

here is the link to the post i made in the FP part of the forum, all is good.

http://forums.malwarebytes.org/index.php?showtopic=79864

i say this topic is closed.

--------

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.