Jump to content

MBAM not detecting marioforever.exe or user32hk


Recommended Posts

As the title states MBAM is not detecting these 2 files for me. I've run the scan on a few computers of mine that got infected and it just misses the file. The marioforever.exe file is sitting in the root of the c drive and the user32hk is just showing that the file is corrupted. Here is the latest log of a recent scan with the infected computer.

Malwarebytes' Anti-Malware 1.31

Database version: 1489

Windows 5.1.2600 Service Pack 2

12/11/2008 2:48:13 PM

mbam-log-2008-12-11 (14-48-07).txt

Scan type: Quick Scan

Objects scanned: 130255

Time elapsed: 28 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 15

Registry Values Infected: 2

Registry Data Items Infected: 1

Folders Infected: 2

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{bf0a1ff4-bbaf-487f-bc85-a24ef8f443a8} (Adware.Comet) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ONESTEP_SEARCH_SERVICE (Adware.OneStepSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneStep Search Service (Adware.OneStepSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\starware316 (Adware.Starware) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SSSInstaller (Adware.Comet) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ylpinit_dlls (Spyware.Agent.H) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> No action taken.

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

C:\Documents and Settings\kmitchell\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.

C:\Documents and Settings\kmitchell\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.

Files Infected:

C:\WINDOWS\system32\nvaux32.dll (Spyware.Agent.H) -> No action taken.

C:\Documents and Settings\kmitchell\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.

C:\WINDOWS\system32\aston.mt (Trojan.FakeAlert) -> No action taken.

Link to post
Share on other sites

Greetings and welcome to the forum. To get you fixed up please read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs in a new topic here: http://www.malwarebytes.org/forums/index.php?showforum=7

Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. I hope I was helpful. Good luck and safe surfing.

Link to post
Share on other sites

As the title states MBAM is not detecting these 2 files for me. I've run the scan on a few computers of mine that got infected and it just misses the file. The marioforever.exe file is sitting in the root of the c drive and the user32hk is just showing that the file is corrupted. Here is the latest log of a recent scan with the infected computer.

If you wouldn't mind uploading them uploads.malwarebytes.org I'll be sure they get added to our definitions.

Thanks for bringing this to our attention.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.