Still finding remnants from march 26

Welcome Guest ( Log In | Register )

Malwarebytes Forum > Malwarebytes' Anti-Malware Support > General Malwarebytes' Anti-Malware Forum

Still finding remnants from march 26

Options

DaChew View Member Profile	Apr 29 2008, 06:33 AM Post #1
Elite Member Group: Experts Posts: 552 Joined: 8-April 08 Member No.: 2,291	Malwarebytes' Anti-Malware 1.11 Database version: 692 Scan type: Full Scan (C:\\|) Objects scanned: 56451 Time elapsed: 9 minute(s), 15 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\IDME\dimnet201.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\IDME\TGbn1dll.exe (Adware.Trafficsol) -> Quarantined and deleted successfully. C:\WINDOWS\system32\usnv\pax89104.exe (Adware.TTC) -> Quarantined and deleted successfully. dimnet201.exe A-Squared Found nothing AntiVir Found RKIT/544.A ArcaVir Found nothing Avast Found Win32:Trojan-gen {UPX} AVG Antivirus Found Generic10.CLZ BitDefender Found Rootkit.544 ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Sophos Antivirus Found Troj/SpyCore-A VirusBuster Found nothing VBA32 Found nothing pax89104.exe A-Squared Found Adware.Win32.TTC.d AntiVir Found DR/TTC.D ArcaVir Found Adware.Ttc.D Avast Found Win32:Adware-gen AVG Antivirus Found nothing BitDefender Found Dropped:Trojan.AdClick.DX ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found not-a-virus:AdWare.Win32.TTC.d (4, 1, 400) Fortinet Found Adware/TTC Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found AdWare.Win32.TTC.d TGbn1dll.exe A-Squared Found nothing AntiVir Found TR/Drop.Agen.139457 ArcaVir Found Adware.Trafficsol.Ai Avast Found Win32:Agent-VZS AVG Antivirus Found nothing BitDefender Found Adware.Trafficsol.S ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found not-a-virus:AdWare.Win32.TrafficSol.ai (4, 1, 400) Fortinet Found Virtum!tr Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Sophos Antivirus Found Troj/Virtum-Gen VirusBuster Found nothing VBA32 Found AdWare.Win32.TrafficSol.ai -------------------- Regards Chewy the wild wookie

DaChew View Member Profile	Apr 29 2008, 06:37 AM Post #2
Elite Member Group: Experts Posts: 552 Joined: 8-April 08 Member No.: 2,291	I then sorted by date and saw another folder in the system 32 with the same time/date stamp bz3/pnglft22.exe A-Squared Found Trojan-Downloader.Win32.Small.tei AntiVir Found TR/Crypt.ULPM.Gen ArcaVir Found Adware.Agent.Bz Avast Found Win32:Small-JMH AVG Antivirus Found Downloader.Generic7.AUY BitDefender Found Trojan.Retapu.D ClamAV Found Trojan.Downloader-27654 CPsecure Found Troj.Downloader.W32.Aphex.020 Dr.Web Found Trojan.DownLoader.51158 F-Prot Antivirus Found nothing F-Secure Anti-Virus Found Trojan-Downloader.Win32.Small.tei Fortinet Found nothing Ikarus Found Virus.Win32.Small.JMH Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Small.tei NOD32 Found Win32/TrojanDownloader.Small.IAW Norman Virus Control Found W32/DLoader.GFES Panda Antivirus Found Trj/Downloader.SZG Sophos Antivirus Found Mal/DownLdr-O VirusBuster Found Trojan.Matcash.Gen VBA32 Found Trojan-Downloader.Win32.Small.tei -------------------- Regards Chewy the wild wookie

GT500 View Member Profile	Apr 29 2008, 01:37 PM Post #3
Forum Deity Group: Moderators Posts: 3,705 Joined: 31-December 07 From: Fortville, IN Member No.: 1,983	Have you submitted it to Malwarebytes yet? -------------------- Arthur Wilkinson Malwarebytes Customer Support Follow us: Twitter, Become a fan: Facebook

nosirrah View Member Profile	Apr 29 2008, 02:10 PM Post #4
Forum Deity Group: Administrators Posts: 5,259 Joined: 30-December 06 From: Northampton, MA USA Member No.: 884	The issue is that this file is inside of a random named folder . I am trying to find a way to keep the scan fast and catch these . This malware is a setup file and does not get a start point so it is in effect dead . The next update may have something that will catch this . BTW the active protection of MBAM should not allow this file to run . -------------------- Bruce Harrison Malwarebytes VP of Research Follow us: Twitter, Become a fan: Facebook

DaChew View Member Profile	Apr 29 2008, 03:27 PM Post #5
Elite Member Group: Experts Posts: 552 Joined: 8-April 08 Member No.: 2,291	to put this in perspective, this infection was a bear, I threw everything but combofix at it it came into my computer thru a usb drive -------------------- Regards Chewy the wild wookie

« Next Oldest · General Malwarebytes' Anti-Malware Forum · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 21st November 2009 - 07:22 AM ()

Licensed to: Malwarebytes