Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microworld Av Reports Infections


  • Please log in to reply
No replies to this topic

#1 squirmy

squirmy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 23 March 2008 - 12:55 AM

Hi guys, I scanned my comp with Avira AntiVir and Dr.Web CureIt! prior to scanning with MicroWorld AV Toolkit. Nothing was found by Avira and Dr.Web but MicroWorld AV Toolkit reports these :

***
23 Mar 2008 13:16:42 - Offending Key found: HKCU\Software\magnet !!!
23 Mar 2008 13:16:53 - Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

23 Mar 2008 13:16:53 - Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com !!!
23 Mar 2008 13:16:53 - Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

23 Mar 2008 13:16:53 - Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\look2me !!!
23 Mar 2008 13:16:53 - Object "look2me Adware" found in File System! Action Taken: No Action Taken.

23 Mar 2008 13:16:53 - Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
23 Mar 2008 13:16:53 - Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

23 Mar 2008 13:16:53 - Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
23 Mar 2008 13:16:53 - Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

23 Mar 2008 13:16:54 - Offending Key found: HKCR\magnet !!!
23 Mar 2008 13:16:54 - Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

23 Mar 2008 13:16:56 - Offending Registry Entry found: hkey_local_machine\software\microsoft\windows\currentversion\policies\explorer//norun
23 Mar 2008 13:16:56 - System found infected with backdoor (ircbot) trojans Spyware/Adware (hkey_local_machine\software\microsoft\windows\currentversion\policies\explorer//norun)! Action taken: No Action Taken.

23 Mar 2008 13:16:57 - Offending file found: C:\WINDOWS\system32\unrar.dll
23 Mar 2008 13:16:57 - System found infected with savenow Adware (C:\WINDOWS\system32\unrar.dll)! Action taken: No Action Taken.

23 Mar 2008 13:16:59 - Checking MountPoints2 Registry Key...
23 Mar 2008 13:16:59 - Invalid Command Found in {0325da42-f0ed-11dc-9c72-806d6172696f}\Shell\AutoRun\command: H:\setup.exe
23 Mar 2008 13:16:59 - Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0325da42-f0ed-11dc-9c72-806d6172696f} !!!
23 Mar 2008 13:16:59 - Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

File C:\System Volume Information\_restore{697E2654-2022-49F4-94AB-49A6816E2B2C}\RP161\A0018206.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{697E2654-2022-49F4-94AB-49A6816E2B2C}\RP161\A0018207.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{697E2654-2022-49F4-94AB-49A6816E2B2C}\RP165\A0020630.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{697E2654-2022-49F4-94AB-49A6816E2B2C}\RP165\A0020631.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
***

I checked the infected magnet registry keys and it pointed to Limewire, which I do use occasionally. Ran HijackThis and the log appears clean to me. Do I have infections or just false positives?

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users