Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Vundo By Malwarebytes, False Positive


  • Please log in to reply
7 replies to this topic

#1 BlueEyedFox

BlueEyedFox

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 28 May 2008 - 03:59 PM

MTA (Multi Theft Auto) is a popular online client for the game San Andreas but, Malware Bytes is detecting it as Trojan.Vundo

I ran

Comodo Firewall Pro Built in Malware Scanner
SUPER Anti Spyware
Avira AntiVir Premium

and no one else found it as Trojan.Vundo so I can only assume False-Poisitive

Edited by Orange Blossom, 28 May 2008 - 04:01 PM.
Move to more appropriate forum. ~ OB


BC AdBot (Login to Remove)

 


m

#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 28 May 2008 - 04:53 PM

if you can fully update and rerun the superantispyware and malawarebytes programs ?

then run each on full deep computer scans and post the logs from each for checking ?

#3 BlueEyedFox

BlueEyedFox
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 28 May 2008 - 05:19 PM

Updated MalwareBytes (Outdated from 10th of May) and SUPER anti spyware was already updated so I am re-running it.

Malwarebytes and SUPERAntiSpyware full system scans running.

#4 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 28 May 2008 - 05:25 PM

Updated MalwareBytes (Outdated from 10th of May) and SUPER anti spyware was already updated so I am re-running it.

Malwarebytes and SUPERAntiSpyware full system scans running.



cough;;cough;

I see you are logged in to the forum??; if this is the infected computer ??you should ideally be OFF line but in normal computer mode for malawarebytes and computers safe mode to run superantispyware......oopps ss

#5 BlueEyedFox

BlueEyedFox
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 28 May 2008 - 06:30 PM

Malwarebytes- 0, Pephaps it was a false positive and they corrected it since I scanned before without updating

Malwarebytes' Anti-Malware 1.12
Database version: 795

Scan type: Full Scan (C:\|)
Objects scanned: 153401
Time elapsed: 1 hour(s), 8 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


SUPER Anti Spyware- Detected a casino I use as AdAware but, That is a false positive because it is trusted, and a few cookies.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/28/2008 at 07:06 PM

Application Version : 4.1.1046

Core Rules Database Version : 3469
Trace Rules Database Version: 1460

Scan type : Complete Scan
Total Scan Time : 00:51:25

Memory items scanned : 459
Memory threats detected : 0
Registry items scanned : 4203
Registry threats detected : 0
File items scanned : 22037
File threats detected : 20

Adware.Tracking Cookie
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@statse.webtrendslive[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@doubleclick[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@tribalfusion[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@2o7[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@partner2profit[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@bs.serving-sys[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@atdmt[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@ads.bleepingcomputer[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@serving-sys[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@statcounter[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@ad.yieldmanager[1].txt

Adware.Casino Games (Golden Palace Casino)
C:\PROGRAM FILES\CASINOONNET\BIN\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\JOHN\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\JOHN\DESKTOP\CASINO-ON-NET.LNK
C:\PROGRAM FILES\SLOTS PLUS CASINO\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\DESKTOP\SLOTS PLUS CASINO.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\PROGRAMS\CASINO-ON-NET\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\PROGRAMS\GAMES\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\PROGRAMS\SLOTS PLUS CASINO\SLOTS PLUS CASINO.LNK

You want me to dissconnect my internet plug and run the scan again for the 3rd time? -.-

#6 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:46 AM

Posted 28 May 2008 - 06:32 PM

I am pretty sure she just meant for you to not surf and/or multitask when doing a scan
Chewy

No. Try not. Do... or do not. There is no try.

#7 BlueEyedFox

BlueEyedFox
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 28 May 2008 - 06:39 PM

Oh I actually went and eat dinner so, I want really doing anything.

As I said, I do not believe this is Malware but, something corrupted. But, I still wanted to get your inputs.

#8 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 29 May 2008 - 12:44 PM

You want me to dissconnect my internet plug and run the scan again for the 3rd time?


yep;for as many times as it takes TO do the scans


am pretty sure she just meant for you to not surf and/or multitask when doing a scan


I met one person who was actually doing emailing, surfing and running TWO scans ...simultaneously...then 'complained 'the scans were seemingly taking so long


ANY scan is best left TO scan uninterrupted by ANY activity

you asked for the computer to run the scan??; so let it run it :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users