Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ok so MBAM found this how bad is it?


  • Please log in to reply
11 replies to this topic

#1 DEATHlLINK

DEATHlLINK

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 PM

Posted 30 January 2010 - 08:54 PM

Internet Explorer 8.0.6001.18882

1/30/2010 5:14:32 PM
mbam-log-2010-01-30 (17-14-25).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 236035
Time elapsed: 1 hour(s), 9 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\32788R22FWJFW\pv.com (Adware.Swizzor) -> No action taken.
C:\32788R22FWJFW\Combo-Fix.sys (Malware.Trace) -> No action taken.
C:\Program Files\Common Files\supportsoft\bin\msvcp60.dll (Malware.Packer.Gen) -> No action taken.

Now I let MBAM take care of it
Files Infected:
C:\32788R22FWJFW\pv.com (Adware.Swizzor) -> Quarantined and deleted successfully.
C:\32788R22FWJFW\Combo-Fix.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\supportsoft\bin\msvcp60.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

So My question is How bad Is the Malware.Packer.Gen ? and do I need to further pursue checking online scanners and other methods to make sure my systems clean?

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:23 PM

Posted 31 January 2010 - 12:27 AM

You apparently have downloaded and used Combofix which is not malware. However, embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus and anti-malware scanners as a "Risk Tool", "Hacking Tool", "Potentially Unwanted Program", or even "Malware" (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, registry fixes, malware strings it contains and the type of security engine that was used during the scan.

Such programs have legitimate uses in contexts where a Malware Removal Expert asked you to use the tool or when an authorized user/administrator has knowingly installed it. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. These detections do not necessarily mean the file is malware or a bad program.

It means it has the potential for being misused by others or that it was simply detected as suspicious due to the security program's heuristic analysis engine which provides the ability to detect possible new variants of malware. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. In these cases the detection is a "False Positive".

As for the msvcp60.dll detection, it has been reported in this thread at the MBAM forum and they are investigating.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:23 PM

Posted 31 January 2010 - 01:36 AM

Just a note...
Combo-Fix.sys is not a Combofix file, but a malware leading you into that assumption.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:23 PM

Posted 31 January 2010 - 08:48 AM

ThreatExpert's awareness of the file "combo-fix.sys"
ThreatExpert's awareness of ComboFix related files

The detection will be fixed in the next update
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:23 PM

Posted 31 January 2010 - 11:25 AM

Ooooops :thumbsup:

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 PM

Posted 31 January 2010 - 03:00 PM

so are you saying all these were results from when I used combo-fix to clean my system previously and I should be clean? When I run SAS , MBAM and my Panda scans they come up clean. I just got nervous by the malware packer I thought maybe someone had hacked me. I'll watch the mbam forum for the results.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:23 PM

Posted 31 January 2010 - 05:00 PM

so are you saying all these were results from when I used combo-fix to clean my system previously

Appears so except for the detection of msvcp60.dll .
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 PM

Posted 03 February 2010 - 01:03 AM

Looks clear SAS ,MBAM,Panda all come up clean. I have gotten a couple of weird things tho I was on Myspace and the Screen went RED and a warning came up saying it was a unsafe site. Never had that happen before. But like I said all the scan came up clean so I guess Im good Thanks.

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:23 PM

Posted 03 February 2010 - 10:43 AM

As with gaming sites, users visiting MySpace, YouTube, Facebook...may encounter innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 PM

Posted 04 February 2010 - 12:15 AM

Yeah its a bummer I only use myspace because I enjoy a game on it Mobsters, but unfortunately I am facing the fact I might have to give up playing it due to the increase in malware on these types of sites.

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:23 PM

Posted 04 February 2010 - 05:46 AM

Using MySpace can be hazardous to your computer.
Virut file infector found on MySpace user pages
Koobface Worm Attacks Facebook and MySpace Users
MySpace Pages Rigged with Bad Script
Facebook and MySpace Viral Social Networking Spam
Phishers Drop MySpace Bait
Maximus root kit downloads via MySpace social engineering trick
Hackers Exploiting Facebook, MySpace Plug-ins
MySpace malware poses as Windows update
MySpace Hacks Predate Recent Hijack of Alicia Keys Site
MySpace Attacked by Flash Worm
Ad-based Trojan hits MySpace, Bebo and others
Dangerous Malware Detected through Flash Advertisements
Banner Ad Trojan Served on MySpace
QuickTime exploit steals MySpace passwords
QuickSpace: MySpace Tracker Launch by QuickTime
New MySpace Nasty
MySpace Pushing Ads for malware: WinAntiVirus, Drive Cleaner
New MySpace Phish using CSS
Myspace Users Hit By Hacker Virus
Myspace Ad Served Spyware To A Million Computers
Phishing Attack Targets Myspace Users
Myspace Xss Quicktime Worm
Myspace Phishing Alert
Malicious videos open dangerous attack vector (to YouTube and MySpace users)
Zango Adware Found On MySpace
Bogus YouTube clip on Myspace installs Zango Cash
180solutions Jumps In Bed With Myspace
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 PM

Posted 05 February 2010 - 09:01 PM

And that also doesnt take into account the xat chat rooms people who play the mobster games like myself go on as well either. Which Im sure are bad as well. Ok time to just wipe all my computers reformat reinstall the operating systems and then I can set-up one for gaming and one for secure stuff.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users