Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM finds trojan.agent viurs, can't remove it.


  • Please log in to reply
No replies to this topic

#1 1tb

1tb

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:47 AM

Posted 19 January 2017 - 01:53 PM

I noticed the other day when running a scan using MBAM that there were some things popping up. I'd run MBAM and when it was done, I removed the findings and then rebooted my computer and they were back again, so I'm not quite sure what I should do in this case. I ran RogueKiller, removed the items and I do have a log for that, I'll paste it when asked. The MBAM log will be pasted below.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/19/17
Scan Time: 1:48 PM
Logfile: mbam.txt
Administrator: Yes

-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.1057
License: Free

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-J4L5SUV\Jaden Reinhold

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 397258
Time Elapsed: 2 min, 56 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 2
Trojan.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{18F730B1-4C62-4E79-8467-49E0980F4CC5}, No Action By User, [822], [361952],1.0.1057
Trojan.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\77n70l26d86, No Action By User, [822], [361959],1.0.1057

Registry Value: 1
Trojan.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{18F730B1-4C62-4E79-8467-49E0980F4CC5}|PATH, No Action By User, [822], [361952],1.0.1057

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
Adware.Elex, C:\USERS\JADEN REINHOLD\APPDATA\LOCAL\TEMP\GB249.TMP.EXE, No Action By User, [1624], [361888],1.0.1057
Adware.Elex, C:\WINDOWS\TEMP\G35C3.TMP.EXE, No Action By User, [1624], [361888],1.0.1057
Trojan.Agent.Generic, C:\WINDOWS\SYSTEM32\TASKS\77N70L26D86, No Action By User, [822], [361975],1.0.1057

Physical Sector: 0
(No malicious items detected)


(end)


Edited by hamluis, 19 January 2017 - 01:54 PM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users