We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Tried everything to get rid of this virus.....
johnnytee
Posts: 315 Forumite
in Techie Stuff
....... all to no avail. Here is the Malwarebytes log:
Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 2
11/09/2009 06:17:49
mbam-log-2009-09-11 (06-17-49).txt
Scan type: Full Scan (C:\|)
Objects scanned: 122028
Time elapsed: 38 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Spooler SubSystem App (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
I know it says it was successfully deleted, however it shows up everytime i do a scan. Cananyone help?
My debit card was scammed last week. I'm sure this virus has something to do with it. :mad:
Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 2
11/09/2009 06:17:49
mbam-log-2009-09-11 (06-17-49).txt
Scan type: Full Scan (C:\|)
Objects scanned: 122028
Time elapsed: 38 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Spooler SubSystem App (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
I know it says it was successfully deleted, however it shows up everytime i do a scan. Cananyone help?
My debit card was scammed last week. I'm sure this virus has something to do with it. :mad:
0
Comments
-
Have you used superantispyware ?
http://www.superantispyware.com/
and a rootkit finder
http://www.gmer.net/0 -
Did you update Malwarebytes?
According to this thread it is a false positive
http://www.malwarebytes.org/forums/index.php?showtopic=71990 -
Try the ESET Online Scanner.0
-
ESET found no threats. Yes I've updated MB. Can someone explain what a 'false positive' is.0
-
A false positive is a legitimate process, program or system setting that has been incorrectly identified as being malicious.
Note: MBAM is currently up to version 1.41.0 -
... and database version 2780 (as I type!)...-TangleFoot- wrote: »Note: MBAM is currently up to version 1.41.0 -
Cripes! d/l version 1.41 and its picked up something else:
Malwarebytes' Anti-Malware 1.41
Database version: 2780
Windows 5.1.2600 Service Pack 2
11/09/2009 08:47:03
mbam-log-2009-09-11 (08-47-03).txt
Scan type: Quick Scan
Objects scanned: 84058
Time elapsed: 4 minute(s), 59 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Network Data Management System Service (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Spooler SubSystem App (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)0 -
Don't forget to reboot once you have scanned and Remove Selected.0
-
And install Service Pack 3 too!0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 354.4K Banking & Borrowing
- 254.4K Reduce Debt & Boost Income
- 455.4K Spending & Discounts
- 247.3K Work, Benefits & Business
- 604.1K Mortgages, Homes & Bills
- 178.4K Life & Family
- 261.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards