Jump to content
Pelo

Post new threats?

By Pelo, in General Questions

Recommended Posts

Pelo   

Pelo
Posted

Good evening everyone. I ran Malwarebytes and found about 11 viruses that SUPER didn't find, and I was wondering where I would submit these.

I've attached the viruses that were detected.

post-13673-0-92401100-1303533073_thumb.jpg

(Click to enlarge)

~Pelo

Share this post

Link to post
Share on other sites

Pelo   

Pelo
Posted

Thanks for that, but some of the files have the status "File Not Found". Specific files listed below:

(Trojan.Dropper files)

C:\Users\[user]\AppData\Local\Temp\0.03195716095141843.exe

C:\Users\[user]\AppData\Local\Temp\0.04553341046753401.exe

C:\Users\[user]\AppData\Local\Temp\0.5132570670080816.exe

C:\Users\[user]\AppData\Local\Temp\0.9817938091132591.exe

(Hijack.ExeFile file)

HKEY_CLASSES_ROOT\.exe\shell\open\command | (default)

(Trojan.Agent files)

HKEY_CURRENT\USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | Load

HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

What should I do?

Share this post

Link to post
Share on other sites

siliconman01   

siliconman01
Posted
(Hijack.ExeFile file)

HKEY_CLASSES_ROOT\.exe\shell\open\command | (default)

(Trojan.Agent files)

HKEY_CURRENT\USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | Load

HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

The above are system registry values. You will not be able to submit them via the SAS sample submit tool.

C:\Users\[user]\AppData\Local\Temp\0.03195716095141843.exe

C:\Users\[user]\AppData\Local\Temp\0.04553341046753401.exe

C:\Users\[user]\AppData\Local\Temp\0.5132570670080816.exe

C:\Users\[user]\AppData\Local\Temp\0.9817938091132591.exe

Do you have the option selected in Windows 7 to show all files, folders, and unhide Protected Operating System files? Please perform the procedure below and then see if you find the above files.

http://www.sevenforums.com/tutorials/394-hidden-files-folders-show-hide.html

If they are still not found, then they no longer exist on your disk. They are in a Temp folder which means they may be transient based on a specific program running.

Share this post

Link to post
Share on other sites

Pelo   

Pelo
Posted

The above are system registry values. You will not be able to submit them via the SAS sample submit tool.

Curses. There must be another way...

Do you have the option selected in Windows 7 to show all files, folders, and unhide Protected Operating System files? Please perform the procedure below and then see if you find the above files.

http://www.sevenforums.com/tutorials/394-hidden-files-folders-show-hide.html

If they are still not found, then they no longer exist on your disk. They are in a Temp folder which means they may be transient based on a specific program running.

Thing is I'm running Vista. Plus I restored the files from Malware's quarantine and watched them reappear. Strange this is they shared the same folder with another random number exe file.

Share this post

Link to post
Share on other sites

Pelo   

Pelo
Posted

You could submit a Customer Support Request and submit the registry keys.

Perfect! We will get a diagnostic :)

I've submitted to the customer support. Here's hoping it works out.

Thanks for all your help!

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing General Questions
×