The past few weeks my computer has been acting wierd, going slow, crashing, etc.
I decided to install Malwarebytes to scan the computer, and found 6 Objects Infected.
The weird thing is though, that the 6 objects where normal.
Here is my log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7615
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
8/30/2011 5:44:26 PM
mbam-log-2011-08-30 (17-44-23).txt
Scan type: Quick scan
Objects scanned: 199048
Time elapsed: 2 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Backdoor.HMCPol.Gen) -> Value: HKCU -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Backdoor.HMCPol.Gen) -> Value: HKLM -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\David\AppData\Roaming\winlogon.exe (Trojan.Downloader) -> No action taken.
c:\Users\David\AppData\Roaming\logs.dat (Bifrose.Trace) -> No action taken.
----------------
One of them, the process winlogon.exe, I removed in the Windows Task Manager processes tab, and it crashed my client (which it should if you delete it), so that means it is not a virus.
Then that must mean that Malwarebytes is giving me false information. I tried deleting the Malwarebytes file in 'Program Files (x86)' and these files wouldn't delete:
mbam.dll
mbam.exe
mbamcore.dll
mbamnet.dll
ssubtmr6.dll
vbalsgrid6.ocx
-------------
My computer OS is Windows 7 64-Bit.
Hope I can get this solved!
I decided to install Malwarebytes to scan the computer, and found 6 Objects Infected.
The weird thing is though, that the 6 objects where normal.
Here is my log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7615
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
8/30/2011 5:44:26 PM
mbam-log-2011-08-30 (17-44-23).txt
Scan type: Quick scan
Objects scanned: 199048
Time elapsed: 2 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Backdoor.HMCPol.Gen) -> Value: HKCU -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Backdoor.HMCPol.Gen) -> Value: HKLM -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\David\AppData\Roaming\winlogon.exe (Trojan.Downloader) -> No action taken.
c:\Users\David\AppData\Roaming\logs.dat (Bifrose.Trace) -> No action taken.
----------------
One of them, the process winlogon.exe, I removed in the Windows Task Manager processes tab, and it crashed my client (which it should if you delete it), so that means it is not a virus.
Then that must mean that Malwarebytes is giving me false information. I tried deleting the Malwarebytes file in 'Program Files (x86)' and these files wouldn't delete:
mbam.dll
mbam.exe
mbamcore.dll
mbamnet.dll
ssubtmr6.dll
vbalsgrid6.ocx
-------------
My computer OS is Windows 7 64-Bit.
Hope I can get this solved!
Didn't realize at first that it was in roaming.
Facebook
Twitter
Instagram