PDA

View Full Version : pse_350_sve.exe (Trojan.Agent)



medborga
2011-05-08, 12:15
Hi,

I am getting webpages inside the chrome browser which look like a general windows folder with yellow folders inside, performing some blinking scan and saying my computer is infected with malware. These pages have been opened from google search results and they are not popping up, but they clearly look like virus and I force Chrome to quit to end the process. No apparent problems with computer, it operates fine.

I performed a Malwarebytes scan which found the following and fixed the problems (which I maybe shouldn't have done after reading the instructions here):

--------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6528

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

2011-05-08 01:14:52
mbam-log-2011-05-08 (01-14-52).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 420276
Time elapsed: 2 hour(s), 20 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\chris\local settings\temporary internet files\pse_350_sve.exe (Trojan.Agent) -> Quarantined and deleted successfully.

------------------------------------------------------------------------

Should I understand this as the computer is fixed and clean or not? Very grateful for your help.

tashi
2011-05-08, 17:23
Hello medborga,

In order for someone to advise they will need to see the DDS logs for analysis, instructions in post #2.
"BEFORE You POST"(Please read this Procedure Before Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start a new topic providing the logs as shown in that sticky and a link back to this thread. :)

Best regards.