Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Jan 8th, 2009, 11:29am
   Mischel Internet Security Forum
   Malware
   Trojans (Moderators: Helena, Gavin_Coe, Magnus)
   scan analysis for possible trojans		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: scan analysis for possible trojans  (Read 403 times)
mesmd
Newbie
*





   


Gender: male
 Posts: 5
scan analysis for possible trojans
« on: Aug 17th, 2006, 6:17am »		 Quote Quote  Modify Modify
Hi again,
The following scan displayed some possible Trojans?/
Can you analyse these and let me know what to do. Should future scans be performed in Safe Mode? Also, I think I read if a Trojan or possible one is displyed on system restore volume, I should disable System restore, reboot, and then rescan. Then when all clear, reset system restore. You guys are so excellent and respomd so quickly as siliconman001 (I hope I remembered the right spelling)?
 
Here is the scan for your analysis of 3 possible Trojans?
 
Thanks again,
 
 Miles
 
Registry scan
No suspicious entries found
Inifile scan
No suspicious entries found
Port scan
No suspicious open ports found
Memory scan
No trojans found in memory
File scan
---------------------------------------------------------------
Found possible trojan file: C:\Program Files\SoftwareByDownload\SBD Programs\cb\cbooster.exe (SDBot) (What's a possible trojan file?) (Submit for analysis...) (Add to ignore list)
--------------------------------------------------------------
 
Found possible trojan file: C:\Program Files\SoftwareByDownload\SBD Programs\pcmed\pcmedic.exe (SDBot) (What's a possible trojan file?) (Submit for analysis...) (Add to ignore list)
-------------------------------------------------------------
 
Found possible trojan file: C:\Program Files\SoftwareByDownload\SBD Programs\sbdprogs.exe (SDBot) (What's a possible trojan file?) (Submit for analysis...) (Add to ignore list)
3 possible trojan files found
15194 files scanned in 1551 seconds
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: scan analysis for possible trojans
« Reply #1 on: Aug 17th, 2006, 6:47am »		 Quote Quote  Modify Modify
Quote:
Can you analyse these and let me know what to do.

 
I cannot find any info concerning cbooster.exe, pcmedic.exe, or sbdprogs.exe.  Would you please submit these three files to Mischel Internet Security for analysis.  Below is a link that tells how to do this.
 
http://forum.misec.net/board/FAQ/1139308293
 
NOTE:  If your version of TrojanHunter is licensed, all you need to do it click on the "Submit for Analysis" hot link next to the "possible trojan" line item in the scan window.  This will permit you to send directly to Mischel Internet Security.
 
It may take a couple of days for these files to be analyzed...depending on the number of submissions back logged.  
 
Quote:
Should future scans be performed in Safe Mode?

 
No, I don't feel that you need to scan in Safe Mode for every scan.  You can/should scan in Safe Mode "every now and then" to ensure that TH is not missing something that is hidden.  
 
Quote:
Also, I think I read if a Trojan or possible one is displyed on system restore volume, I should disable System restore, reboot, and then rescan. Then when all clear, reset system restore.

 
The only way to remove an infection of any type from the System Volume Information folder is to disable System Restore, reboot, and then re-enable System Restore.  I'm not aware of any security scanner that is successful in correcting the System Volume Information folder once it becomes infected.  
 
HTHs Cheesy
 
Do you have a PCMedic computer?
« Last Edit: Aug 17th, 2006, 6:53am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
mesmd
Newbie
*





   


Gender: male
 Posts: 5
Re: scan analysis for possible trojans
« Reply #2 on: Aug 20th, 2006, 7:11am »		 Quote Quote  Modify Modify
WHAT is a pc medic computer?
I do not have one
 
miles
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: scan analysis for possible trojans
« Reply #3 on: Aug 20th, 2006, 8:47am »		 Quote Quote  Modify Modify
I just trying to figure out where programs Cbooster, PCMedic, and SBDprogs come from.  It looks like they may have been downloaded from a website named "SoftwarebyDownload" and installed on your system.  
 
Did you send these in for analysis?  
 
Do you recall intentionally installing these on your system?
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
mesmd
Newbie
*





   


Gender: male
 Posts: 5
Re: scan analysis for possible trojans
« Reply #4 on: Aug 20th, 2006, 9:50pm »		 Quote Quote  Modify Modify
siliconmano1,
 
I did 3 years ago buy this program pc-medic from SBD(Software by Download). It had a modem booster program, and other utilities which accompanied the download, which I nver used. . Pc-medic ,is and was, a good superficial registry analyser and cleaner which has worked well on all my home network computers, correcting registry clutter, trash, and errors from uninstalls, etc.  
 
I use other ones also like Sytem Mechanic from Iolo and Uniblue's Registry Booster.  Could these be Trojan infected? You said they could be analysed if I just pasted the scan report to my post which was done. So, I thought you were going to check them and get back to me with your findings RE: Possibly Trojan Infected files.
 
At least, that what I thought your post to me stated.
 
Thanks for any further clarification,
 
Miles
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: scan analysis for possible trojans
« Reply #5 on: Aug 21st, 2006, 1:33am »		 Quote Quote  Modify Modify
To actually analyze the files, they have to be submitted via email....submittal procedure described in this link.
 
http://forum.misec.net/board/FAQ/1139308293
 
Please send in and Gavin will test each file individually.  
 
These files all "sound" like they are probably a False Positive detection; however, Gavin needs the actual files in order to determine this.
« Last Edit: Aug 21st, 2006, 1:33am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register