« previous next »
Pages: [1]   Go Down

Author Topic: Msb.exe  (Read 11053 times)

0 Members and 1 Guest are viewing this topic.

kris84

  • Guest
Msb.exe
« on: July 15, 2009, 05:00:15 PM »
Hi avast recently found msb.exe in my system files, I have removed it to the chest as was suggested. I search it in google and it showed it was a Trojen. Since removal my Net has been sending more than recieveing and the transmit rate is much higher than the recieve rate. As you can probably tell Im not that Savvy with Computers and viruses. Im running Avast! and Zone Alarm on my Pc. OS is xp All up to date. Hope this is enough information for anyone to help me out. I would just like to know if there is a connection between the net and msb.exe and how to remove it and its tenticals from my system..lol Sorry if Im confussing you!!
Logged

kris84

  • Guest
Re: Msb.exe
« Reply #1 on: July 15, 2009, 05:22:07 PM »
Just checked it out and it is a WIN32:Zlob-CWZ....Any Ideas?
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89029
  • No support PMs thanks
Re: Msb.exe
« Reply #2 on: July 15, 2009, 06:19:41 PM »
Well that really contradicts any link if transmission increases 'after' removal of msb.exe, so I would say that you have other issues. I'm none to impressed with the free zone alarm to protect against unauthorised outbound connections. It is restricted in the protection level in the hope you would purchase the ZA Pro version.

Rogueware (fake security applications) is often associated with Zlob detections.

If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

kris84

  • Guest
Re: Msb.exe
« Reply #3 on: July 16, 2009, 11:26:29 AM »
OK im downloading it now, I hope I do this right as I said in my first post Im not real computer savvy!!lol
Logged

kris84

  • Guest
Re: Msb.exe
« Reply #4 on: July 16, 2009, 03:31:41 PM »
I dont know if this will work sorry about all the trouble, I think I have added the logs for Malwarebytes here>

Malwarebytes' Anti-Malware 1.39
Database version: 2440
Windows 5.1.2600 Service Pack 3

16/07/2009 11:24:01 PM
mbam-log-2009-07-16 (23-23-54).txt

Scan type: Quick Scan
Objects scanned: 103818
Time elapsed: 4 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{40196867-19f8-7157-c097-ecaff653c9ad} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ColdWare (Malware.Trace) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

What do I do now? Do I quarantine or delete?
I am still downloading the other as my download speed has dropped dramatically.
 Thank you for you help!
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89029
  • No support PMs thanks
Re: Msb.exe
« Reply #5 on: July 16, 2009, 04:00:58 PM »
The detections look good so allow MBAM to deal with them.

- Run MBAM again and this time when the scan is complete, all detections should have a check mark in the box to the left of the entry, leave them selected (or select if not selected). At the bottom of the window there is a button, Remove Selected, click that and the items will be removed.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

kris84

  • Guest
Re: Msb.exe
« Reply #6 on: July 16, 2009, 04:17:39 PM »
Thank you so much David!! Apologies for any confusion. Much appreciated!! your a champ!!!
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89029
  • No support PMs thanks
Re: Msb.exe
« Reply #7 on: July 16, 2009, 04:32:35 PM »
You're welcome.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »