Trojan agent Found by Malwarebytes

Malwarebytes’ Anti-Malware 1.41
Database version: 3024
Windows 5.1.2600 Service Pack 3

10/24/2009 2:43:57 PM
mbam-log-2009-10-24 (14-43-57).txt

Scan type: Quick Scan
Objects scanned: 127636
Time elapsed: 5 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\Temp\cd100d77-0916-4168-bc22-fdb799ed7506.tmp (Trojan.Agent) → Quarantined and deleted successfully.
C:\WINDOWS\Temp\cd13623f-b9c9-4b21-bc02-dd74a7d7dc3d.tmp (Trojan.Agent) → Quarantined and deleted successfully.
C:\WINDOWS\Temp\cd18f494-cdc9-4d0a-a83a-3274defebb9b.tmp (Trojan.Agent) → Quarantined and deleted successfully.
C:\WINDOWS\Temp\cd1b5003-e871-4a7f-a1f8-2c9924411e98.tmp (Trojan.Agent) → Delete on reboot.
C:\WINDOWS\Temp\cd1ece47-eeb0-4575-b79e-988bbeef2f6d.tmp (Trojan.Agent) → Quarantined and deleted successfully.

Trojan or false result?
by the way they are 0 KB.

just worried about getting hacked that is all so I need to know is it a False Scan or they are Trojan agents?

Download CCleaner to clean out TEMP files then run Malwarebytes:
http://www.ccleaner.com/download/builds <== get slim build with no toolbar

deleted it
thanks.

i am just wondering , I still have those files if any one can figure out are they Trojans or false alerts?
i am not 100% sure thought. i used to run avg

Did you run the AVG un-unstall application as well or just un-install from Add/Remove Programs?

I just had a look in their forum and do not see any False positives of that nature:
http://www.malwarebytes.org/forums/index.php?showforum=42

i think i did both
i mean i first installed and uninstalled then reinstalled lol

i just want to know what does those do…
would Sending those files Help?

Are you running AVG and avast!?

The Malwarebytes experts can answer your Malwarebytes False positive questions.

In all the time I have used Malwarebytes they quickly fix any False positive when reported there and if Malwarebytes found them then most likely they are not False positives.

i will restore them then Send them via media share.
i am running malware bites/avg/superantispyware and avast

i just started using malware bites…
could a little tmp files be a trojan or do you think they are logs by avg and Contains the Code that Specfies a Recently Removed Trojan?

You can not have 2 anti virus applications on your system so you will have to choose one hopefully avast!

Hi just Found this after Restoration.
its in the Trojan file…

<?xml version="1.0"?> 1 0 SetConnectionType NewConnectionType in ConnectionType GetConnectionTypeInfo NewConnectionType out ConnectionType NewPossibleConnectionTypes out PossibleConnectionTypes ConfigureConnection NewUserName in UserName NewPassword in Password RequestConnection

Hi I opened this file.
Would I get Effected?

i opened it using Text Document…

Any 1?

I opened it using Text Document i mean the TMP File
is this safe???

upload it to virustotal.com and check it up before you open it. and you should only run one antivirus two or more will only conflict with each other.

http://www.mediafire.com/?sharekey=3c9301fd94f3502d24a64199ac7f73e5e04e75f6e8ebb871

Here is one of the Files.

SOME one help me please

i upload it to virus total but it doesn’t Find any thing…
can some one check the file from mediashare?

This file has been uploaded to virustotal before for analysis and it was 0 of 41 scanners, nada, nothing, zilch found by all scanners.

http://www.virustotal.com/analisis/64810bd27f6e9ee0fdfcf373bdf53d1ccf0be0de08a9df4c5e468cfe29ae2cf1-1256404043

I just uploaded it again and same result 0/41 detections.

So whilst this looks like a false positive, personally I wouldn’t waste a great deal of time on this given that it is a .tmp file, I would do as previously suggested, clear all temp files, using CCleaner.

You biggest concern really is completely removing AVG as having two resident scanners will bite you in the ass sooner or later.

well its weird

I Scanned only 1 File (Which is The Trojan) using Malwarebites and Found No thing.
Then Started a quick System Scan on all drives and it had it.

any chance of Testing this on a Virtual machine? ???

I just opened it(guest account), nothing strange is happening.

but virustotal also has this info, fyi.

TrID : File type identification
JFIF JPEG Bitmap (50.0%)
JPEG Bitmap (37.4%)
MP3 audio (12.4%)

edit : and as sir davidR said, nothing to worry. clean the temp files using cleaner like ccleaner.

nmb

thanks for that lol
I was just paranoid

I killed the Trojan thought.
But Honestly Quick System scan (and not just scan 1 File) makes a Difference in detection.
can you download it and Do a quick system scan using MB?