Well this isn’t too big of a deal, just a trojan.agent found by MBAM and it was successfully removed (I had to restart my computer) I’d imagine because I scanned again with MBAM again and it was gone. But here’s the MBAM log for the trojan.agent:
Malwarebytes’ Anti-Malware 1.45
www.malwarebytes.org
Database version: 3934
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18882
3/30/2010 3:49:50 PM
mbam-log-2010-03-30 (15-49-50).txt
Scan type: Quick scan
Objects scanned: 107100
Time elapsed: 5 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class{8ecc055d-047f-11d1-a537-0000f8753ed1} (Trojan.Agent) → Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
But every time I scan with MBAM Windows Defender tells me that changes have been made to my computer.
The program that “changes” things is Malwarebyte’s company, so I know it’s safe, but why does it do this? Is there anyway to stop Windows Defender from telling me this?
Also, Windows Defender blocked some “pop-Up” from my printer (Or maybe it was Malwarebytes Anti-Malware) … But I’m not sure.
Here’s what pop-up it blocked:
File Name: lxdpmon.exe
Display Name: lxdpmon
Description: Printer Device Monitor
Publisher: Publisher Not Available
Digitally Signed By: Thawte Code Signing CA
File Type: Application
Startup Value: “C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe”
File Path: C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe
File Size: 656040
File Version: 0.1.25.0
Date Installed: 12/28/2008 5:37:03 PM
Startup Type: Registry: Local Machine
Location: Software\Microsoft\Windows\CurrentVersion\Run
Classification: Permitted
Ships with Operating System: No
SpyNet Voting: Not applicable
Sorry for the trouble. Feel free to help others first, my “problem” isn’t a big deal.
Thank you for your trouble and thanks in advance!
;D