msb.exe

lazaroff

Baseband Member
Messages
24
I had a few weird processes going that were really bogging down my computer, so I got AVG Anti-Virus 8 and ran a scan, it caught a few and I fixed them up. But I still have a single process using almost a 3rd of my memory constantly. The executable is msb.exe located in C:\Windows.
It's obviously doing something, how do I remove it?
 
Impressive Malwarebytes, very impressive.


--------------------------------------------
Malwarebytes' Anti-Malware 1.37
Database version: 2239
Windows 6.0.6002 Service Pack 2

6/6/2009 9:56:17 PM
mbam-log-2009-06-06 (21-56-17).txt

Scan type: Full Scan (C:\|)
Objects scanned: 295890
Time elapsed: 1 hour(s), 15 minute(s), 10 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 23

Memory Processes Infected:
C:\Windows\msb.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Windows\tempie (Spyware.Passwords) -> Quarantined and deleted successfully.

Files Infected:
C:\Windows\msb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\msa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\tempie\aim.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\aim1.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\aim6.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\aimer.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\decaptcher.dll (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\iepw.txt (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\me.ini (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\mes.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\mes_t.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\msado25.tlb (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\MSVBVM60.DLL (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\MSWINSCK.OCX (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\newpw.txt (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\RICHTX32.OCX (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\urlmon.dll (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\wbemdisp.tlb (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\winhttp.dll (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\tempie\wininet.dll (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
 
I have also found msb.exe on my but since i already knew about malwarebytes (totaly agree with Atomic Rooster) I am currently running a scan and it so far found 14 objects that were infected and it has found them and my antivirus didnt find anything wrong earlier
 
my computer had this i found it when my computer was running dead slow i opened up task manager and found my CPU running at 100% so i went in processes and saw MSB.exe running about 40 times so i downloaded AVG and the moment i had finished installing it found the virus and removed it... (But my AVG was 9)
 
Back
Top Bottom