Jump to content

windows 10, services and controller app.exe showing as infected


Recommended Posts

Hi!

 

Malwarebytes is showing the services and controller app.exe  as infected by a trojan downloader. I dont want to click 'remove' as im worried that it will remove something important. What should i do?

 

I've also scanned with trend & windows defender & they show no infections, do you think malwarebytes is picking up something falsely? 

 

Thanks for any help

Link to post
Share on other sites

thanks MrC for the reply....Is this what you need?

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 23/07/2015

Scan Time: 10:25 AM

Logfile: 

Administrator: Yes

 

Version: 2.1.8.1057

Malware Database: v2015.07.22.07

Rootkit Database: v2015.07.22.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 10

CPU: x64

File System: NTFS

User: Ric

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 417018

Time Elapsed: 16 min, 15 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 1

Trojan.Downloader, C:\Program Files\Windows Multimedia Platform\Services and Controller app.exe, , [7d52b72d7317191da013a5d6a959da26], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

maybe this one......

 

?xml version="1.0" encoding="UTF-16"?>
 
-<mbam-log>
 
 
-<header>
 
<date>2015/07/23 10:25:51 +1200</date>
 
<logfile>mbam-log-2015-07-23 (10-25-50).xml</logfile>
 
<isadmin>yes</isadmin>
 
</header>
 
 
-<engine>
 
<version>2.1.8.1057</version>
 
<malware-database>v2015.07.22.07</malware-database>
 
<rootkit-database>v2015.07.22.01</rootkit-database>
 
<license>free</license>
 
<file-protection>disabled</file-protection>
 
<web-protection>disabled</web-protection>
 
<self-protection>disabled</self-protection>
 
</engine>
 
 
-<system>
 
<osversion>Windows 10</osversion>
 
<arch>x64</arch>
 
<username>Ric</username>
 
<filesys>NTFS</filesys>
 
</system>
 
 
-<summary>
 
<type>threat</type>
 
<result>completed</result>
 
<objects>417018</objects>
 
<time>975</time>
 
<processes>0</processes>
 
<modules>0</modules>
 
<keys>0</keys>
 
<values>0</values>
 
<datas>0</datas>
 
<folders>0</folders>
 
<files>1</files>
 
<sectors>0</sectors>
 
</summary>
 
 
-<options>
 
<memory>enabled</memory>
 
<startup>enabled</startup>
 
<filesystem>enabled</filesystem>
 
<archives>enabled</archives>
 
<rootkits>enabled</rootkits>
 
<deeprootkit>disabled</deeprootkit>
 
<heuristics>enabled</heuristics>
 
<pup>enabled</pup>
 
<pum>enabled</pum>
 
</options>
 
 
-<items>
 
 
-<file>
 
<path>C:\Program Files\Windows Multimedia Platform\Services and Controller app.exe</path>
 
<vendor>Trojan.Downloader</vendor>
 
<action/>
 
<hash>7d52b72d7317191da013a5d6a959da26</hash>
 
</file>
 
</items>
 
</mbam-log>
Link to post
Share on other sites

Did you read what it actually is:

 

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

If you have MB remove it, it will just go into quarantine and can be restored if needed as long as you don't empty out quarantine.

MrC

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.