Laptop scan

[JeanInMontana]

Much to my surprise quick scan on my laptop came up with 34 items! I removed them and I'm doing a full scan now.

Malwarebytes' Anti-Malware Version 0.54

This logfile was saved before the removal process.

Database version: 091

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 34

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv (Malware.Trace)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\temp\Upd10.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd11.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd12.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd13.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd14.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd15.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd16.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd17.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd18.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd19.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd1A.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd1B.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd1C.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd1D.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd1E.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd2.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd20.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd2E.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd3.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd3B.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd4.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd5.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd52.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd6.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd7.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd8.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd8B.tmp (Heuristics.Malware)

C:\WINDOWS\temp\Upd9.tmp (Heuristics.Malware)

C:\WINDOWS\temp\UpdA.tmp (Heuristics.Malware)

C:\WINDOWS\temp\UpdB.tmp (Heuristics.Malware)

C:\WINDOWS\temp\UpdC.tmp (Heuristics.Malware)

C:\WINDOWS\temp\UpdD.tmp (Heuristics.Malware)

C:\WINDOWS\temp\UpdE.tmp (Heuristics.Malware)

C:\WINDOWS\temp\UpdF.tmp (Heuristics.Malware)

[JeanInMontana]

New scan with updates.

Malwarebytes' Anti-Malware Version 0.54

This logfile was saved after the removal process completed.

Database version: 094

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\temp\Upd2.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.

Are all these files UPd update files of some sort? Where are they coming from? Also wonder about the reg key in the first scan.

[joe53]

Are all these files UPd update files of some sort? Where are they coming from?

I too have been getting those Updxxx.tmp detections:

Malwarebytes' Anti-Malware Version 0.54

Database version: 096

Files Infected: 1

Files Infected:

C:\WINDOWS\temp\Upd73A.tmp (Heuristics.Malware)

By trial and error, I determined they were placed in my temp folder whenever I manually updated my backup (on-demand) AV, AntiVir PE Classic.

[JeanInMontana]

Hey Joe, welcome to MWB! Love that avatar.

That makes sense because I use Avira too.