Jump to content

Recommended Posts

database version 648

I did a full scan today and received the following two alerts:

1) D:\I386\Apps\APP17851\src\install\Worldwide-HP\progfiles\Apps\hpuninstall.exe

2) D:\I386\Apps\APP17851\src\install\Worldwide-HP\progfiles\Apps\onplay.exe

The program said they were both Trojan.Downloader.

I have an HP Scanner and Printer and also installed the HP Smart Web Printing on my browser so I highly doubt those two flagged programs are bad but just in case I am trying to find out here if I am incorrect.

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.11

Database version: 651

Scan type: Full Scan (C:\|)

Objects scanned: 128014

Time elapsed: 59 minute(s), 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 4

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Jean Dahl\Desktop\OOo_2.4.0_Win32Intel_install_en-US.exe (Trojan.Downloader) -> No action taken.

C:\Program Files\HijackThis Scanalyser\uninstall.exe (Trojan.Downloader) -> No action taken.

C:\SWSETUP\HPGame\progfiles\Apps\hpuninstall.exe (Trojan.Downloader) -> No action taken.

C:\SWSETUP\HPGame\progfiles\Apps\onplay.exe (Trojan.Downloader) -> No action taken.

Now with quick scan

Malwarebytes' Anti-Malware 1.11

Database version: 651

Scan type: Quick Scan

Objects scanned: 30098

Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Avira Antivir is also detecting TR/Crypt.CFI.Gen - Trojan in stysem restore. I can't find where the quarantine folder is for the program to scan them It also labels Scanalyzer as potential with the heuristics.

Attached zip of MBAM fp's grrr one is 3 mb file. Do you have an alternative place I can send it?

3fps.zip

3fps.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.