Jump to content
Sign in to follow this  
securityjunky

False Positive DB 1085 - HH.exe

Recommended Posts

Malwarebytes' Anti-Malware 1.25

Database version: 1085

Windows 5.1.2600 Service Pack 2

8:22:17 PM 8/24/2008

mbam-log-08-24-2008 (20-22-17).txt

Scan type: Full Scan (A:\|C:\|D:\|E:\|F:\|G:\|)

Objects scanned: 62368

Time elapsed: 9 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\hh.exe (Trojan.FakeHelp) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\dllcache\hh.exe (Trojan.FakeHelp) -> Quarantined and deleted successfully.

http://www.virustotal.com/analisis/8310c3b...e1c5e3bddee469f - C:\Windows\hh.exe

http://www.virustotal.com/analisis/75232fb...347b7369719ff64 - C:\WINDOWS\system32\dllcache\hh.exe

hh.exe file: http://files.filefront.com/hhexe/;11596689;/fileinfo.html

hh.exe located in sys32 dllcache: http://files.filefront.com/hhexe/;11596742;/fileinfo.html

Share this post


Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.25

Database version: 1085

Windows 5.1.2600 Service Pack 2

9:13:23 PM 8/24/2008

mbam-log-08-24-2008 (21-13-21).txt

Scan type: Full Scan (A:\|C:\|D:\|E:\|F:\|G:\|)

Objects scanned: 27158

Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\System Volume Information\_restore{AFD5CB49-C301-40BB-BE84-12FAF22B9770}\RP39\A0013663.exe (Trojan.FakeHelp) -> No action taken. [4134524130538380756679153966767041707781130166667024681871716669662022261821192

41971677166222518682021672021]

C:\WINDOWS\hh.exe (Trojan.FakeHelp) -> No action taken. [4134524130538380756679153966767041707781130166667024681871716669662022261821192

41971677166222518682021672021]

Dev log if needed

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.