False Positive DB 1085 - HH.exe - Malwarebytes Forum

Welcome Guest ( Log In | Register )

False Positive DB 1085 - HH.exe

Options

securityjunky View Member Profile	Aug 25 2008, 01:09 AM Post #1
New Member Group: Members Posts: 5 Joined: 27-July 08 Member No.: 3,031	Malwarebytes' Anti-Malware 1.25 Database version: 1085 Windows 5.1.2600 Service Pack 2 8:22:17 PM 8/24/2008 mbam-log-08-24-2008 (20-22-17).txt Scan type: Full Scan (A:\\|C:\\|D:\\|E:\\|F:\\|G:\\|) Objects scanned: 62368 Time elapsed: 9 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\hh.exe (Trojan.FakeHelp) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllcache\hh.exe (Trojan.FakeHelp) -> Quarantined and deleted successfully. http://www.virustotal.com/analisis/8310c3b...e1c5e3bddee469f - C:\Windows\hh.exe http://www.virustotal.com/analisis/75232fb...347b7369719ff64 - C:\WINDOWS\system32\dllcache\hh.exe hh.exe file: http://files.filefront.com/hhexe/;11596689;/fileinfo.html hh.exe located in sys32 dllcache: http://files.filefront.com/hhexe/;11596742;/fileinfo.html

securityjunky View Member Profile	Aug 25 2008, 01:14 AM Post #2
New Member Group: Members Posts: 5 Joined: 27-July 08 Member No.: 3,031	Malwarebytes' Anti-Malware 1.25 Database version: 1085 Windows 5.1.2600 Service Pack 2 9:13:23 PM 8/24/2008 mbam-log-08-24-2008 (21-13-21).txt Scan type: Full Scan (A:\\|C:\\|D:\\|E:\\|F:\\|G:\\|) Objects scanned: 27158 Time elapsed: 5 minute(s), 8 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\_restore{AFD5CB49-C301-40BB-BE84-12FAF22B9770}\RP39\A0013663.exe (Trojan.FakeHelp) -> No action taken. [4134524130538380756679153966767041707781130166667024681871716669662022261821192 41971677166222518682021672021] C:\WINDOWS\hh.exe (Trojan.FakeHelp) -> No action taken. [4134524130538380756679153966767041707781130166667024681871716669662022261821192 41971677166222518682021672021] Dev log if needed

Monkeys View Member Profile	Aug 25 2008, 01:32 AM Post #3
New Member Group: Members Posts: 14 Joined: 27-July 08 Member No.: 3,032	Yep, same here.

Reilly'sPal View Member Profile	Aug 25 2008, 01:50 AM Post #4
New Member Group: Members Posts: 5 Joined: 19-August 08 Member No.: 3,348	Same results here including the VirusTotal scan.

nosirrah View Member Profile	Aug 25 2008, 01:54 AM Post #5
Forum Deity Group: Administrators Posts: 6,230 Joined: 30-December 06 From: Northampton, MA USA Member No.: 884	will be fixed in 5 minutes -------------------- Bruce Harrison Malwarebytes VP of Research Follow us: Twitter, Become a fan: Facebook

Monkeys View Member Profile	Aug 25 2008, 02:31 AM Post #6
New Member Group: Members Posts: 14 Joined: 27-July 08 Member No.: 3,032	All clean now, thanks.

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Time is now: 9th February 2010 - 02:00 AM ()

Licensed to: Malwarebytes