Home
Forums
New posts
Search forums
Articles
Latest reviews
Search resources
Members
Current visitors
Newsgroups
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Home
Forums
Newsgroups
Microsoft AntiSpyware
Security and Anti-Spyware Community
AVG detects MsMpEng.exe as threat
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
[QUOTE="Engel, post: 12384392"] Hello Kicnit, The filename is associated with the malware group Trojan.Downloader. Some files using the name WINCTRL32.DLL are also associated with the malware group: Win32/Agent Source: <[URL]http://www.prevx.com/filenames/X1877030665626356773-X1/WINCTRL32.DLL.html[/URL]> This could well be a false positive. One way to get further information is to submit the file at one or more of the following sites: [URL]http://altagradazione.blogspot.com/2007/08/virustotal.html[/URL] (en ITALIAN) [URL]http://www.virustotal.com/es/indexf.html[/URL] (en SPANISH) <[URL]http://www.virustotal.com[/URL]> <[URL]http://virusscan.jotti.org[/URL]> Each has a browse window in the upper right to do the submission, and will check out your file with 10 or so antivirus vendors with one submission. A clean reading at these sites is not proof that a file is safe, but I'd say in this case that it is likely to be a good indicator that, in fact, the file is safe, and you are seeing a false positive. If you cannot remove this through Add/Remove screen Id suggest using Hijack This <[URL]http://wiki.castlecops.com/Malware_Removal:_Reference_HijackThis_Log[/URL]> and posting back the log it produces to show if this is a Trojan Infection. The Trojan drops files all over the place and most scanners will not remove this, Download Hijack This if needed : Save it to desktop or c:/drive, Run Hijack This and choose to do a system scan and save the logfile, when its finished it will open the results in notepad, and please do not fix anything using HijackThis as most will be harmless or essential files. You could post the results over at spywareinfo or tomcoyote or other Hijack This forums or Ron Kinner Get HijackThis.exe from Hijack This has been taken over by Trend Micro. This new version can be downloaded here. <[URL]http://www.bleepingcomputer.com/files/hijackthis.php[/URL]> Trend Micro HijackThis 2.02 <[URL]http://computercops.biz/HijackThis.html[/URL]> Save it to C:\hjt (new folder) then Open it and select Scan and Save Log. Note where you saved the log then send it to him as an attachment. Put Hijack in the subject so he'll know it's not spªm. Alternatively you can post it on the Dell Forum ªt: <[URL]http://forums.us.dell.com/supportforums/board?board.id=si_hijack[/URL]> (if it wraps you can go tº: <[URL]http://tinyurl.com/ckuzq[/URL]> instead.) Put Ron in the subject so he will see it. You do not need to have a Dell to post but you will need to register. Ron Kinner Microsoft MVP 2004 & 2005 [email]rkinner@att.net[/email] SUPERAntiSpyware Malwarebytes Antimalware Have you done any scans within safe mode ? Restart in safe mode and scan with both updated Windows Defender, your antivirus, Malwarebytes Antimalware (AntiTrojan) and SUPERAntiSpyware (Malaware), SUPERAntiSpyware (Free) <[URL]http://www.superantispyware.com/[/URL]> Malwarebytes Antimalware (Free) <[URL]http://www.malwarebytes.org/mbam.php[/URL]> Unexplained computer behavior may be caused by deceptive software <[URL]http://support.microsoft.com/kb/827315[/URL]> Good luck -=- [/QUOTE]
Verification
Post reply
Home
Forums
Newsgroups
Microsoft AntiSpyware
Security and Anti-Spyware Community
AVG detects MsMpEng.exe as threat
Top
