M
mm
Rewritten to be more clear and sit in its own thread:
Does \MsMpEng.exe(1360):\memory_07d80000 mean malware? AVG seems to
think so.
As you may know, after a disabling malware problem, I've been
restoring a friend's HP mini 1000, and got it running about a week
ago, and I've been fixing it up in other ways for about a week now and
it's been working fine and I'm supposed to return it tomorrow, and
just now I found two infections, even though I've not read any email
or gone to more than 8 urls, all of them well known and hopefully
malware free.
I realize just earlier today, Friday, I figured out how to run Windows
Defender without it getting turned off.
And the two infections are:
c:\program files\windows defender\MsMpEng.exe(1360):\memory_07d80000
and
c:\program files\windows defender\MsMpEng.exe(1360)
They are both labeled: Trojan horse Generic18.BNY]
What does this mean? MsMpEng.exe is a regular part of Windows
Defender, an MS antii-malware program. Complaints about it on the web
are that sometimes it uses up most of the cpu, but for in my case it's
not using a thing and the system is 97 percent idle.
What does (1360( etc. mean? Is it possible AVG is finding in Windows
Defender something meant to find a virus and thinks it is a virus?
I tried to move both items to the virus vault. For the first
line it says Object is inaccessible. The second line got a green
check. There is nothing in the virus vault and the exectuable
MsMpEng.exe is still in place.
What does all this mean?
BTW, googling for the file name and the trojan name as written and
with or without a space between Generic and 18.BNY, I got no hits.
Any help is much appreciated.
MM
Does \MsMpEng.exe(1360):\memory_07d80000 mean malware? AVG seems to
think so.
As you may know, after a disabling malware problem, I've been
restoring a friend's HP mini 1000, and got it running about a week
ago, and I've been fixing it up in other ways for about a week now and
it's been working fine and I'm supposed to return it tomorrow, and
just now I found two infections, even though I've not read any email
or gone to more than 8 urls, all of them well known and hopefully
malware free.
I realize just earlier today, Friday, I figured out how to run Windows
Defender without it getting turned off.
And the two infections are:
c:\program files\windows defender\MsMpEng.exe(1360):\memory_07d80000
and
c:\program files\windows defender\MsMpEng.exe(1360)
They are both labeled: Trojan horse Generic18.BNY]
What does this mean? MsMpEng.exe is a regular part of Windows
Defender, an MS antii-malware program. Complaints about it on the web
are that sometimes it uses up most of the cpu, but for in my case it's
not using a thing and the system is 97 percent idle.
What does (1360( etc. mean? Is it possible AVG is finding in Windows
Defender something meant to find a virus and thinks it is a virus?
I tried to move both items to the virus vault. For the first
line it says Object is inaccessible. The second line got a green
check. There is nothing in the virus vault and the exectuable
MsMpEng.exe is still in place.
What does all this mean?
BTW, googling for the file name and the trojan name as written and
with or without a space between Generic and 18.BNY, I got no hits.
Any help is much appreciated.
MM