[possibly false positive]

Malware.AI.3548712541, C:\PROGRAM FILES (X86)\STEUER 2020\QT5QML.DLL, Keine Aktion durch Benutzer, 1000000, 0, 1.0.40768, 3D34E02ED63905E3D3850E5D, dds, 01256310, 83A7F0E69B2B7FC8E630D13EE94929F1, BE7E54DCE6DC0C36D9CFAB7A13ECFA7F52D793CBABB9F60EFF2D72E656F13FCD

 

 

Qt5Qml.zip

[False Positive Alf Banco]

MBAM shows Ransom.Petya,but the file (Uninstaller) and Registry Key are from a banking software installed several months ago. Maybe a false positive.

fp.zip

[Possibly FP, photo lab uploader]

Thanks for the quick response!

[Possibly FP, photo lab uploader]

Both files are old downloads and were never detected until today.

 

 

MBAM-log-2013-12-21 (15-11-13).zip

Schlecker_Fotoservice.zip

setup_Mueller_Fotowelt.zip

[java.exe --> Trojan.Downloader?]

With DB update from 5249 to 5250 the FP was fixed, thanks!

[java.exe --> Trojan.Downloader?]

Seems to be a FP: java.exe ---> Trojan Downloader

Virustotal scan says the file is clean:

http://www.virustotal.com/file-scan/report.html?id=496699e537c06e7b431ea3b766cd13eb6e9ece7c1845e7cba8cbc4b54bfbd5af-1291577682

mbam_log_2010_12_05__20_47_00_.zip

java.zip

[false positive: wget.exe]

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Datenbank Version: 4212

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

18.06.2010 17:39:56

mbam-log-2010-06-18 (17-39-56).txt

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 146720

Laufzeit: 4 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschl

wget.zip

[FP services]

Services is a pure text file. Seems to be a fp.

fp.zip

[winsys.exe]

False positive detection seems to be still there.

- kjz

winsys.zip

[Poss F\P...C:\Programme\bgd.dll (Spyware.OnlineGames)]

I am curious though , is there a problem with this software that prevents the use of an alternate location for this dll ? If there is programs files folder for this application this is where this file belongs . I can see that this file also has no version information , another poor choice .

Thanks for Your answer. The DLL is stored at this location for a very long time (since Nov 3rd, 2004). I now moved it to another location. Maybe, that there was no file information because I compiled the DLL myself (as part needed for another package and more or less temporary placed it there).

- kjz

[Poss F\P...C:\Programme\bgd.dll (Spyware.OnlineGames)]

The file is stored there since several months, I scan the machine every week with updated signatures from malwarebytes (besides another antivirus software) and never got any positive detection. With database version 1882 it was the first detection.

- kjz

[Poss F\P...C:\Programme\bgd.dll (Spyware.OnlineGames)]

File is placed in C:\Programme (or C:\Program Files). Normally it belongs to the GD library for graphics display.

- kjz