-
Posts
10,157 -
Joined
-
Last visited
-
Days Won
1
Content Type
Events
Profiles
Forums
Posts posted by sUBs
-
-
Hello, please post the scan log for that Quick Scan.
Also please zip & then attach the file in question ... putty-64bit-0.68-installer.msi.... to your next reply
-
Thank you for reporting this. It shall be fixed in our next update.
-
Thank you
-
Hello, we are unable to reproduce the detection on our side. It does look like a false positive. Will it be possible to ask the user to perform a rescan. Would be preferable if they updated to latest definitions before doing so.
Thanks
-
Hello, this is a False Positive which was fixed earlier. You can safely dequarantine the files. Then update mbam's database and do a rescan. They shouldn't be detected anymore
-
Hello. For false positives, we would require a developer's log.
Kindly follow the instructions detailed here : http://forums.malwarebytes.org/index.php?showtopic=3228
Also dequarantine the following files and zip/attach them to your next reply.
C:\USERS\HEAVYOAK\APPDATA\ROAMING\RAINMETER\ADDONS\NIRCMD\NIRCMD.EXE
C:\USERS\HEAVYOAK\APPDATA\ROAMING\RAINMETER\ADDONS\NIRCMD\NIRCMDC.EXE
-
Thank you for reporting this. It shall be fixed in our next update
-
Thank you for reporting this. It shall be fixed in our next update
-
Thank you. It is indeed a false positive. This shall be fixed in our next update.
-
Hello, if you had deleted the file via the mbam program, it will be in your quarantine folder. You can dequarantine the file. I shall need to examine if the file is malicious. Please zip and then attach the file to your next reply.
-
Hello, we will require that you follow the instructions listed here >
-
Thank you for reporting this. It shall be rectified in our next update
-
Hello, we no longer require a copy of the file. This false detection shall be fixed in our next update.
-
Hello, we will require a copy of the file in question - PinUnpinShortCut.exe.
Please zip and attach that file in your next reply.
-
Thank you for reporting this. It shall be fixed in our next update
-
Thank you for reporting this. This false positive shall be fixed in our next update
-
Thank you for reporting this. It shall be fixed in our next update
-
Thank you for reporting this. It shall be fixed in our next update.
-
Thread re-opened at CatsnDogs behest
-
This is just my personal opinion. It depends on what the machine is used for. If used for banking or for business purposes, once a machine has got infiltrated once, I will no longer trust it. For my own peace of mind, I will start afresh on a clean slate.
-
@Krissen, this is a not a false positive. Those files in the folder labelled as 'Adobe' appears to be related to remote-admin software. You can compare some of the file names from here > http://www.shouldiremoveit.com/NetSupport-Manager-14804-program.aspx
Best let mbam remove it for you. After doing that, I would advise you allow mbam to perform a full scan on the afflicted machine.
Until such time that completes, I would also advise that you use another machine and change all your important passwords from there.
-
@Krissen, upon closer review of some the filenames, I wonder if it would be possible for you to zip & then upload that entire folder - C:\Users\Kristoffer\AppData\Local\Temp\AdobeData\
-
Is there any way of telling if they are false positives related to the CyberPowerDVD one, or if they are real?
Modules: 1Trojan.Agent.ED, C:\Program Files (x86)\CyberLink\PowerDVD9\CLRCEngine3.dll, Delete-on-Reboot, [8b430b5c107a38fec3be0935b74bba46],Registry Keys: 37Trojan.Agent.ED, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D49CACC9-D3F0-46E6-AC91-66C5534EA367}, Quarantined, [8b430b5c107a38fec3be0935b74bba46],Trojan.Agent.ED, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D49CACC9-D3F0-46E6-AC91-66C5534EA367}, Quarantined, [8b430b5c107a38fec3be0935b74bba46],See those numbers I highlighted in green? This means all 3 detections are related.
-
Scan was four months ago
Unfortunately, a lot may have changed within 4 months. If it's not too much trouble, please have mbam update itself, then do a re-scan. Let us know if you are still getting false positives.
False Positive - Backdoor.Imminent
in File Detections
Posted
Thank you for reporting this. It shall be fixed in our next update