Jump to content

RazorXL

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hey there's no Edit feature on these forums??? I just clicked the image thumbnail I'd posted and the link is broken. Big image located here: http://a.imageshack.us/img839/4431/mabscanroguesssm.jpg
  2. I'd been hearing a lot about Malwarebyte's Anti-Malware utility so even though I use a firewall, AV with realtime scans, use a Sandbox utility for suspicious files, ran SAS & HJT recently and cleaned up my registry and am therefore pretty confident my system is clean, I decided to give MA-M a whirl and see if it could find anything that other similar apps had missed. So I installed it last night and ran the full scan, and was surprised to see (other than 1 explainable false positive, see here), all the rest of the 68 supposedly 'items infected' were located in my (Windows XP) Start Menu, in a folder I'd created for AV, Spyware cleaning, Firewall, Registry tools, etc called (appropriately) 'System Security'. So it was not the application files that were identified as 'Rogue.SystemSecurity', but the Start Menu shortcuts themselves. WHY? After Googling it and searching through and reading the forums, I ran the MA-M test again, using the mbam.exe /developer command, but got the same results. Here's a screencap: (click thumbnail for bigger image) I've attached to this post my Log File, having edited my Windows username to '[uSER]'. I didn't post this to the 'False Positives' forum as it says that forum is not a place for feedback. As I haven't used MA-M before, I have not proceeded yet past the scan results - ie: the utility is still open and I haven't clicked 'Remove Selected' yet. I assume if I do, my 'Start Menu->All Programs->System Security->' folder tree will be erased, not just 'cleaned'. And obviously, I don't want the folder tree gone. (By the way, is there an 'Undo' feature?) Anyway, the question again is "WHY?" - why did MA-M flag all those Start Menu items as 'rogue' items/infections? mbam_log_2010_08_26__14_52_53_.txt
  3. Ran Malwarebytes for the first time and it identified file lpaq5.exe from an old install of PeaZip (open-source file archiver) as 'Malware.Packer' Googling it, I came across a note on PeaZip's own Changelog, from a couple of years ago: http://peazip.sourceforge.net/changelog.html Yeah, I should probably update the app, but it's still a false positive. B) mbam_log_2010_08_26__14_52_53_.txt lpaq5.rar
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.