Jump to content

Possible F/P's on latest MBAM Update.


HH89
 Share

Recommended Posts

I scan my computer with MBAM every 3 days. Today it started picking up "Trojan.Agent" in a couple files and a registry key related to Absolute Poker. Absolute Poker is an online poker site that I play at and hence have their software installed on my computer. Since today's MBAM update, it's been detecting Trojan.Agent in the uninstall files for the Absolute Poker software.

Prior to this happening, the last time I ran a full scan was on Jan 30, 2012 in which everything came up clean. I've had the Absolute Poker software installed on my computer for the past 2 years. MBAM has never detected anything malicious from that until today.

My Avast and Spybot S&D is not picking anything up. I also uploaded both the "CasinoUninstall.exe" files to VirusTotal and JottiScan and both are coming up clean.

Are these false positives?

Developer log below:

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.03.03

Windows Vista Service Pack 1 x64 NTFS

Internet Explorer 7.0.6001.18000

User :: USER-PC [administrator]

2/3/2012 4:42:18 AM

dev-log_mbam-log-2012-02-03 (05-49-23).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 515261

Time elapsed: 1 hour(s), 3 minute(s), 16 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Absolute Poker (Trojan.Agent) -> No action taken. [84cbc78cee6e43f34f7c573068988878]

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Poker Application\Absolute Poker\CasinoUninstall.exe (Trojan.Agent) -> No action taken. [1f30cc8771eb75c12e9d0a7d817f23dd]

C:\Poker Application\_uninstallation_info\Absolute Poker\CasinoUninstall.exe (Trojan.Agent) -> No action taken. [84cbc78cee6e43f34f7c573068988878]

(end)

Thanks for the help

Kind regards,

- HH89

Link to post
Share on other sites

Can you please attach copies of the file here? The latest version of absolute poker doesnt detect here.

You may have to zip the files to attach here.

Update:

I just updated MBAM again today and scanned again (with Database version: v2012.02.03.11) and MBAM is no longer detecting those 3 things as being malicious anymore (I didn't quarantine or delete them the last time I scanned).

Do you still need me to send the files? Fwiw, I am using the same version of Absolute Poker (the latest version).

Log below:

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.03.11

Windows Vista Service Pack 1 x64 NTFS

Internet Explorer 7.0.6001.18000

User :: USER-PC [administrator]

2/3/2012 8:50:57 PM

mbam-log-2012-02-03 (20-50-57).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 515502

Time elapsed: 1 hour(s), 3 minute(s), 27 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Kind regards,

- HH89

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.