perrygenie Posted August 12, 2012 ID:584370 Share Posted August 12, 2012 Is this a false positive?mbam-log-2012-08-12 (05-28-06).zip Link to post Share on other sites More sharing options...
Staff shadowwar Posted August 13, 2012 Staff ID:584403 Share Posted August 13, 2012 Its possible. This is a generic detection on a packer that is mostly used by malware. Can u attach the files detected here in zip format?Thanks. Link to post Share on other sites More sharing options...
perrygenie Posted August 13, 2012 Author ID:584409 Share Posted August 13, 2012 Hey shadowar, Thanks for replying to my post. Here are the files.K-Meleon-1.6.17db+v8.zip Link to post Share on other sites More sharing options...
perrygenie Posted August 13, 2012 Author ID:584417 Share Posted August 13, 2012 The correct spelling is actually CommMeleon Link to post Share on other sites More sharing options...
Staff shadowwar Posted August 14, 2012 Staff ID:585112 Share Posted August 14, 2012 i see no file named mark.exe in your zip and the whole folder is scanning clean. Is this still detected? if so i would need mark.exe Link to post Share on other sites More sharing options...
perrygenie Posted August 15, 2012 Author ID:585271 Share Posted August 15, 2012 Hey Shadowwar, I did a search of the original winwar file and mark.exe turned up in my documents and settings. I then scanned with Malwarebytes and got the hit. I will rescan then quarantine and await your response. Attached is the winzip file mark.exe.Mark.zip Link to post Share on other sites More sharing options...
lushaopei2025 Posted August 16, 2012 ID:586086 Share Posted August 16, 2012 Is this still detected? if so i would need mark.exe Link to post Share on other sites More sharing options...
perrygenie Posted August 16, 2012 Author ID:586248 Share Posted August 16, 2012 Mark.zip I attached, renamed is mark.exe. It must have migrated to my documents and settings. It was detected as an infection upon my rescan and quarantined. Link to post Share on other sites More sharing options...
Staff shadowwar Posted August 17, 2012 Staff ID:586444 Share Posted August 17, 2012 Fixed in the next update.Thanks for sticking with it. Just so you know this is detected a lot because the author chose to use a packer that is mostly used for malicious purposes. A very poor choice on their part.https://www.virustot...3dab1/analysis/ Link to post Share on other sites More sharing options...
perrygenie Posted August 18, 2012 Author ID:586825 Share Posted August 18, 2012 Many thanks for clearing that up shadowar!! Link to post Share on other sites More sharing options...
Staff shadowwar Posted August 18, 2012 Staff ID:586917 Share Posted August 18, 2012 Your Welcome! Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now