Jump to content

Recommended Posts

Quote from Daledoc1

In order to get prompt attention from the devs, it would probably be best to follow his original advice and post the logs in the False Positives forum >>HERE<<. :)

Thanks Daledoc1 for your advise,

Can somebody on this forum tell me if the detected trojan find in Log dated 07 Sept is a false positive or not?

Attached two files

mbam.exe /developer Run Sept 14 2012

and the logfile with the detection, dated Sept 7 2012

Thanks in advance

Pjottr

mbam-log-2012-09-07 (18-44-46).rar

mbam-log-2012-09-14 (21-27-43).rar

Link to post
Share on other sites

C:\Program Files\Vimicro\Vimicro USB PC Camera (VC0305)\tools\x86\vmdrv.exe (Trojan.Pirminay) -> Quarantined and deleted successfully.

If not mistaken, you ran "mbam.exe /developer" after the file got quarantined and hence it resulted with no detections.

Please de-quarantine the above file. Then zip/attach it to your next reply so that I may examine it closer.

Link to post
Share on other sites

Thats what i just did But when I de-quarantined this time it the file was completely gone i.c It was not returned to its original location.

If I understand well:

Malwarebytes would return it to its original location if it is a false positive.

If the file is a non false positive Malwarebytes would not return the file to its original location and delete it completely from the system

Anyway this what I found on the net about Malwarebytes.

In my case one could say that is was malware since malwarebytes completely erased the file.

I ran MB in the developers mode and no malicious items were found.

I quess I have my answer to my question

Link to post
Share on other sites

Thats what i just did But when I de-quarantined this time it the file was completely gone i.c It was not returned to its original location.

If I understand well:

Malwarebytes would return it to its original location if it is a false positive.

If the file is a non false positive Malwarebytes would not return the file to its original location and delete it completely from the system

Hello, the file is clean.When asked to dequarantine, Malwarebytes WILL NOT delete the file.

Since the file is gone now, we shall restore it via other means. Please download the attachment from this post. Extract the file to the location,

C:\Program Files\Vimicro\Vimicro USB PC Camera (VC0305)\tools\x86\vmdrv.exe

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.