candystand Posted June 16, 2013 ID:691747 Share Posted June 16, 2013 Hi, so while doing a routine Malwarebytes Full Scan (with the lastest free version) using definition file v2013.06.15.07, I encountered an infection known as Trojan.FakeMSTT on the file "C:\Program Files (x86)\Common Files\microsoft shared\Help\msitss55.dll" Being unable to find any info on the nature of this Trojan (or the dll file for this matter), I decided to upload a copy of the aforementioned file to VirusTotal, and all scanners came back clean. This has led me to believe that Malwarebytes may have found a false positive. I have attached the log file from the scan and the affected file in a zip file for your convenience. Thanks for looking into this matter!MBAM-log-2013-06-15 (23-01-21).txtmsitss55.zip Link to post Share on other sites More sharing options...
sUBs Posted June 16, 2013 ID:691754 Share Posted June 16, 2013 Thank you for reporting this. It shall be fixed in our next update. Link to post Share on other sites More sharing options...
mattd73uk Posted June 16, 2013 ID:691880 Share Posted June 16, 2013 So what's going on? This post regarding the same thing:http://forums.malwarebytes.org/index.php?showtopic=127823has an administrator seeming to confirm that the report is correct, i.e. not a false positive.I too have had Malwarebytes identify this trojan. So is it a false positive or not?Can the moderators/administrators come to some agreement? Link to post Share on other sites More sharing options...
exile360 Posted June 16, 2013 ID:691897 Share Posted June 16, 2013 So what's going on? This post regarding the same thing:http://forums.malwarebytes.org/index.php?showtopic=127823has an administrator seeming to confirm that the report is correct, i.e. not a false positive.I too have had Malwarebytes identify this trojan. So is it a false positive or not?Can the moderators/administrators come to some agreement?I'm not a member of the Research team. Whether I'm a moderator or administrator has nothing to do with it. If a member of the Research team says it's a false positive, then it is. When I responded to the above topic I wasn't aware that it was an FP.By the way, it's entirely possible that not all of these detections are FPs. If it's the exact same file being detected, then yes, it is, but if it isn't the same file being detected, then it may not be. Link to post Share on other sites More sharing options...
sUBs Posted June 16, 2013 ID:691900 Share Posted June 16, 2013 has an administrator seeming to confirm that the report is correct, i.e. not a false positive.I too have had Malwarebytes identify this trojan. So is it a false positive or not?Can the moderators/administrators come to some agreement?Hello, do you have the exact same file as candystand? The file in question has an MD5 checksum of '7713E5561FC02CE63C6E5D942AB9D927'. Link to post Share on other sites More sharing options...
candystand Posted June 16, 2013 Author ID:691927 Share Posted June 16, 2013 Hey, thanks guys for responding so quickly and getting the problem fixed. Cheers! Link to post Share on other sites More sharing options...
kelzipan Posted June 16, 2013 ID:692052 Share Posted June 16, 2013 Hi I just got a notification on the same exact file as candystand. msitss55.dll in the same file path location. Can someone confirm if it is a false positive? The 2 different threads here and referenced were a little confusing. I am asking specifically about the file in this thread. Thanks. Link to post Share on other sites More sharing options...
exile360 Posted June 16, 2013 ID:692057 Share Posted June 16, 2013 Hi I just got a notification on the same exact file as candystand. msitss55.dll in the same file path location. Can someone confirm if it is a false positive? The 2 different threads here and referenced were a little confusing. I am asking specifically about the file in this thread. Thanks.Update and re-scan. If the file is no longer detected, then it was indeed a false positive. Link to post Share on other sites More sharing options...
arkmabat Posted June 18, 2013 ID:692479 Share Posted June 18, 2013 So what's going on? This post regarding the same thing:http://forums.malwarebytes.org/index.php?showtopic=127823has an administrator seeming to confirm that the report is correct, i.e. not a false positive.I too have had Malwarebytes identify this trojan. So is it a false positive or not?Can the moderators/administrators come to some agreement?I had the same thing happen too. I just deleted it since it was in my old.windows folder from when I had vista... Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now