Alceste Posted February 2, 2014 ID:785845 Share Posted February 2, 2014 Hi I have been using Malwarebytes since December, initially on a trial basis. It managed to detect and get rid of some adware (BetterSurf) that had been giving me persistent problems which my AV software (Norton) had missed. Since then I have upgraded to the PRO version. Last night, I had something of a worrying development when my Norton AV detected adware by the name of adware.keenval in a Malwarebytes file : c:\program files (x86)\ malwarebytes' anti-malware \00030102.tmp Bearing in mind that I have only a basic knowledge of these things, is it possible that a trojan has found its way into my Malwarebytes software? Or could it be what is known as a false positive? Although Norton has removed this threat, I would like to know what I should do next as presently I am reluctant to use it in case it has been compromised in some way. The only other information that I can think of at the moment is that I update the software on a daily basis Many thanks in advance. Please let me know if you need any additional info, and I will do my best to provide it. Alceste Link to post Share on other sites More sharing options...
Staff shadowwar Posted February 2, 2014 Staff ID:785853 Share Posted February 2, 2014 This is probably a false positive on nortons part. Is it possible for you to zip and upload that file to this forum so we can check? https://forums.malwarebytes.org/index.php?showforum=42 Thanks. Link to post Share on other sites More sharing options...
Alceste Posted February 2, 2014 Author ID:786028 Share Posted February 2, 2014 OK...since I am not technically savvy, I am concerned about restoring something potentially malicious to my computer, but that seems to be the only thing I can do to retrieve it. Is it possible to temporarily release the file from quaratine (i.e do a scan immediately after attaching the file to a post) without doing harm to my computer, or do you recommend something else? Many thanks for your patience! Link to post Share on other sites More sharing options...
Staff shadowwar Posted February 2, 2014 Staff ID:786036 Share Posted February 2, 2014 I am almost sure its a false positive and dont think it will do any harm to your computer. It may be easier for you to restore the file and then upload it to virustotal and give me the link to the scan. This will also show you what other antiviruses think of the file. https://www.virustotal.com/ after it scans with the other Av results copy the url link and paste it here. I can take it from there and let ya know exactly what this is. Plus they are only detecting Adware so its not a trojan or virus that could do harm to your computer. Keenval should not be located in our folder so like i said i am 99% sure this is a false positive. Link to post Share on other sites More sharing options...
TonyKlein Posted February 2, 2014 ID:786040 Share Posted February 2, 2014 Not only that, but that particular adware hasn't been seen 'in the wild' for six or more years ago, so, combined with the fact that according to yourself Norton removed the detection shortly afterwards, you can be sure it was a FP... Link to post Share on other sites More sharing options...
Alceste Posted February 2, 2014 Author ID:786095 Share Posted February 2, 2014 I have restored the file in question, but I cannot locate it anywhere - I don't know if this is a good or bad thing Still, I feel somewhat reassured by both of your responses - thanks!. I have just run scans with NIS and MB and nothing has been detected. I will keep an eye out to see if there are any unpleasant comebacks. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now