Jump to content
ParrotSlave

False Positive Trojan.Agent.ED

Recommended Posts

MBAM has suddenly started detecting two REMO Repair files as trojans, starting today:

C:\Program Files (x86)\Remo Repair MOV 2.0\rs-repairmov.exe

C:\Program Files (x86)\Remo Repair Zip 2.0\rsziprpr.exe

 

rs-repairmov.exe [17028329548EE3E55DB5559D7E68DE97=MD5] at Virus Total: 0/55
https://www.virustotal.com/en/file/155102c482cf1627442ff85961fc94b2943cb8cd4f9e80cad8990c080aabb9b5/analysis/

rsziprpr.exe [FBA2EFB06FF0E43C6FB7B2055B2F7CB5=MD5] at Virus Total: 0/54
https://www.virustotal.com/en/file/2b2875ef977ae9d6eab353ae5653c8649a719180c7fd200e4150457c14bca14e/analysis/

rs-repairmov.zip

rsziprpr.zip

MBAM Daily Protection Log.txt

Share this post


Link to post
Share on other sites

Thanks. Maybe I shouldn't argue with MBAM, though. I was never able to get either one of those programs to do what I wanted to do. Maybe I should have let MBAM keep the files quarantined. :mellow:

Share this post


Link to post
Share on other sites

I just had Malwarebytes quarantine SuperAntiSpyware.exe on two different networks, reporting this same malware, Trojan.Agent.ED. One is a corporate installation of MWB and the other is a Premium. Like I said, two different networks. In both cases the SAS was a paid Premium version and MWB reported blocking malware at almost the same times 15 minutes apart on two different computers on two different Internet connections.

 

This strikes me as a false detection triggered by a SuperAntiSpyware definition download. But at the moment I can't run SAS without removing it from quarantine.

 

Should I do so??

Share this post


Link to post
Share on other sites

Blackberry445:
 
This is ParrotSlave's thread.
 
If you have an issue where MBAM has wrongly flagged a legitimate file, please start your own thread.  If you have a general malware problem; I suggest posting in;  Malware Removal Help

Please reference: Please read before reporting a false positive
 
Post #2
 


If you are not a member of Staff or Experts group please do not reply to other users posts in either the File or Web Blocking forums.

 
Thank you for understanding.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.