Jump to content

Possible False Positive Trojan - Cyberlink software


Recommended Posts

MBAM has identified a Trojan.Agent.ED in Cyberlink Richvideo.exe file and registry.  Online research suggests this is either a false positive or an infection.  No other anti-virus scan that I've run is identfying this as an infection. Restored .exe file, which is attached.  Please advise on Cyberlink file, reg value and key.


Malwarebytes Anti-Malware

Database version: v2015.02.05.11

Windows 7 Service Pack 1 x64 NTFS

2/5/2015 9:07:14 PM
mbam-log-2015-02-05 (21-07-14).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 550845
Time elapsed: 1 hour(s), 47 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\TypeLib\{D37B5B2C-8D1B-4832-89E4-6FCE903B3A18} (Trojan.Agent.ED) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE (Trojan.Agent.ED) -> Data: 3 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.



Link to post
Share on other sites

Thank you.  Log is below.  Scan with took less than a tenth the time of  Has the scanning process changed that much or am I missing something?


Malwarebytes Anti-Malware

Scan Date: 2/8/2015
Scan Time: 10:16:07 AM
Logfile: MBAM Log 2-8-15.txt
Administrator: Yes

Malware Database: v2015.02.08.04
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 359687
Time Elapsed: 10 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


Link to post
Share on other sites

2.04 has a lot of engine improvements and scanning improvements over 1.6. Its very important to stay up to date with the latest release to have the best protection and detection. Each new version has engine revisions and the older version wont have nearly as good of detection. The engine was completely rewritten since 1.6 and was greatly speeded up.



However i noticed that u ran a full scan with the first post. This would be equlivalent to a Custom scan in 2.x.


Threat scan is all that is really needed 99% of the time to remove any malware that may be active. You can do a custom scan once in a while.

Link to post
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.