Jump to content
ky331

F/P PowerPoint Viewer

Recommended Posts

MBAM database 2015.4.2.6

F/P detection of Microsoft PowerPoint Viewer 2003  PPTVIEW.EXE  (Version 11.0.8305.0) as Trojan.Agent.ED

 

Comparative information from VirusTotal Scan https://www.virustotal.com/en/file/e279c8fbc0233f74e76afbf857d39176711a4738091d5f1c6be33185b21dcfcb/analysis/1428012691/

 

MBAM log contains the line:  Detection, 4/2/2015 6:02:55 PM, SYSTEM, THINKPAD, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE, Allow, [10be95d205853ef87d04211d6f93bb45]

 


 

Share this post


Link to post
Share on other sites

I get a false positive for Word 2003.

 

https://www.virustotal.com/en/file/b38bee229dc9ae5d2b936c8131af2f317b42416f40097851057361725788958d/analysis/1413402616/

 

Protection, 4/2/2015 6:00:20 AM, SYSTEM, HOST-PC, Protection, Malware Protection, Starting,
Protection, 4/2/2015 6:00:20 AM, SYSTEM, HOST-PC, Protection, Malware Protection, Started,
Protection, 4/2/2015 6:00:20 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 6:00:25 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,
Update, 4/2/2015 6:04:59 AM, SYSTEM, HOST-PC, Scheduler, Malware Database, 2015.4.2.2, 2015.4.2.5,
Protection, 4/2/2015 6:04:59 AM, SYSTEM, HOST-PC, Protection, Refresh, Starting,
Protection, 4/2/2015 6:04:59 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Stopping,
Protection, 4/2/2015 6:04:59 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Stopped,
Protection, 4/2/2015 6:05:06 AM, SYSTEM, HOST-PC, Protection, Refresh, Success,
Protection, 4/2/2015 6:05:06 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 6:05:06 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,
Protection, 4/2/2015 9:21:07 AM, SYSTEM, HOST-PC, Protection, Malware Protection, Starting,
Protection, 4/2/2015 9:21:07 AM, SYSTEM, HOST-PC, Protection, Malware Protection, Started,
Protection, 4/2/2015 9:21:07 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 9:21:11 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,
Protection, 4/2/2015 10:30:04 AM, SYSTEM, HOST-PC, Protection, Malware Protection, Starting,
Protection, 4/2/2015 10:30:04 AM, SYSTEM, HOST-PC, Protection, Malware Protection, Started,
Protection, 4/2/2015 10:30:04 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 10:30:09 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,
Update, 4/2/2015 11:19:58 AM, SYSTEM, HOST-PC, Scheduler, Malware Database, 2015.4.2.5, 2015.4.2.6,
Protection, 4/2/2015 11:19:58 AM, SYSTEM, HOST-PC, Protection, Refresh, Starting,
Protection, 4/2/2015 11:19:58 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Stopping,
Protection, 4/2/2015 11:19:59 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Stopped,
Protection, 4/2/2015 11:20:05 AM, SYSTEM, HOST-PC, Protection, Refresh, Success,
Protection, 4/2/2015 11:20:05 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 11:20:05 AM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,
Detection, 4/2/2015 11:22:58 AM, SYSTEM, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine, [29a51b4cccbe7db9cab799a58f73e51b]
Detection, 4/2/2015 11:24:22 AM, Host, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine Failed, 5, Access is denied.  , [29a51b4cccbe7db9cab799a58f73e51b]
Detection, 4/2/2015 11:25:07 AM, Host, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine Failed, 5, Access is denied.  , [29a51b4cccbe7db9cab799a58f73e51b]
Detection, 4/2/2015 11:25:26 AM, Host, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine Failed, 5, Access is denied.  , [29a51b4cccbe7db9cab799a58f73e51b]
Detection, 4/2/2015 11:26:02 AM, Host, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine Failed, 5, Access is denied.  , [29a51b4cccbe7db9cab799a58f73e51b]
Detection, 4/2/2015 11:27:22 AM, Host, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine Failed, 5, Access is denied.  , [29a51b4cccbe7db9cab799a58f73e51b]
Protection, 4/2/2015 12:40:30 PM, SYSTEM, HOST-PC, Protection, Malware Protection, Starting,
Protection, 4/2/2015 12:40:30 PM, SYSTEM, HOST-PC, Protection, Malware Protection, Started,
Protection, 4/2/2015 12:40:30 PM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 12:40:34 PM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,
Detection, 4/2/2015 12:48:00 PM, SYSTEM, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine, [08c68cdb48423402bac7b58961a113ed]
Detection, 4/2/2015 12:48:32 PM, Host, HOST-PC, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE, Quarantine Failed, 5, Access is denied.  , [08c68cdb48423402bac7b58961a113ed]
Protection, 4/2/2015 12:48:53 PM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Stopping,
Protection, 4/2/2015 12:48:53 PM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Stopped,
Protection, 4/2/2015 12:48:53 PM, SYSTEM, HOST-PC, Protection, Malware Protection, Stopping,
Protection, 4/2/2015 12:48:54 PM, SYSTEM, HOST-PC, Protection, Malware Protection, Stopped,
Protection, 4/2/2015 12:49:38 PM, SYSTEM, HOST-PC, Protection, Malware Protection, Starting,
Protection, 4/2/2015 12:49:38 PM, SYSTEM, HOST-PC, Protection, Malware Protection, Started,
Protection, 4/2/2015 12:49:38 PM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Starting,
Protection, 4/2/2015 12:49:39 PM, SYSTEM, HOST-PC, Protection, Malicious Website Protection, Started,

(end)

Share this post


Link to post
Share on other sites

Looks like this has been fixed with the release of database 2015.4.2.7

 

Thanks for the quick response.

Share this post


Link to post
Share on other sites

Hi guys,

 

Thanks for reporting.

 

Yes regretably these were FalsePositive detection(s).

 

The faulting def has since been removed.

 

Please update to the most recent database and the detection should no longer persist.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.