Antivirus showing malwarebytes as containing malware

[smith070501]

I have webroot antivirus and it keeps popping up saying malwarebytes contains win32.user added?

 

[daledoc1]

Hi:
 
Welcome.
 
First, 2 questions:
 
1) From what site did you download the MBAM installer file -- was it HERE or somewhere else?
 
2) Have you reported this to Webroot as a possible "False Positive", either HERE or by some other route?
 
Next:

Please read the following and attach to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt)

 

Thanks,

[noknojon]

Hello smith070501,

This is generally a False Positive in most cases. Please tell us where you downloaded Malwarebytes Anti-Malware from ..

 

Please read How can I add exceptions? - Webroot Community and follow the picture at the bottom of the page.

 

Then if that will not solve it, you must reply to daledoc1 .

 

Thank You.

[smith070501]

Yes it was from the correct site, It just started doing this today and I uninstalled and redownloaded it just in case.

I am reporting the false positive.

Attached files and thanks for responding

FRST.txt

Addition.txt

CheckResults.txt

[daledoc1]

Hello smith070501,

This is generally a False Positive in most cases. Please tell us where you downloaded Malwarebytes Anti-Malware from ..

 

Please read How can I add exceptions? - Webroot Community and follow the picture at the bottom of the page.

 

 

Without knowing the answer to the first question, it would seem imprudent to set an exclusion, would it not?

That is why I asked for a bit of data, BEFORE suggesting that the file be excluded in WSA.

 

Having said that, we now know the answer to the question about the source of the installer.

 

@smith070501:

 

Please proceed with your "False Positive" reporting over at Webroot, for starters.

In the interim, the forum staff/experts/helpers will review your logs and provide further advice.

 

Thanks for your patience,

[AdvancedSetup]

The logs indicate something possibly wrong with the hard drive.

 

 

Error: (07/14/2015 10:52:20 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/14/2015 10:46:53 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/14/2015 10:45:42 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/14/2015 10:44:07 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/14/2015 10:43:14 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/14/2015 10:42:20 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/14/2015 10:40:44 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 

 

 

Best to run a full disk scan to see if that helps or otherwise try to track down the cause for the error.

 

From an elevated admin command prompt you can run:  CHKDSK  C:  /R

 

Then you have some other non-standard settings that could possibly be legit depending on what program set them and why but otherwise they should be fixed.

 

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-1848908783-2273622596-2634286077-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-21-1848908783-2273622596-2634286077-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION

 

Try to test and fix the hard drive and then I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.
 

As for the Webroot detection that would appear to be a false positive. Set Webroot to ignore or contact Webroot for further assistance on that if needed.

 

Thanks