Jump to content
Tony4554

DAO False Positive??

Recommended Posts

I really did not see where to submit this.  Sorry if incorrect place.

MBAMAntiRansome quarantined the following file - DAO.20852700.exe

Located C:\Users\username\AppData\Local\NVidia\NvBackend\Packages\00008d52\DAO.20852700.exe

I do not believe it is Ransomeware.  I see no activity to indicate so.

Please have a look at it.

Thank you

Tony4554

logs.zip

Malwarebytes Anti-Ransomware.zip

MBAMSERVICE.zip

Share this post


Link to post
Share on other sites

Hello Tony4554:

Available data strongly suggests a false positive, and since the following pathname has been entered in MBARW GUI -> Exclusions, and the binary has been uploaded to the developers, please allow the entry to remain until you are requested to remove it:

                         C:\Users\anthony\AppData\Local\NVIDIA\NvBackend\Packages\00008d52\DAO.20852700.exe

Reference: https://www.virustotal.com/en/file/FC6D29AA6683BCA611478D6C0A866EA41E1F76E643586FC79C217A4E8AF706E8/analysis/ Signed

At any time, a MBARW development team member, QA team member or Staffer may request the above temporary exclusion be altered/deleted.

Thank you for beta testing MBARW and your valuable feedback.

Share this post


Link to post
Share on other sites

Hi Tony4554. Thank you for your report. This was reported by another community member just before you did. This issue should be resolved.

See:

https://forums.malwarebytes.org/topic/184583-false-positives-dao-file/

This file should no longer be detected. If you've added DAO.20852700.exe to the exclusions in Malwarebytes Anti-Ransomware BETA, please do remove from exclusions and let us know if the issue returns. It should not.

Thank you!

 

 

Share this post


Link to post
Share on other sites

Malwarebytes Anti Ransomware has been finding and removing similar items the last several days. Files found:

C:\Users\Gret\AppData\Local\NVIDIA\NvBackend\Packages\0000954c\DAO.21253572.exe found on 10/12/16

C:\Users\Gret\AppData\Local\NVIDIA\NvBackend\Packages\0000955f\DAO.21259166.exe found on 10/13/16

C:\Users\Gret\AppData\Local\NVIDIA\NvBackend\Packages\0000957f\DAO.21274243.exe found on 10/18/16

C:\Users\Gret\AppData\Local\NVIDIA\NvBackend\Packages\0000959a\DAO.21278900.exe found on 10/19/16

Share this post


Link to post
Share on other sites

Hello Gret:

1.) Please read my reply to your first post on the forum at https://forums.malwarebytes.org/topic/189638-dao-false-positive/#comment-1067785 that requests your system's False Positive technical details.

2.) Please consider ticking the "Follow" button near the upper right corner of your original topic to receive timely email notifications when that topic has been updated.

Thank you.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.