Jump to content
Bellzemos

More false positives?

Recommended Posts

Malwarebytes' Anti-Malware 1.39

Database version: 2464

Windows 5.1.2600 Service Pack 2

19.7.2009 22:22:23

mbam-log-2009-07-19 (22-22-19).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 132987

Time elapsed: 9 minute(s), 52 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{4c3b7798-3f10-489d-bbd7-55783ec19887} (Backdoor.Bot) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{e32c3b01-c81b-4d01-8ad4-2b93f7fa544c} (Backdoor.Bot) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{e32c3b01-c81b-4d01-8ad4-2b93f7fa544e} (Backdoor.Bot) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{f50b3f13-19c4-11cf-aa9a-02608c9baba2} (Backdoor.Bot) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{f50b3f14-19c4-11cf-aa9a-02608c9baba2} (Backdoor.Bot) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{f50b3f15-19c4-11cf-aa9a-02608c9baba2} (Backdoor.Bot) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\MpgDec20\mlcom.ax (Backdoor.Bot) -> No action taken.

c:\program files\MpgDec20\mpgdec.ax (Backdoor.Bot) -> No action taken.

Share this post


Link to post
Share on other sites

Please zip and attach copies of these files to your next post please so I can take a look at them .

Share this post


Link to post
Share on other sites

The registry hits are likely related to the files so they will go away once I fix this .

Share this post


Link to post
Share on other sites

If the registry keys are related to these files, then I'm pretty sure that this whole thing is a false positive.

But of course I'll wait for the verification. If everything's OK, I'll restore the files and the keys.

Thank you again.

Share this post


Link to post
Share on other sites
Are they still detected ? This should be resolved .

No, those files are no more detected as malware. Thank you for your help. :)

Share this post


Link to post
Share on other sites
I'm getting some mpgdec.ax files marked with Backdoor.bot still...

Without a scan log i cant do much .

Share this post


Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.39

Database version: 2536

Windows 5.1.2600 Service Pack 3

7/31/2009 4:04:00 PM

mbam-log-2009-07-31 (16-03-50).txt

Scan type: Full Scan (C:\|F:\|)

Objects scanned: 279016

Time elapsed: 2 hour(s), 44 minute(s), 51 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\DivX\divx converter\pS2Xx.ddc (Backdoor.Bot) -> No action taken.

c:\WINDOWS\system32\mlcom.ax (Backdoor.Bot) -> No action taken.

Can anybody help me with this? Are there also false positives? Thank you in advance for your help.

Share this post


Link to post
Share on other sites
Malwarebytes' Anti-Malware 1.39

Database version: 2536

Windows 5.1.2600 Service Pack 3

7/31/2009 4:04:00 PM

mbam-log-2009-07-31 (16-03-50).txt

Scan type: Full Scan (C:\|F:\|)

Objects scanned: 279016

Time elapsed: 2 hour(s), 44 minute(s), 51 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\DivX\divx converter\pS2Xx.ddc (Backdoor.Bot) -> No action taken.

c:\WINDOWS\system32\mlcom.ax (Backdoor.Bot) -> No action taken.

Can anybody help me with this? Are there also false positives? Thank you in advance for your help.

Get me a developers log and I can get this fixed .

http://www.malwarebytes.org/forums/index.php?showtopic=3228

Share this post


Link to post
Share on other sites
Get me a developers log and I can get this fixed .

http://www.malwarebytes.org/forums/index.php?showtopic=3228

Of use? (I'm not the OP, just having the same possible F/P).

regards

Malwarebytes' Anti-Malware 1.39

Database version: 2539

Windows 5.1.2600 Service Pack 2

01/08/2009 11:55:39

mbam-log-2009-08-01 (11-55-33).txt

Scan type: Quick Scan

Objects scanned: 91963

Time elapsed: 1 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\system32\mlcom.ax (Backdoor.Bot) -> No action taken. [55385152424847304680807977747273850136808369777084840145856911]

Share this post


Link to post
Share on other sites

This appears to be the same log as before and not a developer's log. When I tried to run mbam.exe / developer I get an error that reads "Invalid command line parameter". After I close that error it opens up the program and allows be to scan. Does this log help you?

Malwarebytes' Anti-Malware 1.39

Database version: 2536

Windows 5.1.2600 Service Pack 3

8/1/2009 12:19:44 PM

mbam-log-2009-08-01 (12-19-41).txt

Scan type: Full Scan (C:\|F:\|)

Objects scanned: 281508

Time elapsed: 2 hour(s), 44 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\DivX\divx converter\pS2Xx.ddc (Backdoor.Bot) -> No action taken.

c:\WINDOWS\system32\mlcom.ax (Backdoor.Bot) -> No action taken.

Share this post


Link to post
Share on other sites
This appears to be the same log as before and not a developer's log. When I tried to run mbam.exe / developer I get an error that reads "Invalid command line parameter". After I close that error it opens up the program and allows be to scan. Does this log help you?

No space between "/" and "developer"

Share this post


Link to post
Share on other sites

Here are my two logs from today. I only got one hit today.

Malwarebytes' Anti-Malware 1.39

Database version: 2546

Windows 5.1.2600 Service Pack 3

8/2/2009 2:23:27 PM

mbam-log-2009-08-02 (14-23-16).txt

Scan type: Full Scan (C:\|F:\|)

Objects scanned: 282836

Time elapsed: 2 hour(s), 41 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\DivX\divx converter\pS2Xx.ddc (Backdoor.Bot) -> No action taken.

2nd Log

Malwarebytes' Anti-Malware 1.39

Database version: 2546

Windows 5.1.2600 Service Pack 3

8/2/2009 5:42:31 PM

mbam-log-2009-08-02 (17-42-20).txt

Scan type: Full Scan (C:\|F:\|)

Objects scanned: 282944

Time elapsed: 2 hour(s), 42 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files\DivX\divx converter\pS2Xx.ddc (Backdoor.Bot) -> No action taken. [55385152424847304680807977747273850136808369777084840145856911]

Hope this helps.

Share this post


Link to post
Share on other sites
Let me know if this is resolved .

No it is not resolved. I still have one hit. Please see the above log.

Share this post


Link to post
Share on other sites
No it is not resolved. I still have one hit. Please see the above log.

How can you tell without updating ?

Please update and check again , I believe you will find that his is indeed resolved .

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.