Jump to content

Malwarebytes doesn't detect malware on pc and is positive on virustotal


Recommended Posts

When i scan the atached file on my pc, Mbam 3.0 says the file is clean.

When i scan the file on virustotal Malware bytes consider it as a hacktool.

How is that possible? Is it safe to rely on Mbam?

https://www.virustotal.com/en/file/5d44c319ebbaa1c93a38c6fd50055f5de0d491c336a773108cee38350c196c96/analysis/1489378970/

hard.disk.sentinel.pro.4.60.(7377)-MPT.zip

Link to post
Share on other sites

 

@klauwkikker

They are both detected for me

/ Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/13/17
Scan Time: 8:52 AM
Logfile:
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1490
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS

File: 1

HackTool.FilePatch, C:\USERS\SAPC UPGRADES\DESKTOP\INFECTED\HARD_DISK.SENTINEL_PRO.4_60.(7377)-MPT\HARD.DISK.SENTINEL.PRO.4.60.(7377)-MPT.EXE, No Action By User, [10238], [281135],1.0.1490

 

-Log Details-
Scan Date: 3/13/17
Scan Time: 8:53 AM
Logfile:
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1490
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS

 

File: 1
RiskWare.DontStealOurSoftware, C:\USERS\SAPC UPGRADES\DESKTOP\INFECTED\MALWAREBYTES_ANTI-MALWARE_KEYGEN_V1.5_URET\MALWAREBYTES_ANTI-MALWARE_KEYGEN_V1.5_URET.EXE, No Action By User, [902], [77941],1.0.1490

Physical Sector: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Hi @klauwkikker can you please export your scan logs from Reports -> View Report and upload them here so we can see what's going on? Also please zip up the mbamservice files and upload them using the instructions below

  1. Navigate to C:\ProgramData\Malwarebytes\MBAMService
    • The ProgramData folder may be hidden, so you'll need to type in the path manually or turn on showing hidden folders and files
  2. Right click the logs folder and choose Send to -> Compressed (Zipped) folder
  3. This will create a zip file on the desktop named logs.zip. Please upload that
Link to post
Share on other sites

Ok, just to make sure there's not some strange hidden configuration option I'm overlooking, can you do the following inside of Sandboxie?

  1. Click Configure -> Edit Configuration
  2. Choose File -> Save As
  3. Save the file to your desktop (name doesn't matter)
  4. Upload the configuration here (or PM me the file if you have personal information stored there)

Being that there's so little software on this machine, I want to make sure we completely rule out Sandboxie first

Link to post
Share on other sites

@klauwkikker agreed, it looks like something strange is going on. Can you try the following please?

  1. Boot into Safe Mode
  2. Uninstall Malwarebytes from the Control Panel
  3. Reboot back into Safe Mode
  4. Run mb-clean
  5. Reboot back to normal mode
  6. Run mb-check
  7. Upload the mb-checkResult and mb-cleanResult logs here

Don't re-install MB3 yet, I want to verify everything is getting removed properly

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.