Possible False Positive - IORRT

[Densetsuvi]

Hello!

I've used this program (Iorrt 3.5) for several years without any problem until about a month ago, when now its being detected as a virus. I've checked it on other anti-virus programs as well as https://www.virustotal.com just for good measure. It comes up as safe by everything but the most recent malwarebytes definitions. Is it really a danger? (it had multiple detections, I included all of them in the .zip. I did not include the original installer "Iorrt 3.5.cmd", but can if it is needed. The installer does not get detected as viral, however.)

Thank you for your assistance! (I hope I followed the instructions for this properly.)

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/18/17
Scan Time: 10:20 AM
Log File: 1288c520-cc74-11e7-87b0-50465dac8d26.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3289
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Denschiro-PC\Denschiro

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372900
Threats Detected: 10
Threats Quarantined: 10
Time Elapsed: 6 min, 20 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 4
Trojan.Agent.BAT, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4372F067-7ED9-453D-8351-A054CEDAACAF}, Quarantined, [386], [441670],1.0.3289
Trojan.Agent.BAT, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B68CA6E9-2E24-4460-8D25-C573AEF9EDFB}, Quarantined, [386], [441666],1.0.3289
Trojan.Agent.BAT, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Hybrid, Quarantined, [386], [441667],1.0.3289
Trojan.Agent.BAT, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\IORRT, Quarantined, [386], [441671],1.0.3289

Registry Value: 2
Trojan.Agent.BAT, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4372F067-7ED9-453D-8351-A054CEDAACAF}|PATH, Quarantined, [386], [441670],1.0.3289
Trojan.Agent.BAT, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B68CA6E9-2E24-4460-8D25-C573AEF9EDFB}|PATH, Quarantined, [386], [441666],1.0.3289

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
Trojan.Agent.BAT, C:\IORRT, Quarantined, [386], [441665],1.0.3289

File: 3
Trojan.Agent.BAT, C:\WINDOWS\SYSTEM32\TASKS\IORRT, Quarantined, [386], [441672],1.0.3289
Trojan.Agent.BAT, C:\WINDOWS\SYSTEM32\TASKS\HYBRID, Quarantined, [386], [441668],1.0.3289
Trojan.Agent.BAT, C:\IORRT\IORRT.BAT, Quarantined, [386], [441665],1.0.3289

Physical Sector: 0
(No malicious items detected)

(end)

Scan Results.zip

[shadowwar]

I beleive it to be a false postiive. We will futher evaluate and relist if needed.

This should no longer be detected next update.