Jump to content

Recommended Posts

I am fairly certain that this is a false positive.

Malwarebytes Free detected five (so far) executable files (.EXE) from Microsoft Office for Windows 95 as Malware. I am running Windows 7 Home Premium.

I can see how it would detect the binder;

-It launches on startup

-it has some compatibility issues

-it locks to the side of the screen

-you have to open a menu to close it

...but... why? I think the MBAM team might need to work on "MachineLearning/Anomalous.100%" detections.

(I AM TECH SAVVY BUT TIRED)

wat.PNG

Link to post
Share on other sites
  • Staff

I need the virustotal report links for eachvt scan. These are shuriken heuristic detections that occur anywhere in the scan. Basically I need specific info on each file that each vt report gives me. Filename doesn't help to fix alone.

Edited by shadowwar
Link to post
Share on other sites

Here's a log.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/12/18
Scan Time: 6:41 PM
Log File: 28edb918-f7c8-11e7-997e-80c16eeeb2ac.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3683
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User-PC\User

-Scan Summary-
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 378458
Threats Detected: 5
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 15 hr, 48 min, 25 sec

-Scan Options-
Memory: Disabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 5
MachineLearning/Anomalous.100%, C:\MSOFFICEW95\OFFICE\MSOFFICE.EXE, No Action By User, [0], [392687],1.0.3683
MachineLearning/Anomalous.100%, C:\MSOFFICEW95\ACCESS\MSACCESS.EXE, No Action By User, [0], [392687],1.0.3683
MachineLearning/Anomalous.100%, C:\MSOFFICEW95\SCHEDULE\SCHDPL32.EXE, No Action By User, [0], [392687],1.0.3683
MachineLearning/Anomalous.100%, C:\MSOFFICEW95\OFFICE\MSOW.EXE, No Action By User, [0], [392687],1.0.3683
MachineLearning/Anomalous.100%, C:\MSOFFICEW95\OFFICE\BINDER.EXE, No Action By User, [0], [392687],1.0.3683

Physical Sector: 0
(No malicious items detected)


(end)

 

Link to post
Share on other sites
  • Staff

That is not the mbamservice.log

Its is located here.

C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbamservice.log.

In order to fix this i need any one of the three:

1. Links posted for each one of the virustotal reports for each of the 5 files scanned Example of a link below.

                            https://www.virustotal.com/en/file/10e22482690759d315b85f63058849308a787f29ac52ebf306f56829b4cc5344/analysis/

2. The files detected zipped and attached here.

3. The mbamservice.log described above attached here.

 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.