Raven2043 Posted February 9, 2018 ID:1214320 Share Posted February 9, 2018 I use Zygor Guides, which is a leveling guide for World of Warcraft and have used it for years without a single problem, now Malwarebytes says parts of it are a rootkit which in my opinion is not the case. I have included the report. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/9/18 Scan Time: 2:29 AM Log File: 01f1ab7d-0d6b-11e8-a593-6e626dc6f483.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3905 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 265132 Threats Detected: 2 Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 9 min, 6 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 1 Rootkit.Fileless.MTGen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Zygor Guides Client, No Action By User, [1294], [327457],1.0.3905 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Rootkit.Fileless.MTGen, C:\USERS\JOHN\APPDATA\LOCAL\ZYGOR\STARTUP.BAT, No Action By User, [1294], [327457],1.0.3905 Physical Sector: 0 (No malicious items detected) (end) Link to post Share on other sites More sharing options...
Staff thisisu Posted February 9, 2018 Staff ID:1214334 Share Posted February 9, 2018 Hi, Thanks for reporting. Yes, it looks like a false positive. However, this is a generic rule that has been in the database for over a year. So I'm thinking something with Zygor guide's was updated and therefore it is now detected by us. We'll see what we can do on our end to avoid further wrongful detection. In the meantime, I recommend adding these detections to your exclusions list. Here's how: https://support.malwarebytes.com/docs/DOC-1130 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now