Jump to content

Is install.exe really a false positive?


Recommended Posts

I know you posted this before but I can't get a clear answer after doing a little bit of research. I scanned my computer and end protection and spybot don't think install.exe under the c: directory is a trojan, but on my boyfriend's computer, malawarebytes found it to be a trojan and removed it.

Everywhere I search about this they all say it is a trojan which really worries me if it really is a false positive and there are way too many websites telling people to delete this file.

What should I do? The file is only 500 or so kb and is in the same place the file was on my boyfriend's computer. Do I erase it or leave it be?

This is what these websites are saying...

install.exe is a module belonging to a number of advertising programs. These processes monitor your browsing habits and distributes the data back to the author's servers for analysis. This also prompts advertising popups.\r This process is a security risk and should be removed from your system.

along with any other viruses, spyware, adware, trojans, rootkits, worms, information stealers, keyloggers, bots, and other form of malicious threat that may reside on your PC.

The install.exe file is installed and used by plenty different adware, spyware, browser hijacking and other malicious software. Sometimes a presence of install.exe does not indicate that your computer is infected. It can be an essential system file or a file installed by harmless legitimate software and therefore may not pose any threat to your privacy and the system. Although such cases are quite rare, you should thoroughly examine install.exe before completely deleting or leaving it in the system.

Discuss install.exe in spyware removal Forum

So either all of these websites are scams that are trying to get people to download their fake programs, or it isn't a false positive as mentioned in a post I read earlier in this forum... which is it?

Link to post
Share on other sites

  • Staff

Basically Malwarebytes has a heavy handed heuristic scanning engine and will hit about any executable file stored at the root. Malware loves to hide there. We suggest you move the file to a less 'malware friendly' location or add it to ignore.

Hope that explains it better.

Link to post
Share on other sites

I just uploaded the file. From what I read here though, it seems you're both telling me to do the exact opposite... and that's why I'm confused. One person says it is a false positive (correct me if I'm wrong) and should move the file, the other is telling me to delete it. I just bought this computer and haven't accessed any bad webpages, only pages within the WOT and pages I've been to for years. I don't open attachments from anyone other than people who have called me to tell me they are sending me an attachment and have noscript running on my Firefox browser... so it is odd that a new computer would already have trojans on it. Also, why is only Malawarebytes finding this to be a security risk? I just want to know everything possible about this file and, since it seems to be something a lot of people have brought up, I would like to know what conclusions have been drawn. It is either a threat, or it is a legitimate Microsoft executable.

In properties it also says it is part of Microsoft Visual Studio 2008 and for some reason I can't scan it with any spyware/malaware/virus scanners.

Link to post
Share on other sites

Apologies for taking so long.

TeMerc is correct in that Malwarebytes will flag files in the root that shouldn't be there. Given it's a setup file, you can quite safely delete it, or do as Tom says, and move it to a different location. As you've uploaded it, one of our analysts will take a look and determine whether or not it is infact malicious, or benign.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.