Jump to content

False detection by protect mode of MB


Paulinjc

Recommended Posts

The file being discussed here is called "lxbaaior.dll".

The file is part of the Lexmark X5150 All-In-One printer software set.

The file is used to display a control center screen for use in checking and troubleshooting X5150 Printer operations to insure all is a-ok.

When MB is asked to SCAN this file, it does NOT find any problems.

When MB is in PROTECT mode, and this program is activated, MB immediately classifies it as "trojan:false.alert" and wants me to quarentine or remove it. When I quarentine it, this Lexmark feature dissapears and the Lexmark control center is not available.

I restored it using MB.

I asked Microsoft Security Essentials to check it using its malware detection process and it saw no problem here.

I think MB has a library of file names that somewhere, sometime caused a problem for somebody and therefore MB put this file in its library of malware. But ONLY the PROTECT mode has a problem....not the scan.

Any advice on this would be appreciated.

Thanks. :)

PS: Upload of this file failed due to me not being authorized to upload Lexmark property.

Link to post
Share on other sites

Greetings :)

Have you checked to see if an actual Quick Scan or Full Scan picks it up? It may as the individual file scan does not use MBAM's heuristics, only its primary database. Please follow the instructions in this post to see if it gets detected. Use that method to first run a Quick Scan, and if the item is not detected, then please use it to run a Full Scan. If it gets detected by either scan, save the log and post it into your next reply for analysis by the threat researchers.

Thanks :)

Link to post
Share on other sites

Greetings :(

Have you checked to see if an actual Quick Scan or Full Scan picks it up? It may as the individual file scan does not use MBAM's heuristics, only its primary database. Please follow the instructions in this post to see if it gets detected. Use that method to first run a Quick Scan, and if the item is not detected, then please use it to run a Full Scan. If it gets detected by either scan, save the log and post it into your next reply for analysis by the threat researchers.

Thanks :(

Both scans - quick and full - have run with NO DETECTIONS. Only the PROTECT mode sees a problem here. This file was also checked by Microsoft Threat Analysis and they found NO THREAT.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.