Jump to content

Is this a False Positive?

Recommended Posts

Hello friends, :)

Wasn't sure where to post this mbam log and question,
A few days ago I came across what I felt was a
False Positive
, need some reassurance...

I have researched a little on the matter with no real hard evidence to say either way if in fact it is a FP.

Would someone be so kind as to lend a hand to settle this matter?

All other security programs I use,
found nothing on my system

FYI:: Firewall:COMODO, AV:
, SpywareBlaster,
Spybot S&D
and of course MBAM.

I would have posted this in the False Positive Forum except I was unable to follow the guidelines stated here

Malwarebytes' Anti-Malware 1.42

Database version: 3453

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/30/2009 12:54:51 PM

mbam-log-2009-12-30 (12-54-40).txt

Scan type: Full Scan (C:\|F:\|)

Objects scanned: 145002

Time elapsed: 20 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598b818e-71f1-486e-a0be-9952b5851367} (Trojan.BHO.H) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{598b818e-71f1-486e-a0be-9952b5851367} (Trojan.BHO.H) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Owner\Local Settings\Temp\JFSW2\safeloginie.dll (Trojan.BHO.H) -> No action taken.


Jkc73 :)

Link to post
Share on other sites

Greetings :welcome:

That does indeed appear to be an FP according to this. Please update your definitions and see if Malwarebytes' still detects this as it may have already been corrected. If it still shows up then please do your best to follow the instructions here so that the developers can find out why this is getting detected and create a new topic here so they can take a look.

Thanks :)

Link to post
Share on other sites

I tracked down the application that installed the file and registry entries that were detected in your log. I posted the appropriate log in the False Positives forum for you so that this can be corrected. Thanks for posting the info, it should be fixed shortly :welcome: .

If you need anything else just post.

Thanks :)

Link to post
Share on other sites


Thank you very much for that,

I later found
The SystemLookup Status, though didn't make it back in time to edit my post.

I could never of presented the
post as you did though.

(it's a portable app used for migrating settings an user profiles between computers via a flash drive similar to MIGO and other such apps):
FYI: The file came from a "Transcend"JF V33/4GB flashdrive (if this is any help) :)


Jkc73 :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.