Jump to content

Fale Positive


Trueborn

Recommended Posts

Hi. My wife just bought a new laptop and I came up with a hit the first time I ran MBAM. Seems like it might be a f/p. The other av software we have on the computer doesn't detect anything and the machine is brand new. It's been out of the box for two days and not been used much. Besides the software that came pre-installed, the IT guys came over from work and installed some software for a Linksys router and wireless print server, and a few security applications (MBAM, Spybot, one or tow other programs). Besides that, I've installed about 40 Windows updates and copied over some files from the desktop PC. Word documents and photos, mostly.

I haven't taken any action yet. If this isn't an f/p, should I just let MBAM delete it?

Log file:

Malwarebytes' Anti-Malware 1.44

Database version: 3855

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

3/11/2010 4:37:32 PM

mbam-log-2010-03-11 (16-37-13).txt

Scan type: Quick Scan

Objects scanned: 100242

Time elapsed: 3 minute(s), 36 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. [99D040AEE155C12EB025D41F2DD365C3]

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Nothing else I've run so far has detected a problem. I had one of the IT guys remote and and run a few things, and I'm running the other malware software installed now. Did a full scan with AVG and it came up empty. The IT guy doesn't think it's anything to worry about. Only odd thing I notice with the computer is that IE8 has it's home page set to AOL. I didn't do that, unless I did that accidentally somehow. Thought it came up to Google or some other search engine the first time. I only used 1E8 once, to test the Internet connection. Then I did install AOL 9.5. We're on broadband, but my wife still pays for AOL so she can keep her e-mail address and some other mail features.

Seems like AOL might have changed IE. IE also has Google and AOL toolbars installed. Again, I didn't do this. Not aware the IT guy that set up the computer for us did either. That might be part of it.

Link to post
Share on other sites

I'm not tech savvy enough to understand exactly what area the infectiion in the log is infecting, but it does appear that a change was made to IE. The web browser's default home page is set to Acer.com, but immediately redirects to google.com (the browser came with a Google toolbar pre-installed, so I assume that was done at the factory). When I installed AOL 9.5, it seems to have changed the home page for the "regular" IE browser to AOL.com (my wife will nornally use the AOL interface to browse the internet and check e-mail). I downloaded the software file from AOL.com, so I'm not worried.

So what do I do? I'm concerned about potentially leaving a virus on a new computer, but I'm afraid to delete something if I'm not sure it's malicious.

Link to post
Share on other sites

Ran a full scan and just came up with this lone infection.

Someone else in the general forum reported the same issue:

http://forums.malwarebytes.org/index.php?showtopic=43037

Would it be better to let MBAM delete this item or add it to the ignore list? I'd just as soon delete it so it doesn't crop up again somehow, unless that causes some other problem.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.