Jump to content
Sign in to follow this  
DarkSnakeKobra

Demon Tools Lite false positive

Recommended Posts

I just picked up a possible false positive. Daemon tools was detected by the protection module. However, I did a flash scan and found one registry value linked to Daemon tools and Spywareblaster's homepage block(have checked). SQL server was later detected as seen in the full scan log.

Her's the log. I opened in developer mode through run, but didn't produce a developer log.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4060

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18904

5/2/2010 9:48:45 PM

mbam-log-2010-05-02 (21-48-45).txt

Scan type: Full scan (C:\|E:\|)

Objects scanned: 238120

Time elapsed: 1 hour(s), 36 minute(s), 49 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> No action taken. [42E51292444A0DB1F8CD3F5AE1316142]

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\DAEMON Tools Lite\DTLite.exe (Spyware.Passwords) -> No action taken. [4D46DC79F28D81615531BCDD273E2813]

C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.50.1600.1.dll (Trojan.FakeAlert) -> No action taken. [0EAFBC3175D736F002D782FE0918DA07]

Edit: Have to reformat. Blue screen occurred after hitting restart for .net framework 4.0 install while mbam running scan. .net possibly corrupted. Can't have that.

Will post if change occurs.

Share this post


Link to post
Share on other sites

Hello, I just wanted to point out that I also have this issue with Daemon Tools Lite being marked with Spyware.Passwords.

-----

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4060

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

5/3/2010 3:03:05 AM

mbam-log-2010-05-03 (03-03-05).txt

Scan type: Full scan (A:\|C:\|D:\|)

Objects scanned: 171163

Time elapsed: 53 minute(s), 17 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\DAEMON Tools Lite\DTLite.exe (Spyware.Passwords) -> Quarantined and deleted

-----

Now... I just want to make sure if it's a false positive, because I had been using DAEMON Tools Lite for awhile and it just popped up as this after I updated Malware Bytes to 4060.

Share this post


Link to post
Share on other sites
Hi,

Thanks for reporting. This will be fixed in next update.

No problem.:lol:

Thanks.:lol:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.