Possible FP on Orbit Downloader version 2.7.4

[DavidR]

I have Orbit Downloader for some time now and only recently after my last weekly MBAM and weekly on-demand scan 9 suspect items are found. As far as I can tell they all relate to the Orbit Downloader.

I did another update (hoping that any possible FP had been corrected) followed by a scan and the items were still reported, see log below for details and MBAM version and database version...

Only 2 heuristic detections on the suspect orbitcth.dll file at virustotal, VT Results. I have also run a superantispyware scan and no detections found.

MBAM.exe /Developer log

Malwarebytes' Anti-Malware 1.28

Database version: 1255

Windows 5.1.2600 Service Pack 3

11/10/2008 19:05:22

mbam-log-2008-10-11 (19-05-16).txt

Scan type: Quick Scan

Objects scanned: 44492

Time elapsed: 25 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 8

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\orbitcth.octh (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_CLASSES_ROOT\TypeLib\{bcdde143-fae3-4c57-b22b-c4e8678cfdc0} (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_CLASSES_ROOT\Interface\{a26b97b2-a28d-4008-b034-fa1622e04c20} (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_CLASSES_ROOT\Interface\{ebcf70eb-898a-4346-9e15-4ec55ac15f8f} (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_CLASSES_ROOT\CLSID\{000123b4-9b42-4900-b3f7-f4b073efc214} (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123b4-9b42-4900-b3f7-f4b073efc214} (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_CLASSES_ROOT\CLSID\{7854f00c-dc77-477e-a10e-603f48442d3b} (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

HKEY_CLASSES_ROOT\orbitcth.octh.1 (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\Orbitdownloader\orbitcth.dll (Trojan.BHO) -> No action taken. [4054423730538380756679153541481301921717171819206721142667211914212617171467207

1241471216717242070716819182194]

[nosirrah]

Looks like a potential GUID collision , I can get this fixed in the next update .

[DavidR]

Thanks for the very prompt response.

[DavidR]

Looks like a potential GUID collision , I can get this fixed in the next update .

RESOLVED

- I would have put this in the topic Title but couldn't see any way to do that.

I have downloaded the latest update and a scan doesn't pick this up.

Malwarebytes' Anti-Malware 1.28

Database version: 1258

Thanks for the very prompt correction to this FP, very efficient.