three false positives?

[dollsey74]

I just installed MBAM, scanned my laptop, and the results indicate that there are three pieces of Malware on my laptop. The logfile is listed below. I also ran Ad-Aware, Spybot - Search & Destroy, and SUPERAntiSpyware. None of these found any malware on my laptop. Are these false positives or is MBAM finding things that other programs aren't finding?

Thanks,

Jason

---------------

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\serauth1.dll (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\serauth2.dll (Trojan.Agent) -> No action taken.

[JeanInMontana]

Hi dollsey74 and welcome to Malwarebytes. Please go here and follow the instructions, start your own topic in that forum and post the logs requested in your post, not attached. http://www.malwarebytes.org/forums/index.php?showtopic=2936 Someone will have a look and tell you what to do.

[nosirrah]

C:\WINDOWS\system32\serauth1.dll (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\serauth2.dll (Trojan.Agent) -> No action taken.

^^ Google says bad so I would be surprised if they are not malware .^^

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

^^ This is MBAM turning back on a disabled start menu component , in this case unhiding MyComputer .^^

This one is neither FP nor real malware , it is MBAM seeing a component commonly disabled by malware and turning it back on . If you have disabled this yourself just add it to the ignore list and it wont turn up in a scan again .

[dollsey74]

JeanInMontana and nosirrah,

Thank you both for the responses. I ended up having MBAM delete the three infections.

Jason

[ftr]

I just installed MBAM, scanned my laptop, and the results indicate that there are three pieces of Malware on my laptop. The logfile is listed below. I also ran Ad-Aware, Spybot - Search & Destroy, and SUPERAntiSpyware. None of these found any malware on my laptop. Are these false positives or is MBAM finding things that other programs aren't finding?

Thanks,

Jason

Hi,

I just nearly made the same experience. After an unmotivated stop of my notebook (complete shut-down) I made a scan with MalByteware to see whether a malware was at the origin. AntiVir Personal and SpyBot didn't find anything, MBAM found serauth1.dll and serauth2.dll with 0 file length in the windows\systems32 folder.

What should I do ? What happens if I make MBAM remove them ?

Thanks,

Frank

mbam_log_2008_12_14__11_37_30_.txt

mbam_log_2008_12_14__11_37_30_.txt

[exile360]

Greetings Frank, and welcome to the forum. To get you fixed up please read the instructions here: http://www.malwarebytes.org/forums/index.php?showtopic=2936 and post your logs in a new topic here: http://www.malwarebytes.org/forums/index.php?showforum=7

Please be sure not to install any software or use any removal/scanning tools exept those that you are instructed to by the expert who will be assisting you as doing so can make their job much more difficult. I hope I was helpful. Good luck and safe surfing.