Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malwarebytes false positives?

03 Jan 2012   #1
NecroticisM666

Windows 7 Ultimate Edition, 64 Bit Build 7600
 
 
Malwarebytes false positives?

I scanned my system using Malwarebytes flash scan and here is the Log Files:


1/3/2012 3:24:19 PM
mbam-log-2012-01-03 (15-24-19).txt

Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 139684
Time elapsed: 1 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 10
e:\users\public\documents\my pictures\aweks.pikz (Backdoor.Bot) -> Delete on reboot.
e:\users\public\documents\my pictures\my pictures.exe (Worm.AutoRun) -> Delete on reboot.
e:\users\public\documents\my pictures\my pictures.url (Trojan.Zlob) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\blue hills.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\cakep.exe (Worm.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\cuakep.exe (Worm.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\sunset.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\water lilies.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\winter.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\seram.pikz (Backdoor.Bot) -> Delete on reboot.

(end)



It says here that the files are deleted on reboot..but when I scanned it again using flash scan it detected the same thing again..
could it be that it's just a false positive?
I'm using windows 7 ultimate x64..
Thanks!


My System SpecsSystem Spec
.
03 Jan 2012   #2
DustSailor

Microsoft Windows 8.1 Pro 64-bit
 
 

Necro,

No, it may not be getting all of it. What antivirus do you have in addition to Malwarebytes, and why isn't it picking anything up?

:It isn't a false positive if it deletes it, and then it reappears. Its a false positive if it deletes something that isn't a virus.
My System SpecsSystem Spec
03 Jan 2012   #3
NecroticisM666

Windows 7 Ultimate Edition, 64 Bit Build 7600
 
 

Quote   Quote: Originally Posted by DustSailor View Post
Necro,

No, it may not be getting all of it. What antivirus do you have in addition to Malwarebytes, and why isn't it picking anything up?

:It isn't a false positive if it deletes it, and then it reappears. Its a false positive if it deletes something that isn't a virus.

I'm using Avira Personal edition..but when I look up to the directories where the files are detected, it is missing..
My System SpecsSystem Spec
.

03 Jan 2012   #4
DustSailor

Microsoft Windows 8.1 Pro 64-bit
 
 

Necro,

could you post a picture, I'm not sure what you mean. I've heard some good and bad things about Avira Personal, and can't say I know how well it performs myself.

You might try this out: Microsoft Safety Scanner

In addition, make sure both avira and Malwarebytes are updated completely and run the full scan on each, one after the other. This will take time. Make sure windows is completely updated, restart, and let me know if the problem persists.
My System SpecsSystem Spec
03 Jan 2012   #5
GianniDPC

Windows 7 Home Premium x64
 
 

Just put them in quarantine and see if all your programs are still working if so delete it then if not then put them out of the quarantine
My System SpecsSystem Spec
03 Jan 2012   #6
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi,

Be very careful : notice the files are renamed .EXE, they should be .JPG

Code:
 
e:\users\public\documents\my pictures\sample pictures\sunset.exe
This was reported as part of a Vista bug a few years ago in the Malwarebytes forums, but you really need to login to the Malwarbytes forums and post this message there.

Regards,
golden
My System SpecsSystem Spec
03 Jan 2012   #7
NecroticisM666

Windows 7 Ultimate Edition, 64 Bit Build 7600
 
 

Quote   Quote: Originally Posted by Golden View Post
Hi,

Be very careful : notice the files are renamed .EXE, they should be .JPG

Code:
 
e:\users\public\documents\my pictures\sample pictures\sunset.exe
This was reported as part of a Vista bug a few years ago in the Malwarebytes forums, but you really need to login to the Malwarbytes forums and post this message there.

Regards,
golden


Thanks for the replies!
Actually I'm using a dual boot with Windows Vista and 7 right now.
Maybe I will post this problem at Malwarebytes forum...
My System SpecsSystem Spec
03 Jan 2012   #8
ignatzatsonic

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium SP1, 64-bit
 
 

Quote   Quote: Originally Posted by NecroticisM666 View Post

Thanks for the replies!
Actually I'm using a dual boot with Windows Vista and 7 right now.
Maybe I will post this problem at Malwarebytes forum...
You could also upload the files here, where they will be examined by dozens of different antivirus scanners:

VirusTotal - Free Online Virus, Malware and URL Scanner
My System SpecsSystem Spec
Reply

 Malwarebytes false positives?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
I hate false positives
Malware is bad, but false positives are almost as bad, in my experience. I know no single antimalware is perfect, and free programs aren't near the quality of pay programs, and you often have to run 2 or more to find everything. MSE is.... well, it's free and part of Window sand while it offers...
System Security
a-square false positives?
I am wondering about some of a-squares findings on my latest scan. Things like winamp and win7codecs muc surely be clean:
System Security
malwarebytes DB error false positives
My MBAM detected 65 infected Trojan Downloaders on the 1 hour old Clean re-install of Win 7!!! :sarc: Anybody who had the same detection, dont get scared it is False positive: For confirmation look here: Trojan.Downloader detected in 65 system files - Malwarebytes Forum Hope you guys...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 14:43.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App