New
#1
Hi Danny,
Just to be on the safe side and exclude (or confirm) that it is a false positive: post to the Malwarebytes Forum over here and attach your log:
Malwarebytes Forum
I've got false positives from Malwarebytes before (twice), and I checked the forum each time before doing anything in order to get confirmation, and a new definition file fixed the issue.
If those files Malwarebytes flagged happen to be false positives and you delete them, you might end up crippling your computer...So I think it's best to make sure in the Malwarebytes Forum.
Danny, the flagged files are in the winsxs directory, thats the problem. As you know, that folder holds authoritative versions of OS files that are required to repair corrupted files. Can you afford to have those files deleted? No. Why? as long as the corresponding files in System32 are intact, you shouldn't encounter any problem even if you manage to delete the winsxs files. The problem will arise when you try to update because some components will be missing.
If I were you, I'd just ignore MBAM's findings. If you're very very paranoid, run a repair install.
I'd want to make sure and get certainty by going to the Malwarebytes Forum - I think the Malwarebytes programmers contribute to the forum, too, so they will be able to give more information. In this case, I don't think taking immediate action (deleting) or simply ignoring the flagged items without getting more information is a good idea.
I only know that the forum helped me a lot when Malwarebytes give me false positives some time back.
Thanks for your input guys. I had just ignored it up to now as it didn't seem to sit right with me. As Bill2 said jumping in and deleting files from the winsxs folder is liable to bite you back as some point. I've ran 3 online scanners and superantispyware and nothing pinged up on them so I will just post on the Malwarebytes forum and see if a new definition solves the problem.
Thankyou all for your help
Danny
They are pretty quick with their updates Danny - in the next few updates I doubt this will be flagged again.
Regards,
Golden
And as if by magic I've just updated again and re-run and alls clear. Thanks for all your help guys.Its not my area malware and viruses and I am probably on the paranoid side running scans very frequently with various scanners but in 2 years of windows 7 this is only the second item to be brought to my attention so it works for me.
Thanks again
Danny
So it was a false positive?
Good to know that the latest definition fixed it :-D
I'm still going to post on there forum however, maybe useful for others.
Here - http://forums.malwarebytes.org/index...howtopic=97047
Danny
Last edited by xxxdannyxxx; 05 Oct 2011 at 09:20.