Malwarebytes false positives?

NecroticisM666

NecroticisM666

Symphony of Sickness
I scanned my system using Malwarebytes flash scan and here is the Log Files:


1/3/2012 3:24:19 PM
mbam-log-2012-01-03 (15-24-19).txt

Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 139684
Time elapsed: 1 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 10
e:\users\public\documents\my pictures\aweks.pikz (Backdoor.Bot) -> Delete on reboot.
e:\users\public\documents\my pictures\my pictures.exe (Worm.AutoRun) -> Delete on reboot.
e:\users\public\documents\my pictures\my pictures.url (Trojan.Zlob) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\blue hills.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\cakep.exe (Worm.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\cuakep.exe (Worm.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\sunset.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\water lilies.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\sample pictures\winter.exe (Trojan.Xanib) -> Delete on reboot.
e:\users\public\documents\my pictures\seram.pikz (Backdoor.Bot) -> Delete on reboot.

(end)



It says here that the files are deleted on reboot..but when I scanned it again using flash scan it detected the same thing again..
could it be that it's just a false positive?
I'm using windows 7 ultimate x64..
Thanks!
 

My Computer

Computer Manufacturer/Model Number
Acer 4730Z
OS
Windows 7 Ultimate Edition, 64 Bit Build 7600
CPU
Intel Pentium Dual Core
Motherboard
Aspire 4730Z (uPGA-478)
Memory
2.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
Graphics Card(s)
Mobile Intel(R) 4 Series Express Chipset Family
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800 @60 Hz
Hard Drives
156GB Hitachi Hitachi HTS542516K9SA00 ATA Device (SATA)
Necro,

No, it may not be getting all of it. What antivirus do you have in addition to Malwarebytes, and why isn't it picking anything up?

:It isn't a false positive if it deletes it, and then it reappears. Its a false positive if it deletes something that isn't a virus.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Asus Build
OS
Microsoft Windows 8.1 Pro 64-bit
CPU
Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Motherboard
B85M-E
Memory
8.00 GB
Graphics Card(s)
None
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Asus 23.6" Monitor
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
INTEL SSDSC2BW180A4
Samsung SSD 840 PRO Series
PSU
Seasonic S12II-380Bronze
Case
Lian Li
Cooling
Fan, Passive
Keyboard
Logitech K120
Mouse
Microsoft Touch Mouse
Internet Speed
4ms Ping, 19.0 Mbps Download, 19.0 Mbps Upload
Antivirus
Eset Endpoint
Browser
Internet Explorer, Chrome
DustSailor said:
Necro,

No, it may not be getting all of it. What antivirus do you have in addition to Malwarebytes, and why isn't it picking anything up?

:It isn't a false positive if it deletes it, and then it reappears. Its a false positive if it deletes something that isn't a virus.
Click to expand...


I'm using Avira Personal edition..but when I look up to the directories where the files are detected, it is missing..
 

My Computer

Computer Manufacturer/Model Number
Acer 4730Z
OS
Windows 7 Ultimate Edition, 64 Bit Build 7600
CPU
Intel Pentium Dual Core
Motherboard
Aspire 4730Z (uPGA-478)
Memory
2.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
Graphics Card(s)
Mobile Intel(R) 4 Series Express Chipset Family
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800 @60 Hz
Hard Drives
156GB Hitachi Hitachi HTS542516K9SA00 ATA Device (SATA)
Necro,

could you post a picture, I'm not sure what you mean. I've heard some good and bad things about Avira Personal, and can't say I know how well it performs myself.

You might try this out: http://www.sevenforums.com/tutorials/157118-microsoft-safety-scanner.html

In addition, make sure both avira and Malwarebytes are updated completely and run the full scan on each, one after the other. This will take time. Make sure windows is completely updated, restart, and let me know if the problem persists.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Asus Build
OS
Microsoft Windows 8.1 Pro 64-bit
CPU
Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Motherboard
B85M-E
Memory
8.00 GB
Graphics Card(s)
None
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Asus 23.6" Monitor
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
INTEL SSDSC2BW180A4
Samsung SSD 840 PRO Series
PSU
Seasonic S12II-380Bronze
Case
Lian Li
Cooling
Fan, Passive
Keyboard
Logitech K120
Mouse
Microsoft Touch Mouse
Internet Speed
4ms Ping, 19.0 Mbps Download, 19.0 Mbps Upload
Antivirus
Eset Endpoint
Browser
Internet Explorer, Chrome
Just put them in quarantine and see if all your programs are still working if so delete it then if not then put them out of the quarantine
 

My Computer

Computer Manufacturer/Model Number
Homebuilt
OS
Windows 7 Home Premium x64
CPU
Core i7 2600K
Motherboard
Asus P8Z77-V LX
Memory
4GB DDR3 Kingston HyperX
Graphics Card(s)
Gigabyte GTX 670
Sound Card
Realtek HD Audio
Monitor(s) Displays
Delium Monitor
Screen Resolution
1360 x 768
Hard Drives
C: (500GB)
PSU
Corsair 620W
Case
Antec
Cooling
Cooling Master
Keyboard
Logitech
Mouse
Logitech wireless mouse M 505
Internet Speed
60MBPS
Hi,

Be very careful : notice the files are renamed .EXE, they should be .JPG

Code: 
e:\users\public\documents\my pictures\sample pictures\sunset.[COLOR=red]exe[/COLOR]

This was reported as part of a Vista bug a few years ago in the Malwarebytes forums, but you really need to login to the Malwarbytes forums and post this message there.

Regards,
golden
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
Golden said:
Hi,

Be very careful : notice the files are renamed .EXE, they should be .JPG

Code: 
e:\users\public\documents\my pictures\sample pictures\sunset.[COLOR=red]exe[/COLOR]
This was reported as part of a Vista bug a few years ago in the Malwarebytes forums, but you really need to login to the Malwarbytes forums and post this message there.

Regards,
golden
Click to expand...



Thanks for the replies!
Actually I'm using a dual boot with Windows Vista and 7 right now.
Maybe I will post this problem at Malwarebytes forum...
 

My Computer

Computer Manufacturer/Model Number
Acer 4730Z
OS
Windows 7 Ultimate Edition, 64 Bit Build 7600
CPU
Intel Pentium Dual Core
Motherboard
Aspire 4730Z (uPGA-478)
Memory
2.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
Graphics Card(s)
Mobile Intel(R) 4 Series Express Chipset Family
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800 @60 Hz
Hard Drives
156GB Hitachi Hitachi HTS542516K9SA00 ATA Device (SATA)

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Ignatz Special; 4 speed manual gearbox; factory air conditioning; one of one
OS
Windows 7 Home Premium SP1, 64-bit
CPU
Intel Skylake i5-6600K, not overclocked
Motherboard
AsRock Z170M Extreme 4, micro ATX
Memory
8 GB HyperX DDR4-2666 (2 x 4 GB)
Graphics Card(s)
none; graphics are integrated on CPU
Sound Card
onboard: Realtek ALC1150; external: USB Behringer UF0-202
Monitor(s) Displays
Dell S2340M 23 inch IPS
Screen Resolution
1600 x 900
Hard Drives
System: Crucial MX100 series SSD, 128 GB;
Data: Samsung Spinpoint 103SJ, 1 TB;
Backup: WD Caviar Green WD30EZRX-00D8PB0, 3 TB
PSU
Rosewill SilentNight 500 watt fanless, semi-modular
Case
Antec Solo II
Cooling
Noctua NH-U12S; Noctua F12 intake, Noctua S12A exhaust
Keyboard
Microsoft 200 6JH-00001 USB
Mouse
Dell or Microsoft optical wired; USB
Antivirus
Microsoft Security Essentials and Malwarebytes Premium
Browser
Pale Moon
Other Info
All fans PWM; speeds at idle: CPU circa 500 rpm; intake circa 600 rpm; exhaust circa 600 rpm; CPU temps 27 idle and 47 C load in a warm room (27 C/81 F) when running Intel Extreme Tuning Utility stress test.
You must log in or register to reply here.
Back
Top