7 replies to this topic

[almirsahbaz]

When I update malwarebytes database today and scan my computer I get result that file ChPrio.exe which is located in C:\Windows\SysWOW64\Tools is infected. This file is not modified since 2009 and this is crucial system file, is this false positive?

Attached Files

•  ChPrio.zip   46.96K   11 downloads

[nosirrah]

This will be fixed in the next update.

[almirsahbaz]

nosirrah, on 23 June 2011 - 03:19 PM, said:

This will be fixed in the next update.

Are you 100% sure that this is false positive, I'm scanning now my computer again using mbam.exe /developer , and I will post log file soon.

[shadowwar]

Yes. Its not a file by microsoft but a file leftover from a install. It is a valid file though and not malware.

[almirsahbaz]

I just finished scanning my computer using mbam.exe /developer . This file is located on c:\Windows\System32\Tools\ChPrio.exe (Rogue.SystemSmartSecurity) and c:\Windows\SysWOW64\Tools\ChPrio.exe (Rogue.SystemSmartSecurity) . Here is the log.

Attached Files

•  mbam-log-2011-06-23 (22-36-35).txt   1.1K   8 downloads

[shadowwar]

Just update and it should no longer be detected.

[almirsahbaz]

I had same problem year ago, with same file. Than you said that it is a valid file, leftover after some installation. You can see original file (which is not modified since than) in here: http://forums.malwar...showtopic=88005 . Then it was called: (Rogue.SystemSmartSecurity).

[shadowwar]

Fixed in the next update.