Sign In
Create Account
0
This afternoon while doing a standard weekly scan of my computer, I was shocked when MBAM found that a file that has been on my hard drive for over two years was suddenly classified as a trojan. I uploaded the file to Virus Total, and it came back clean (0/42), but I'm still uneasy as to why MBAM would suddenly consider this file to be a threat.
I'm running the latest version of MBAM with the latest definitions on Windows 7, fully patched. I browse and use all internet facing applications in a self-purging Sandbox, and in time since the last scan with MBAM, I've not let anything out of said sandbox. The file in question was deleted by MBAM, so I'm unable to submit it or process it as a false positive. What I can say about it, though, is that it was a utility that allowed the decade-plus-old game Deus Ex run on modern systems. The name of the file was DxFix.exe and I believe I obtained it from http://kentie.net/article/dxguide/ - It was labeled as (Trojan.Zipdrop) in the log file. As I said, I no longer have this file on my computer, out of fear it was malicious.
Is this likely to be a false positive? Or have I had a Trojan sitting on my hard drive for over two years that only MBAM can see, and only saw just today?
Back to top
#2
Posted 27 April 2012 - 08:11 PM
-
- Administrators
-
- 15,072 posts
exile
- Gender:Male
Greetings 
This likely is a false positive.
Please refer to this post: Read before reporting a false positive!
and post the info here: False Positives and one of our researchers will investigate the issue and respond as to whether or not this is a false positive, and if it is, they will get it corrected.
Thanks
This likely is a false positive.
Please refer to this post: Read before reporting a false positive!
and post the info here: False Positives and one of our researchers will investigate the issue and respond as to whether or not this is a false positive, and if it is, they will get it corrected.
Thanks
#3
Posted 27 April 2012 - 08:17 PM
-
- Members
-
- 5 posts
New Member
exile360, on 27 April 2012 - 08:11 PM, said:
Greetings
This likely is a false positive.
Please refer to this post: Read before reporting a false positive!
and post the info here: False Positives and one of our researchers will investigate the issue and respond as to whether or not this is a false positive, and if it is, they will get it corrected.
Thanks
This likely is a false positive.
Please refer to this post: Read before reporting a false positive!
and post the info here: False Positives and one of our researchers will investigate the issue and respond as to whether or not this is a false positive, and if it is, they will get it corrected.
Thanks
Thank you, but as I said, the file was deleted. Thus, I cannot follow your recommendations. I appreciate it, though.
#4
Posted 27 April 2012 - 08:56 PM
-
- Administrators
-
- 15,072 posts
exile
- Gender:Male
Ah, no worries then .
.
#5
Posted 27 April 2012 - 09:52 PM
-
- Members
-
- 5 posts
New Member
tetranitrocubane, on 27 April 2012 - 08:17 PM, said:
Thank you, but as I said, the file was deleted. Thus, I cannot follow your recommendations. I appreciate it, though.
Actually, I have just recovered the file from backups and will be following your advice! Thank you.
#6
Posted 27 April 2012 - 11:41 PM
-
- Administrators
-
- 15,072 posts
exile
- Gender:Male
Excellent, thanks for helping us out to eliminate FP's .
.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
