Help - Search - Members - Calendar
Full Version: False Positive
Malwarebytes Forum > Malwarebytes' Anti-Malware Support > False Positives
SweetTech
Nov 5 2009, 12:29 AM
I've been helping a user at WhatTheTech. A link to the thread.
The file in question is: D:\Program Files\Sierra\Half-Life\gearbox\Dq2249.icd. I suspect the file in question is a false positive because it belongs to the legitimate Sierra Half-Life program. MBAM is detecting the file as a Trojan.Agent infection. It was first detected when the user ran a full scan using MBAM here. The user scanned the file using VirusTotal. I then had the user upload the file to your UploadNet! server. Then I had the user run MBAM in Developer mode and the log can be found here.

I hope that I've provided you with enough information. If you should require any additional scans/logs please let me know.

Thanks,
SweetTech.
miekiemoes
Nov 5 2009, 06:52 AM
Hi,

QUOTE
The user scanned the file using VirusTotal.
.

I think above results say it already, 21 out of 41 other scanners detect it as well.
In either way, since you uploaded it for us, we will investigate it again and remove detection if it's indeed a false positive.
SweetTech
Nov 6 2009, 03:40 AM
Thanks miekiemoes!

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.