Jump to content

False positive Forged physical sector ?

ponsich
 Share

Recommended Posts

ponsich

ponsich

Posted
Posted

Hello

 

Malwarebytes Anti-Malware find me a forged physical sector who come back after each reboot.

I chose to place it in quarantine and reboot when I asked but it always reaper when I scan again after boot.

 

I notice that the sector is out of my formatted partition on my Intel Raid volume.

Then I make a research on virustotal.com with the MD5 hash-code ( bf619eac0cdf3f68d496ea9344137e8b )

Virustotal show it as a file named mbrfake with 0 detection ratio. On the comment it apear that is should be a bootsector image created by Intel RST Driver.

So I'm now pretty sure now that is a false positive. Could you confirm that and put it in your white list ?

Link to post
Share on other sites
  • 3 weeks later...
Zhooom

Zhooom

Posted
Posted

Exact same issue here - and I'm also running Intel Raid Storage Manager.  I'm glad that google finally turned something up on this topic since I've been going out of my mind with this error showing up all the time!  I'd do a scan right after rebooting and it shows up as being fine - then anywhere from 10 minutes to 8 hours later, this error comes back again.  I was getting very close to formatting and reloading, but I had this nagging doubt since Norton 360, Spybot, etc never turned up any errors...

 

I really hope this is a false positive, and that it can be fixed quickly.  I'm going to post a link back to this thread under the Anti-Malware Support/False Positives forum here with the information they require in the sticky.  They don't have a "Physical Sector" forum, so in the file forum I guess unless you know a better place.  Btw, maybe it's normal, but I can't see any scan report in your post ponisch.  (I'm a new forum member, although I've been running a licensed MalwareBytes for 4 years now, and the free version quite a while prior to that.  I just never needed support until now!)

 

I'll get it done as soon as it pops up for me again ... shouldn't be long. :P  I was pretty freaked out since it was so deep in the system and not nearly as easy to confirm like a suspicious file...

 

Speak of the devil.  5am comes around and on the dot, here's my Malware Detected message.  LOL - I guess I'll get started.

Link to post
Share on other sites
  • 1 month later...
mike5719

mike5719

Posted
Posted

I was having the same issues but found that Malwarebytes only detected it only after the Intel RST driver was installed and the PC rebooted.  I was using the RST supplied by ASUS for my motherboard, but I also tried downloading RST from the Intel website and had the same problem.

I concluded it was a false positive and created an exception in Malwarebytes for it.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.