Jump to content


Photo

Two false positive


  • This topic is locked This topic is locked
7 replies to this topic

#1 Broni

Broni

    Regular Member

  • Honorary Members
  • PipPip
  • 66 posts

Posted 09 February 2008 - 02:21 PM

Attached is my log with two false positives.
First two (registry entries), identified as Trojan.Conhook refer to clean PowerISO folder.
Next three, refer to my modem file. Checked with Jotti scan - clean.
No other scanner (SAS, ThreadFire, a-squared, HJT) picks up anything.

Attached Files



#2 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Root Admin
  • PipPipPipPipPipPip
  • 4,148 posts
  • Gender:Male

Posted 09 February 2008 - 02:37 PM

Hi, thanks for the report. Can you please post a developer log.

mbam.exe /developer

Command line.
Marcin Kleczynski
Chief Executive Officer



Follow us: Twitter, Become a fan: Facebook

#3 nosirrah

nosirrah

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 5,452 posts
  • Gender:Male
  • Location:Northampton, MA USA

Posted 09 February 2008 - 05:48 PM

I fixed the one I could verify and took a crack at the other , let me know if I have these fixed .

On top of that dev log you can also zip and attach that file to your next post if I still flag it .
Bruce Harrison
Vice President of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook

#4 Broni

Broni

    Regular Member

  • Honorary Members
  • PipPip
  • 66 posts

Posted 09 February 2008 - 08:07 PM

Sorry, guys. I didn't get any email notification about your replies.
I'm on it. Running MBAM, now.

#5 Broni

Broni

    Regular Member

  • Honorary Members
  • PipPip
  • 66 posts

Posted 09 February 2008 - 08:49 PM

OK. PowerISO entry went undetected, but modem file (3 instances) was flagged.
Log attached.

Attached Files



#6 nosirrah

nosirrah

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 5,452 posts
  • Gender:Male
  • Location:Northampton, MA USA

Posted 09 February 2008 - 09:45 PM

Thankyou for this info , the FP will be resolved in the final update tonight .
Bruce Harrison
Vice President of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook

#7 Broni

Broni

    Regular Member

  • Honorary Members
  • PipPip
  • 66 posts

Posted 09 February 2008 - 10:11 PM

Thanks guys. I like your program, and I recommended it to number of people, so it's nice to see quick response.
Have a nice day.

#8 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Root Admin
  • PipPipPipPipPipPip
  • 4,148 posts
  • Gender:Male

Posted 09 February 2008 - 10:16 PM

No problem, feel free to stick around, you are always welcome at Malwarebytes :).

I will close this topic since the false positive has been resolved. Thanks for helping out!
Marcin Kleczynski
Chief Executive Officer



Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users