Jump to content


Photo

Bloodhound.MalPE


  • Please log in to reply
3 replies to this topic

#1 cdubya

cdubya

    New Member

  • Members
  • Pip
  • 1 posts

Posted 27 July 2010 - 09:05 AM

We run Endpoint Protection 11 on our machines here and we had a machine that was acting weird and started warning about infections. I uninstalled the previous version of mbam as it wouldn't patch to the current version and downloaded the current, then patched.

Ran perform full scan and it found some items that I told to remove selected. I then went to the quarantine tab and deleted all of them.

I have run full scans in safe mode on any profile I knew of on this machine and it came up clean, yet Endpoint Protection seems to think the machine is still infected with Bloodhound.MalPE. The irony is all the detections are from Symanted related folders (whether quarantine or another subdirectory of Documents and Settings > All Users > Symantec).

Is it reasonable to think this may be a false positive since Mbam isn't picking anything else up?

Thanks,

C.

#2 Wide Glide

Wide Glide

    Just a pebble in the stream

  • Spam Hunters
  • PipPipPipPipPipPip
  • 1,533 posts
  • Gender:Male
  • Location:Louisiana, USA

Posted 27 July 2010 - 09:12 AM

Hello cdubya and Welcome

I suggest letting one of the Experts have a look at it to start the cleaning process. It is a FREE service
As we don't work on Malware removal in the General Malwarebytes' Anti-Malware Forum as it is for issues with the program itself,
only in the Malware Removal - HijackThis Logs section

Please print out, read and follow the Directions Here, skipping any steps you are unable to complete. Then post a NEW Topic Here
One of the Expert helpers there will give you one-on-one assistance when one becomes available.
Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help. If no one has replied within 48 hours then please go ahead and either reply to your post or send a private message to a Moderator and let them know that you're still needing assistance.
Logs to reply with:(If possible)
MBAM
DDS/GMER

If you are unable to do all or any of the steps in the link to the directions above, just post your problem into the forum I gave you a link to anyway and someone will be able to assist you.
After posting your new post make sure under options that you select Track this topic and choose one of the Email options(Immediate Email Notification) so that you're alerted when someone has replied to your post.
Email Notification of new messages

Also, when replying, please use the ADDREPLYPosted Image button located at the bottom of the page, as this makes the forum easier to read.
Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or HERE
If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

Thanks :)

Vista HP 64bit 7Mtxr.png


#3 Firefox

Firefox

    Forum Deity

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 10,129 posts
  • Gender:Male
  • Location:USA

Posted 27 July 2010 - 10:01 AM

As this seems to be in a corporate environment.....

Please send an email to Corporate Support Team <corporate-support@malwarebytes.org> with your Cleverbridge order reference number and they will assist you.

post-2065-0-92797800-1392234217.jpg


Dell Precision T7500, Win7 Ultimate 64bit fully updated, McAfee Corp Edition v8.8,
Watchguard Firewall, Intel Xeon E5606CPU, Dual Quad Core Processors, 16GB Ram,
E5606 @ 2.13GHz, Nvidia Quadro NVS420, Raid-1 Dual 1TB Sata 10000 rpm Hard Drives
Dual DVD Burners, IE10, Opera, MBAM, MBSB, MBAE


#4 noknojon

noknojon

    you know why ---

  • Honorary Members
  • PipPipPipPipPipPip
  • 6,090 posts
  • Gender:Male

Posted 27 July 2010 - 11:19 PM

Please follow the directions above from Firefox , But read below also -
Symantec claims it should be removed with their program in This Article recently released -
It is detected and removable by Symantec if their program is up to date -
That is another reason why you need updated Antivirus programs as well as Malwarebytes -
Thank You -
Just another private helper .......................... The answer is always 42, or Reboot
If you are waiting for an answer Press F5 ................. you may have one waiting for you ........




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users