cdubya

Bloodhound.MalPE

4 posts in this topic

We run Endpoint Protection 11 on our machines here and we had a machine that was acting weird and started warning about infections. I uninstalled the previous version of mbam as it wouldn't patch to the current version and downloaded the current, then patched.

Ran perform full scan and it found some items that I told to remove selected. I then went to the quarantine tab and deleted all of them.

I have run full scans in safe mode on any profile I knew of on this machine and it came up clean, yet Endpoint Protection seems to think the machine is still infected with Bloodhound.MalPE. The irony is all the detections are from Symanted related folders (whether quarantine or another subdirectory of Documents and Settings > All Users > Symantec).

Is it reasonable to think this may be a false positive since Mbam isn't picking anything else up?

Thanks,

C.

Share this post


Link to post
Share on other sites

Hello cdubya and Welcome

I suggest letting one of the Experts have a look at it to start the cleaning process. It is a FREE service

As we don't work on Malware removal in the General Malwarebytes' Anti-Malware Forum as it is for issues with the program itself,

only in the Malware Removal - HijackThis Logs section

Please print out, read and follow the Directions Here, skipping any steps you are unable to complete. Then post a NEW Topic Here

One of the Expert helpers there will give you one-on-one assistance when one becomes available.

Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help. If no one has replied within 48 hours then please go ahead and either reply to your post or send a private message to a Moderator and let them know that you're still needing assistance.

Logs to reply with:(If possible)

MBAM

DDS/GMER

If you are unable to do all or any of the steps in the link to the directions above, just post your problem into the forum I gave you a link to anyway and someone will be able to assist you.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options(Immediate Email Notification) so that you're alerted when someone has replied to your post.

Email Notification of new messages

Also, when replying, please use the ADDREPLYa8JTu.jpg button located at the bottom of the page, as this makes the forum easier to read.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or HERE

If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

Thanks :)

Share this post


Link to post
Share on other sites

Please follow the directions above from Firefox , But read below also -

Symantec claims it should be removed with their program in This Article recently released -

It is detected and removable by Symantec if their program is up to date -

That is another reason why you need updated Antivirus programs as well as Malwarebytes -

Thank You -

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.