cancel
Showing results for 
Search instead for 
Did you mean: 

RE: MBAM false positive

Send SuperAntiSpyware.exe to the lab if it has been quarantined and explain the situation to them.
melboy
Level 7
Report Inappropriate Content
Message 12 of 23

RE: MBAM false positive

Hi Nicko (RD ;)?)

It would seem you are getting two (one or more items detected on your computer) detections (Generic.dx) there,
one for file: MBAM-Dor.exe
and
one for Process: SuperAntiSpyware.exe

???

RE: MBAM false positive

Hi Melboy,

That's what I thought at first, but if it were more than one detection, then wouldn't there be a seperate entry in quarantine for each detection?? The details in the image are for one entry only.






Image below from when I restored the above detection.





Thanks.:)
Highlighted
melboy
Level 7
Report Inappropriate Content
Message 14 of 23

RE: MBAM false positive

Strange!?!

It wouldn't be the first detection of SuperAntiSpyware.exe by an AV, a few have done so in the past. If Mcafee was at some point detecting it then i'm sure more would have reported it. This is the only other (admittedly tenuous) reference to it possibly doing so i can find.

"Long story short, McAfee said it "cleaned" a virus in SuperAntiSpyware."

RE: MBAM false positive

Hi Melboy,

Sorry I took so long to post back, I had to step out for a while.

I not sure SuperAntiSpyware was ever detected by McAfee. I only had one entry in quarantine and when I restored that entry it was restored to the MBAM folder. Therefore I would gather that the file in quarantine was MBAM-Dor.exe. (ref. images in my previous post)

What I don't understand is why there was a mention of SuperAntiSpyware in the details of this quarantined file.

I hope I'm making sense :D.null
melboy
Level 7
Report Inappropriate Content
Message 16 of 23

RE: MBAM false positive

Your making perfect sense, what your seeing doesn't (not to me anyway)...

Detection Name: Generic.dx (Trojan), Generic.dx (Trojan)

...it does seem to point to two detections, both Generic.dx.

Maybe a Mcafee tech might see this and have an explanation for it.

RE: MBAM false positive

Hi Melboy,

Yes, it would be nice if a Tech did reply with some sort of explanation, or if someone else who also detected the Mbam-dor.exe FP could check their logs and reply, possibly with a screenshot.

Anyway thanks for all your help, RD.;):D
Reliable Contributor twenden
Reliable Contributor
Report Inappropriate Content
Message 18 of 23

RE: MBAM false positive

I also had this problem this morning. On my home PC, I have the McAfee retail VirusScan 12. It detected mbam-dor.exe as the generic.dx trojan.

What is going on? Is it really a trojan or a false positive. I am going to try scanning the file at work with the McAfee Enterprise 8.5i version of VirusScan.

Just installed MalwareBytes and then scanned the malwarebytes folder with VirusScan 8.5i with latest DAT 5426. It did not report anything found even on the file mbam-dor.exe. It appears that it is just the retail version that is flagging this program.

RE: MBAM false positive



I just ran McAfee scan with MBAM installed. I did't find any issues.
Reliable Contributor twenden
Reliable Contributor
Report Inappropriate Content
Message 20 of 23

RE: MBAM false positive



I will reinstall MBAM tonight at home and do another scan. Hopefully, I didn't download a trojanized version that might have been on some download mirror site.