Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Repeated instances of Malware.Packer.Gen with MBAM


  • Please log in to reply
3 replies to this topic

#1 schtoltheim

schtoltheim

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 03 April 2011 - 11:05 AM

Okay, I'm running Windows XP, most recent service pack, etc.

So, I ran a search of with MBAM last week and found on my portable hard drive a Malware.Packer.Gen file. It was in a file folder belonging to an emulator I used in the past and had backed up last summer. Looking through the logs, it seemed like MBAM had found this before in the emulator when it was on my hard drive, but not before I had backed it up on my portable hard drive (I don't scan my portable hard drive as much as I should, I suspect, although I only ever use it with my computer as a back-up system). Since nothing else had shown up on my computer in the ensuing months from the first instance nor after running Norton, SuperAntiSpyware, and MBAM in safe mode to be sure, I chalked it up to a possible false positive as it seemed like Malware.Packer.Gen seems to be the false positive of choice for MBAM after I did some cursory searching of the internet.

I cleaned it and everything seemed to be fine, but then yesterday I was running my weekly Norton/SuperAntiSpyware/MBAM sweep of my computer (not at the same time) and MBAM found another Malware.Packer.Gen file on my portable hard drive, this time in the system restore folder. I cleaned it and ran Norton and MBAM again in safe mode and found nothing. Am I likely dealing with false positives or is something more sinister afoot here?

BC AdBot (Login to Remove)

 


#2 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 03 April 2011 - 11:13 AM

Oh, my portable hard drive is a SeaGate 500 gb, if that is relevant.

#3 MikeF12

MikeF12

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 13 April 2011 - 06:17 PM

Re: Malware.Packer.Gen

MBAM just found the same nasty in an old (2006) copy of analogx-proxyi.exe that I've had laying around. It's a legit midget proxy server from a legit developer, so I'm pretty sure mine was a false positive.

Yours may be too. Upload the possibly infected file to virustotal.com and see what results you get.

#4 schtoltheim

schtoltheim
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 13 April 2011 - 09:46 PM

Thanks. Unfortunately I already deleted the files after they were quarantined, so I suppose that makes confirming if they were a false positive a little more difficult (facepalm).




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users