Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

JTI/Suspect!131076 attached to my Family Tree Maker .exe HELP!


  • Please log in to reply
11 replies to this topic

#1 MrsG94

MrsG94

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:53 PM

Posted 04 August 2017 - 03:45 PM

So I realized that my Family Tree Maker desktop shortcut looked different, and when I clicked on it to open the program, I got a message saying that Windows was looking for ftm.exe. I have McAfee LiveSafe installed on my Windows 10. I decided to dig in there to see if it accidentally decided it didn't like my ftm.exe anymore. Well, there it was with a nasty attached to it. I've done everything I know to rid my computer of this thing. I had McAfee LiveSafe delete it. I uninstalled my Family Tree Maker and re-installed it with the hope that I was getting a clean slate. Nope! First thing that happened is that McAfee pops up and says it's quarantined a file and it was my ftm.exe again. Plleeassee help me. Apparently, it is still lurking in the bowels of my hard drive even though McAfee "deleted" it. There is no one to trust with this stuff these days except for bleepingcomputer. This is the ONLY place ever that has gotten this junk off of my computers. Thanks in advance. 



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,725 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:53 PM

Posted 04 August 2017 - 07:45 PM

Possibly it's false positive.

Disable McAfee temporarily, reinstall FTM and see if it works.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:53 PM

Posted 05 August 2017 - 12:16 PM

Hi! Thanks for replying! I am trying your suggestion at this very moment. When you say it could be a possible false positive, do you mean that the JTI/Suspect!131076 isn't a real threat? Why would McAfee LiveSafe wait so long to decide that it didn't like the ftw.exe? I've had this computer for 4 months now and haven't had any problems. OR, is it that there was a problem with my ftw.exe (malware attached to it), and even though I had McAfee quarantine it and delete it AND I reinstalled my Family Tree Maker, McAfee still thinks it's bad? Sorry for all the questions!

**Update: I've installed Family Tree Maker once again while McAfee is disabled and my FTM program works fine so far. What does this mean?

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,725 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:53 PM

Posted 05 August 2017 - 06:26 PM

AV programs updates at least daily, so some updated data could create false positive.
it looks like that's the case since your program works fine now.

I suggest you post in McAfee forum about possible false positive.

Meanwhile you can put ftw.exe file into McAfee exceptions so it won't remove it again.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:53 PM

Posted 05 August 2017 - 07:14 PM

Ok, great! I wondered about whether or not to add it as an exception in the McAfee. That answers that question. So, just to be sure that I understand, is it safe to assume that I have not acquired a nasty virus on my computer?

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,725 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:53 PM

Posted 05 August 2017 - 07:46 PM

When you post in McAfee forum they'll ask you to provide that file and they'll check it.

Meanwhile you can upload it here: https://virustotal.com/ and see for yourself.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:53 PM

Posted 05 August 2017 - 07:53 PM

I did actually upload the bad file to virustotal, and it looked like it had bad stuff in it. I didn't know what to do with it from that point. Should I upload the results of that here? I'm not sure I trust the mcAfee people to know what they're doing. I know that might sound kinda crazy, but I don't really trust the Windows people, either, lol.

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,725 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:53 PM

Posted 05 August 2017 - 07:59 PM

Sure, you can post VirusTotal link here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:53 PM

Posted 05 August 2017 - 10:10 PM

Hi again. This is the link to virustotal after I uploaded the quarantined file.

https://virustotal.com/en/file/b516b256f812ca264fff0617ce098129d3ffdd4402cbdddf593038253b4fb28f/analysis/1501988577/

Please let me know what you think about it. Thank you so much for your help! Honestly, I would never have survived pc's if it weren't for the super heroes at bleeping computer!

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,725 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:53 PM

Posted 05 August 2017 - 10:26 PM

4 out of 63 to me is definitely false positive.

Keep in mind that 2 out those 4 come from McAfee.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:53 PM

Posted 06 August 2017 - 08:00 AM

Okay! That's such a relief! I'm just going to have McAfee allow my ftm.exe, and perhaps we won't hear a peep out of it again. Thank you for clearing this mess up for me!

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,725 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:53 PM

Posted 06 August 2017 - 11:09 AM

Sure thing :)


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users