Adlice forum
Software feedback => RogueKiller => Topic started by: Faergor on April 05, 2019, 12:50:56 AM
-
Hello,
I scanned my computer with roguekiller, eset online scanner,malwarebytes, malwarebytes mbar.
Malwarebytes Mbar found this as infected file. File located in winrar folder called Default.SFX.
I uploaded file to virustotal and more antivirus programs picked it up.
https://www.virustotal.com/#/file/0a2484026f989bbc29caba5873ac9c0a64ecad529b76f08a50cb1ec470b04453/detection
Then I scanned my computer with Malwarebytes and it caught this:
Trojan.FlyStudio, C:\PROGRAMDATA\MALWAREBYTES' ANTI-MALWARE (PORTABLE)\DEFAULT.SFX-K.MBAM, No Action By User, [8009], [664683],1.0.10008
Trojan.FlyStudio, C:\PROGRAMDATA\MALWAREBYTES' ANTI-MALWARE (PORTABLE)\DEFAULT.SFX-U.MBAM, No Action By User, [8009], [664683],1.0.10008
Trojan.FlyStudio, C:\WINDOWS\TEMP\AVAST_ASH2\WINRAR ARCHIVER (64 BIT)\WINRAR-X64-570CZ.EXE, No Action By User, [8009], [664683],1.0.10008
I am attaching the file.
Is this please false positive or real? Thanks.
-
I would also like to ask.
Avast was mentioned here:
Trojan.FlyStudio, C:\WINDOWS\TEMP\AVAST_ASH2\WINRAR ARCHIVER (64 BIT)\WINRAR-X64-570CZ.EXE, No Action By User, [8009], [664683],1.0.10008
Could it have been modified somehow and therefore roguekiller reports it as old version, or does it report it incorrectly? Thanks
-
Hi Faergor,
This this the output of a MBAM log, not a RogueKiller one.
However, this file looks suspicious, so I advise you to open a new thread on Malwarebytes forum (https://forums.malwarebytes.com/forum/7-windows-malware-removal-help-support/) to check this out.
Regards.
-
Sure,thanks :).
-
Hi Faergor,
You are very welcome.
Regards.