 |
 | Win.Trojan.Xtoober-468 False Positive |  |
|
ThomasAAnderson
|
|
I would like to verify if anyone else has this problem with Malwarebytes Anti-Rootkit. Here are the details.
Malwarebytes Anti-Rootkit ver 1.07.0.1005 Scan Started Wed Sep 11 23:24:15 2013 ------------------------------------------------------------------------------- C:\Users\Carlo\Downloads\mbar-1.07.0.1005.exe: Win.Trojan.Xtoober-468 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 2746604 Engine version: 0.97.8 Scanned directories: 7 Scanned files: 1025 Infected files: 1 Data scanned: 349.56 MB Data read: 1684.65 MB (ratio 0.21:1) Time: 156.010 sec (2 m 36 s) -------------------------------------- Completed -------------------------------------- |
|||||||||||
|
|||||||||||||
 |
| Slightly different result | |
|
brewers1023
|
|
I am having sudden problems as follows:
Unable to do a system restore further back than a few days Computer has crashed twice to the blue screen Safe mode run of Clamwin reveals win.Trojan.Jorik-5875 and states it is a false positive. I am perplexed because my previous scans didn't reveal this and now I am having problems. What is it?   [/list] |
|||||||||||
|
|||||||||||||
|
| Slightly different result | |
|
brewers1023
|
|
I am having sudden problems as follows:
Unable to do a system restore further back than a few days Computer has crashed twice to the blue screen Safe mode run of Clamwin reveals win.Trojan.Jorik-5875 and states it is a false positive. I am perplexed because my previous scans didn't reveal this and now I am having problems. What is it? [/list] |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
It looks like you both may have a false positive. If you can get the detected file, upload it to either Jotti or Virus Total to see if other AVs besides Clam AV detect it. I lie to see at least 2 of these AVs on Jotti or Virus Total detect something before I believe it: Avira AntiVir, Bitdefender, Nod 32, Kaspersky, or Sophos. If the file is not detected by an good quality AVs besides Clam AV, visit the Clam AV submit page and upload it to them so they can correct their false signature. Be sure to choose the false positive upload page. There is another page for undetected viruses.
Regards, |
|||||||||||
|
|||||||||||||
|
| Still Having Issues | |
|
brewers1023
|
|
I ran a check disk last week that appeared to clear things up for me. I say appeared because since I have had one more BSOD and periodic black screen flickers that return to normal quickly. I have noticed a fade to the screen occasionally too and slowness, omg!
Google says run netstat and in doing so I nearly cried at the amount of 'connections' that came up. Now I am afraid to go on my computer because it looks like my computer is being remoted. I don't even know the extent of how bad this could be. I have run ClamWin which only says that I have an infection of Win.Trojan.Xtoober-468 which I am reading is simply a conflict of running MalwareBytes Anti-Rootkit. MalwareBytes AntiRootkit can't complete the scan because it says the system volume is inaccessible or encrypted. Besides that I have run unmask parasites on my blog website which is hosted by bluehost and I have run Kapersky. All have really come up with nothing. Now for a little background, I set up my blog a few weeks ago (3ish) and in my overzealousness to get started, I forgot to set up an anti-spam plugin. Can you believe it isn't automatic? I began getting tons of spam comments on the blog which reminded me what I needed to do and wala, no more spam comments but I am sure this is related. Please, what should I try next? Do I just reinstall windows and start from scratch? Will that really rid this trouble? |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
I suggest you get Malwarebytes Antrootkit (beta) available free at the Malwarebytes web site. You do not need to install it--just download and run. I suggest that you either download it on a clean computer to USB or get into Windows Safe Mode (with networking) and download it to desktop on the infected computer. Once downloaded, you will have to unzip it. It will unzip to an MBAR folder. Once unzipped, open up the folder, and run the MBAR.exe file. When it runs, choose to update it to get the latest definitions. Then choose next and then choose scan. It will do a rootkit scan and then it will do a normal Malwarebytes scan. It will probably find any current virus that you have. After it scans, if nothing was found, do another scan just to make sure. If something is found, the program should tell you what to do. Good luck!
Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
I suggest you get Malwarebytes Antrootkit (beta) available free at the Malwarebytes web site. You do not need to install it--just download and run. I suggest that you either download it on a clean computer to USB or get into Windows Safe Mode (with networking) and download it to desktop on the infected computer. Once downloaded, you will have to unzip it. It will unzip to an MBAR folder. Once unzipped, open up the folder, and run the MBAR.exe file. When it runs, choose to update it to get the latest definitions. Then choose next and then choose scan. It will do a rootkit scan and then it will do a normal Malwarebytes scan. It will probably find any current virus that you have. After it scans, if nothing was found, do another scan just to make sure. If something is found, the program should tell you what to do. Good luck!
Regards, |
|||||||||||
|
|||||||||||||
|
 | Win.Trojan.Xtoober-468 False Positive | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.