Malwarebytes probably picking up false positives again

HI Nexus

TBH every antivirus/malware software will at some point give out false positives, none are 100% effective at catching all malware anyways, the onus is in two parts to keeping a computer as free from malware as possible.

1. Keeping any anti-malware/virus, all 3rd party software and Windows fully upto date
1a. is not having too many antivirus/malware live scanning apps on a PC as false positives can happen at times
2. The user safe surfing and downloading and having a small amount of doubt about any alert about malware found on a PC as the alert may just be the malware itself.

The best thing in that users case you highlighted is to follow the advise Chas gave, but also look in the location of the highlighted wordpad.exe is it the correct location for the Windows used, test the exe at something like Jotti

indeed Wordpad is found in C:\Program Files\Windows NT\Accessories\en-GB but thats the exact file that user found in the mui version (Multi User Interface) the full exact general exe that runs is one folder up C:\Program Files\Windows NT\Accessories

The en-GB folder will be the english language of Wordpad, if a US user looks its likely in en-US etc for other languages.

As for Malwarebytes, I find the new version (2.04.1028) fine and ok, latest virus dat file v2015.02.18.05 didnt pick up any issues at all and didnt flag wordpad.

not going past v1.75 is a choice but at some point in the future updates will likely stop and the app may not in the older form protect, what are the "bonus" features you can adjust in 1.75 that 2.04 cannot? Its great that a company offers free versions, and we all know that they will have features not available in free versions that paid have, this is business and how a company can offer us free versions.

 

HI

What other security software do you have installed and as Eldon said do post your Windows version.

What types of false positives does it pick up in your Virtual Drive, screenshot will help in file names and locations. Plus do test the actual files on Jotti.

Edit: as the poster in that other thread has posted some logs and looks as if today's definition update may have cured a possible false positive, so run MBAM and update and run again to check yours.

More info HERE from Malwarebytes, as I mentioned some if not all security software will at times flag a legit app or file up, its a measure of the company to how quick they fix it, and this is a good quick turnaround.

 

Hi

Are you still getting the same trojan alert?

If a antimalware app has a false positive in its database def file and its liked as this one was to a core Windows component then you will always get the same flagged file no matter how many times you re-install Windows, until the false positive is removed in the next database update.

Sadly can happen with any security applications update (for that matter Windows itself), in work we had Trend Enterprise and one update of theirs rendered all Office documents on the network un-openable and usable, good job we have backup servers, this issue affected in our building complex 600+ users.

So this is why backup of important data is always needed, personally I never keep personal or important data on a OS drive.