False positive on Trojan.NetStop?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View



I ran a full system scan with MBAM and it came up with a hit on
C:\Windows\System32\Msdirectx.exe, calling it a Trojan.NetStop. MBAM
quarantined and removed the file, but now I see that this may be a
false positive?

OS is WinXP SP3, fully patched.

-
 False positive van MalwareBytes?
 http://www.blog.pcbeveiligen.nl/?p=161
-


Re: False positive on Trojan.NetStop?



wrote:

Quoted text here. Click to load it


Translation of the words in Italic:

---------- begin quote ----------
Hi there, we (Microsoft) do not have a file named "msdirectx.exe". When
you download this file you can see it has no signature of Microsoft what
is "standard" with files from Microsoft.
During downloading I got a message from my ForeFront Client Security
that this file is a Trojan, named Win32/NetStop.B

So it is not a false positive, but definitely a Trojan.
Remove from your system immediately.
---------- end quote ----------

So MBAM is right!

I suppose my Dutch is better than yours.
 ;-)

--
Fred W. (NL)

Re: False positive on Trojan.NetStop?



wrote:

Quoted text here. Click to load it

My Dutch is almost non-existent, except for certain words that are
close enough to German that I can make them out. Thanks for the
translation! :)


Site Timeline