Running MBAM on Vista, for the first time, I’ve got an infected status:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WS2IFSL (Fake.Driver) → No action taken.

File is clean… http://www.virustotal.com/pt/analisis/51d44667123e2aa07428726b59c37583

Any help on it?

Well firstly it isn’t alerting on the file but a registry entry, so I’m not too surprised that nothing is detected in the file.

I would certainly report it as a possible false positive.

My registry key (in XP Pro) doesn’t have most of those entries, see image.

Hi Tech,

I googled up this, consider and read:
http://forums.techarena.in/windows-security/232567.htm

pol

Update, I have just run both a quick and full scan using MBAM and no detection on my system.

Update: I have just downloaded the latest updates and bingo I get a detection on that one, plus another one.

So somewhere between my last update on Saturday and today these have crept in with the signature updates and I know my system is clean.

Edit:
See, http://www.malwarebytes.org/forums/index.php?showtopic=12426
and (my second FP) http://www.malwarebytes.org/forums/index.php?showtopic=12417.

So it seems this has been reported already, watch and wait. I selected Ignore on both detections.

Sorry. The file is listed on the picture I’ve posted.

Yes but it is objecting to the registry entry and not a specific file, see my image as it is now detecting on my system (after updating the signatures and the file isn’t mentioned in my registry key.

The latest MBAM update resolves this:
http://www.malwarebytes.org/forums/index.php?showtopic=12417

Seems ok now…

Yes, both of my FPs are now resolved.