Odd findings in Microsoft Malicious software removal tool

[Hopper642]

I updated windows 8.1 64 on Monday and noticed that there was the Malicious software removal tool a day early. I was expecting it Tuesday with the regular updates. Anyway, I ran it Monday with no issue. After the 30+ updates yesterday, I ran it again. It found no malware, but it asked permission to send Microsoft several files that might be infected. Never had this happen before. They appear to be Microsoft system files. I just don't get it. I ran Microsoft's windows defender and it found nothing. I know it is not the best antivirus available by far, but I just like the ease of its use. What do you think is going on here? Just a bunch of false positives? Thanks.

I have pictures of the files here:

http://rog.asus.com/forum/showthread.php?58892-Are-these-windows-viruses

 

[lxskllr]

I have pictures of the files here:

http://rog.asus.com/forum/showthread.php?58892-Are-these-windows-viruses

 

[Ketchup]

I can't see the pics because I am not a member over there, but I have had MSE give a couple false positives before (as well as other AVs), so it is not unheard of.

Out of curiosity, you might want to run Kaspersky's online scanner and see if it picks up anything:
http://www.kaspersky.com/security-scan

 

[Hopper642]

Oh, sorry about that. How can I upload the pictures so you can see them?

 

[lxskllr]

Oh, sorry about that. How can I upload the pictures so you can see them?

Imgur is a fast and easy host.

 

[Hopper642]

 

[Hopper642]

 

[Hopper642]

 

[Hopper642]

 

[Hopper642]

I keep running mrt.exe in windows and I keep getting the same thing. I bunch of files sometimes that are not designated as malware or viruses, but are thought to harbor a virus. So the program asks permission to send the files to Microsoft for analysis. ?? Looks like windows files to me.

 

[lxskllr]

I haven't run Windows in a long time, but they look like third party software to me. I'd try virus total for a second opinion. You'll have to spend some time uploading, but it won't take long.

https://www.virustotal.com/

 

[Hopper642]

Thanks. I will give it a try.

 

[Ketchup]

This is very odd, because it is looking at the winsxs references, which are hard links only. And the files I looked at: msadp32 acm is just a normal codec and hidphone.tsp is for the telephony service.

So you may want to run that Kaspersky scan, because the file references it is referring to is nothing to get excited about.

 

[Hopper642]

Just ran a few files on virustotal as recommended. No problems found. Seems to be system files to me.

 

[Hopper642]

I think they are all false positives.

 

[Hopper642]

This is very odd, because it is looking at the winsxs references, which are hard links only. And the files I looked at: msadp32 acm is just a normal codec and hidphone.tsp is for the telephony service.

So you may want to run that Kaspersky scan, because the file references it is referring to is nothing to get excited about.

Just ran Kaspersky. 0 Threats found.

??

 

[Ketchup]

You are good then. False positives. If you haven't, you may want to let them be submitted, which might help Microsoft find out what the problem is.

 

[Hopper642]

You are good then. False positives. If you haven't, you may want to let them be submitted, which might help Microsoft find out what the problem is.

Thanks. I have done that, but it keeps giving the same files.

 

[corkyg]

If you have those files elsewhere, why not replace them?

 

[Hopper642]

They are system files. Didn't want to touch them.

Just ran the MRT again and it finally had no additional files to submit for analysis. ?? Weird.

 

[Berryracer]

They are system files. Didn't want to touch them.

Just ran the MRT again and it finally had no additional files to submit for analysis. ?? Weird.

get a real Antivirus for God's sake and disable that useless Defender

 

[nemesismk2]

get a real Antivirus for God's sake and disable that useless Defender

my thoughts exactly as well