imgvemver1.6.exe detected as a downloader by MBAM

[John2009]

I did a regular scan with MBAM to see  if I was infected with anything. Along with a Adware.Hotbar, a file called imgvemver 1.6 was said to be a trojan.Downloader. It's in my D drive and nothing appears except a lock with system restore spelled out under it. Is it a False positive or Malware. i can't scan it with anything but MBAM.



Malwarebytes' Anti-Malware 1.37
Database version: 2259
Windows 5.1.2600 Service Pack 3

6/10/2009 9:52:18 PM
mbam-log-2009-06-10 (21-52-09).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 265429
Time elapsed: 2 hour(s), 52 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
d:\i386\Apps\App20460\imgvemver1.6.exe (Trojan.Downloader) -> No action taken.

[!Donovan]

Try sending the file(s) to VirusTotal to see if Malwarebytes' Antimalware's statement was true.

[John2009]

I can't, it doesnt appear in the Main D drive area, MBAM Quarintined it for noq.

[!Donovan]

UNquarintine it and then send the infected file to VirusTotal.

[CharleyO]

***

Please do not take imgvemver1.6.exe out of quarantine. MBAM put it there for a good reason. Run MBAM again and let it delete those 2 entries. It is possible this is related to Vundo or related to other malware.


***

[John2009]

ok I will, and It didnt appear there in the first place so there was no way of sending it to VirusTotal.