Malware Bytes Scan

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


Just updated MalwareByte and scanned system. Getting over 400
'Trojan.Downloader' messages on files that have been on the system
forever. Avira doesn't find anything.

Re: Malware Bytes Scan



Quoted text here. Click to load it
.
I would trust MBAM, but if you want a second opinion install Hitman Pro
(free thirty day license) or SuperAntiSpyware.  I find that AV is
notoriously unable to detect the types of malware that MBAM, SAS etc. are
designed to find/remove.


Re: Malware Bytes Scan




Quoted text here. Click to load it

Are you sure it is MBAM and not Avast?
 ;-)

I would wait for the next update and then scan again.

In the meantime for a second opinion
- SuperAntiSpyware (Free Edition)
http://www.superantispyware.com/download.html

--
Fred W. (NL)

Re: Malware Bytes Scan



FredW wrote:
Quoted text here. Click to load it
This was a problem with Update 3286 which was only out there for a
little while. It was replaced with 3287, then 3288.

There were several threads on the MBAM forums.

RB

Re: Malware Bytes Scan



On Thu, 03 Dec 2009 18:19:16 -0500, Rube Bumpkin

Quoted text here. Click to load it

Looks like the same kind of problem Avast had today.

--
Fred W. (NL)

Re: Malware Bytes Scan





FredW wrote:
Quoted text here. Click to load it

Huh? Why did MBAM and Avast have problems around the same time?
What is the connection??
Do they share or steal each others definitions?
Buffalo



Re: Malware Bytes Scan






| FredW wrote:

Quoted text here. Click to load it

| Huh? Why did MBAM and Avast have problems around the same time?
| What is the connection??
| Do they share or steal each others definitions?
| Buffalo



Pure coincidence of a rash of False Positives!

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Malware Bytes Scan





David H. Lipman wrote:
Quoted text here. Click to load it

I really don't believe that explaination!
Buffalo



Re: Malware Bytes Scan





Quoted text here. Click to load it

| I really don't believe that explaination!
| Buffalo


Sorry, that's the way it is.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Malware Bytes Scan





David H. Lipman wrote:
Quoted text here. Click to load it

I guess so. That kind of coincidence just throws up a red flag to me.
Thanks for the response.
Buffalo



Re: Malware Bytes Scan






| David H. Lipman wrote:


Quoted text here. Click to load it




| I guess so. That kind of coincidence just throws up a red flag to me.
| Thanks for the response.
| Buffalo


I understand.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Malware Bytes Scan



wrote:
Quoted text here. Click to load it


Sometimes the reality is amazing.
 :-))

--
Fred W. (NL)

Re: Malware Bytes Scan




Quoted text here. Click to load it

Even better than science fiction.


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk

Re: Malware Bytes Scan



Quoted text here. Click to load it

If it were more than a coincidence, it would be the *same* malware being
purportedly found by each program, since you are talking about the def
files being possibly shared or stolen. For example if both entities
stole their defs from PCButts - all three would FP on the same files for
the same malware (possibly giving different malware names as a result).



Re: Malware Bytes Scan






Quoted text here. Click to load it


FTR,

    Do you imagine, in the scenario described above, either entity
functioning well enough to make it to that point?

Regards,

Len Agoado
agoado@msn.com



Re: Malware Bytes Scan



Quoted text here. Click to load it

Of course, virus (or malware) description language is not a programming
language.

:oD

Butt's programs work reasonably well even though the data files
describing the malware are stolen from the actual people doing the
research to create them (the "engines" consuming that data are probably
stolen as well, by this has not been demonstrated as well as the other
aspect has).

If you recall the "other" thieves (from China?) - they actually gave the
same malware name (marker) in the alert, probably because the engine
(maybe even the GUI) is stolen as well.



Re: Malware Bytes Scan







Quoted text here. Click to load it




| Of course, virus (or malware) description language is not a programming
| language.

::oD

| Butt's programs work reasonably well even though the data files
| describing the malware are stolen from the actual people doing the
| research to create them (the "engines" consuming that data are probably
| stolen as well, by this has not been demonstrated as well as the other
| aspect has).

| If you recall the "other" thieves (from China?) - they actually gave the
| same malware name (marker) in the alert, probably because the engine
| (maybe even the GUI) is stolen as well.


Yes, IObit's theft of the Malwarebytes database is an excellent example.

Those who decrypted the IObit database and the Malwarebytes database have *NO
DOUBT* of
this theft.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Malware Bytes Scan




Quoted text here. Click to load it

Hard to have doubt when it's line for line, character for character.
Hell, iobit modified their software to support our definitions! <G>


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk

Re: Malware Bytes Scan



dnbbWtKiRHITWnZ2dnUVZ_s2dnZ2d@giganews.com:

Quoted text here. Click to load it
 
You would have to have the entire staff from both companies really,
insanely out of their heads for this to happen; and actually go live. :)


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk

Re: Malware Bytes Scan



september.org:

Quoted text here. Click to load it

We had temporary problems with our database... Shrug. Sorry. We fixed it
quick, but evidently not quick enough; some systems did get the bad
definitions.

Quoted text here. Click to load it

None.


We don't share definitions with anyone. It wouldn't do much good;
Definitions are typically custom and very specific to the antimalware
engine. For example, the definitions system in use by BugHunter (my app) is
entirely 100% incompatable with the definitions system used by malwarebytes
antimalware. While some definitions can and do consist of hashes or
checksums of some sort, others do not.



--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk

Site Timeline