lordpake

ClamAV detecting part of MBAM

17 posts in this topic

Seems there's f/p in ClamAV database regarding certain file belonging to MBAM.

C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe: Joke.FakeInfect FOUND

(At least) I have reported this to them.

Share this post


Link to post

Will do :) I have no idea have fast (or slow) those guys are correcting f/p's ...

Share this post


Link to post

Mcafee Enterprise is also showing mbam-dor.exe to be infected with Generic.dx Trojan

Share this post


Link to post
Mcafee Enterprise is also showing mbam-dor.exe to be infected with Generic.dx Trojan

is somebody else reporting mcafee enterprise or shall i ???

*edit nm done it

Share this post


Link to post
Fortinet is now detecting this file as a PossibleThreat

I reported that one to them (or so I hope).

Share this post


Link to post

All seems a bit too coincidental.

Share this post


Link to post
Got a reply from Fortinet. They have removed the detection. And running the file throug VT confirms this :)http://www.virustotal.com/analisis/a551202...b6899e29f49b527

Welcome to the world of cutthroat Antivirus. :)

Basically, when one major player decides to detect something, the others tend to follow suit until/unless it's brought to their attention that the suspect file isn't bad at all. The only recourse for the user is to wait for their av to fix the issue, or switch to another av. Neither of which is what I would call, excellent as your at the avers mercy at that point.

Share this post


Link to post
ClamAV update process started at Thu Oct 16 12:40:03 2008

main.cld is up to date (version: 48, sigs: 399264, f-level: 35, builder: sven)

daily.cld is up to date (version: 8433, sigs: 48055, f-level: 35, builder: guitar)

2 weeks has passed. False positive detection involving mbam-dor.exe remains.

They obviously place high priority on fixing false positives :blink: Lucky for us MBAM users Clam-derivates enjoy such widespread usage in the Windows world

Share this post


Link to post

Real time protection of Kasperky Internet Security 2009 detects MBAM 1.30 setup file as "Trojan.Generic", It's a false positive, I know.

I could install MBAM anyway :)

Share this post


Link to post

(I just had to resurrect this thread :) )

Ah! The ultimate in irony :)

I did a memory scan with ClamWin, witness the shocking result:

D:\Program Files\ClamWinPortable\ClamWinPortable.exe: Trojan.Agent-65355 FOUND

:) Seems it happens even to the best of us.

Share this post


Link to post
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.