Malware Bytes Scan
in [Anti-Virus]
|
Prev: "Norton Internet Security 2010" customer reviews
Next: Top 5 Free Single File Online Virus Scan Services
From: Dustin Cook on 13 Dec 2009 14:15 "Buffalo" <Eric(a)nada.com.invalid> wrote in news:hf9ob3$ap6$1(a)news.eternal- september.org: > FredW wrote: >> >> Looks like the same kind of problem Avast had today. > > Huh? Why did MBAM and Avast have problems around the same time? We had temporary problems with our database... Shrug. Sorry. We fixed it quick, but evidently not quick enough; some systems did get the bad definitions. > What is the connection?? None. > Do they share or steal each others definitions? We don't share definitions with anyone. It wouldn't do much good; Definitions are typically custom and very specific to the antimalware engine. For example, the definitions system in use by BugHunter (my app) is entirely 100% incompatable with the definitions system used by malwarebytes antimalware. While some definitions can and do consist of hashes or checksums of some sort, others do not. -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on 13 Dec 2009 14:15 FredW <fredw(a)blackholespam.net> wrote in news:djthh5p5538iahpe79ajicocjvrch96qoa(a)4ax.com: > On Thu, 3 Dec 2009 20:08:48 -0700, "Buffalo" <Eric(a)nada.com.invalid> > wrote: >>David H. Lipman wrote: >>> From: "Buffalo" <Eric(a)nada.com.invalid> >>>> FredW wrote: >>> >>>>> Looks like the same kind of problem Avast had today. >>> >>>> Huh? Why did MBAM and Avast have problems around the same time? >>>> What is the connection?? >>>> Do they share or steal each others definitions? > >>> >>> Pure coincidence of a rash of False Positives! >> >>I really don't believe that explaination! > > Sometimes the reality is amazing. > :-)) > Even better than science fiction. -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on 13 Dec 2009 14:17 "Leonard Agoado" <agoado(a)msn.com> wrote in news:pt- dnbbWtKiRHITWnZ2dnUVZ_s2dnZ2d(a)giganews.com: > "FromTheRafters" <erratic(a)nomail.afraid.org> wrote > > >> For example if both entities stole their defs from >> PCButts - all three would FP on the same files for the same malware... > > > FTR, > > Do you imagine, in the scenario described above, either entity > functioning well enough to make it to that point? You would have to have the entire staff from both companies really, insanely out of their heads for this to happen; and actually go live. :) -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on 13 Dec 2009 14:18 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in news:hfc69r0l08(a)news3.newsguy.com: > From: "FromTheRafters" <erratic(a)nomail.afraid.org> > >| "Leonard Agoado" <agoado(a)msn.com> wrote in message >| news:pt-dnbbWtKiRHITWnZ2dnUVZ_s2dnZ2d(a)giganews.com... > >>> "FromTheRafters" <erratic(a)nomail.afraid.org> wrote > > >>>> For example if both entities stole their defs from >>>> PCButts - all three would FP on the same files for the same >>>> malware... > > >>> FTR, > >>> Do you imagine, in the scenario described above, either entity >>> functioning well enough to make it to that point? > >| Of course, virus (or malware) description language is not a >| programming language. > >::oD > >| Butt's programs work reasonably well even though the data files >| describing the malware are stolen from the actual people doing the >| research to create them (the "engines" consuming that data are >| probably stolen as well, by this has not been demonstrated as well as >| the other aspect has). > >| If you recall the "other" thieves (from China?) - they actually gave >| the same malware name (marker) in the alert, probably because the >| engine (maybe even the GUI) is stolen as well. > > > Yes, IObit's theft of the Malwarebytes database is an excellent > example. > > Those who decrypted the IObit database and the Malwarebytes database > have *NO DOUBT* of this theft. > Hard to have doubt when it's line for line, character for character. Hell, iobit modified their software to support our definitions! <G> -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on 13 Dec 2009 14:20
"FromTheRafters" <erratic(a)nomail.afraid.org> wrote in news:hfc4ql$ssg$1 @news.eternal-september.org: > "Dave Cohen" <user(a)example.net> wrote in message > news:hfbfr9$mch$1(a)news.eternal-september.org... >> Dave Cohen wrote: >>> Just updated MalwareByte and scanned system. Getting over 400 >>> 'Trojan.Downloader' messages on files that have been on the system >>> forever. Avira doesn't find anything. >> >> All is well. My 12/3 update installed 3287 and the scan indicated >> problems I stated. >> Today (12/4) I updated and installed 3289, full scan showed zero >> problems. >> One curious note: I don't recall having to re-start the computer after >> yesterday's update. Today I received and responded to that message. >> Thanks for all your replies. > > Often, that is indicative of a program update as opposed to just a > definitions update. I'm not sure if Malwarebyte's Anti-Malware shares > this nature so familiar with the AV programs. No. Our engine update consists of a new version installation. We do not presently do things the way some, but not all antivirus companies do. -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk |