waking

Done. Used same thread title there as here.

Buttons - Thanks for the reply and welcome, but I don't think it addresses the issue. All Malwarebyte's scans were done with the same database, in rapid succession. The only time lag was the time it takes to rename the file. With one of the long names, it gets caught. Shorten the name, it's missed. Rename it again to another of the longer names, it gets detected again.

Yesterday I received an unsolicited email regarding a fictitious UPS delivery. Suspecting that the attachment was a trojan, I submitted it to Virus Total where seven scanners flagged it. I then scanned it with Malwarebyte's Anti-Malware. It flagged the file as infected: Trojan.Email.Gen So far so good. But while doing some tests to check out other scanners, etc. I encountered an oddity when I went back and rescanned the file with Malwarebyte's: the file *wasn't* flagged as infected when I rescanned it. The only difference in the two scans was that the second time the filename had been shortened to 8.3 format when I unzipped the infected .exe, whereas the first time the filename was a long name. I did several tests with the same file shortening the filename for each successive test. Here are the results: Filenames which resulted in a detection: UPS_invoice_1145.exe UPS_invoice_114.exe UPS_invoice_11.exe UPS_invoice_1.exe UPS_invoice_.exe UPS_invoice.exe Filenames which did NOT result in a detection: UPS_invoic.exe UPS_invoi.exe UPS_invo.exe UPS_inv.exe UPS_in.exe UPS_i.exe UPS_.exe UPS.exe invoice.exe Why is the ability to detect it as a trojan dependent on the filename? Seems like a pretty fragile way to catch malware.