pablozi

Seems to be all good now.

Since yesterday MBAM Pro is detecting legitimate NVT ERP file as Hoax.SMS. File is located in C:\Program Files\NoVirusThanks\EXE Radar Pro\ ERPx86.zip

Hi all! I would like to present you a very nice GUI concept created by malwaretips.com/User-MrXidus from MalwareTips forums. I think it is really worth a consideration, just have a look at the project: For any further details, please have a look at this thread at MalwareTips.

I would call it "Uncategorized" or something like that, but why "Trojan.Agent"? And why original svchost.exe, digitally signed by MS, placed in C:\Windows is also flagged as "Trojan.Agent" as you can see it here?

There shouldn't be a svchost.exe file on my desktop too, but when placed fake file on desktop, MBAM says it is clean. Quite strange isn't it?

The same test was previously done by one of Safegroup.pl forums members: http://forum.safegroup.pl/viewtopic.php?f=44&t=4282#p113902 [page in Polish language -please use Google Translate].

Hello everyone. I've just readed very interesting thing on Anti-malware.ru forums. It looks like MBAM is using file name and it's location to determine if it is malware or not. For example: I have created fake, empty svchost.exe file and placed it on C: drive. And below result of the scan: The same file placed on desktop or D: drive, scanned using the same malware database is CLEAN!!! So I am asking - is MBAM fooling us?