Jump to content

Could Malwarebytes by missidentifying Trojan-Banker?

Recommended Posts

I am concerned. Suddenly, my malwarebytes updated its database and is now detecting Trojan-Banker in 2 files. These files are part of the "Uniform Server" package. I have quaranteed and deleted the files.

The trojan was detected in the files Start_as_program.exe on version Coral_8_6_7.exe this evening. I deleted the entire directory, went to Uniform Server, retrieved a fresh version Coral_8_6_8.exe and files Start_as_server.exe and Start_as_program.exe are detected as infected with Trojan-Banker.

It could be the Uniserver actually contains a Trojan, but, it seems strange ... I thought Uniform Server was a credible product. I need to contact them if they truly have a problem that they are distributing.

How can I test to determine if it is their package infected or a mis-detection on the part of Malwarebytes?

Link to post
Share on other sites

Hello and welcome coastalwanderer:

If these files were part of a program that had been installed on your system for some time, it's possible that the detections may have been a False Positive.

If the files are in MBAM Quarantine, it's perfectly safe to leave them there for a time, as they cannot harm your computer (rather than deleting them by emptying the Quarantine).

Moreover, the MBAM engineers will need you to upload the files for them to check the files as a possible FP.

So, in order to determine if they are a False Positive, please follow the instructions in this sticky topic: READ BEFORE REPORTING A FALSE POSITIVE!

Then, please start a new post with the requested information in the False Positives section of the forum: False Positives

The MBAM engineers will analyze the files and, if they are a FP, they will correct the detection in the next database update.



Link to post
Share on other sites

I apologize for opening this post. Though I was having a problem, requesting update on Malwarebytes (today) seems to have eliminated the problem. Perhaps I had an incomplete data update yesterday, or perhaps I had some other strange condition occuring. The problem has vanished, this post should be closed.

Thank you for your reply.

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.