Jump to content

VirusTotal incorrectly reports Malwarebytes as not detecting SVHOST.exe


Recommended Posts

Is there a way to add the file to the MalwareBytes proper definitions, so that it can catch it without any heuristics?

By the way, since my antivirus software - Microsoft Security Essentials - catches and removed this trojan, I have to disable it first, then test with MalwareBytes.

Do you want the file itself too?

It is a very dangerous trojan.

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2012.12.29.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

[user name] :: xxxxx-PC [administrator]

29.12.2012 16:17:09

mbam-log-2012-12-29 (16-17-09).txt

Scan type: Custom scan (D:\Documents\Virus\svhost.exe|)

Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM

Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P

Objects scanned: 1

Time elapsed: 3 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

D:\Documents\Virus\svhost.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Why can I still not edit my posts? You said 10 posts will remove this limit.

Anyway, this trojan signature (plus possibly the Registry entries it creates on infecting a system) should be added to your definitions!

All of your major competitors detect and clean this trojan, with the sole exception of "Avast!".

Link to post
Share on other sites

No problem on the posts issue.

It just seems to be this makes MalwareByte look bad, because VirusTotal reports the virus/trojan as undetected by it.

Also, will MalwareBytes clear & stop the trojan completely? I mean stop any active EXEs, remove Registry entries/etc?

I am testing the svhost.exe removal with it being inactive, for obvious reasons (when it was active, the trojan maker started editing my files :)).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.