Jump to content

Old Database MBAR Detections, False Positives?


Recommended Posts

I regularly do a quick scan using MBAM on my computer. I recently decided to try the MBAR scan, however I forgot to update the database version.

Database version:
  main:    v2017.10.25.11
  rootkit: v2017.10.14.01

I did a scan and it detected 16 malware which had never ben detected by MBAM.

mbar-log-2022-07-02 (15-11-00).txtsystem-log.txt

I had then clicked on clean up to remove the detected items and I did a scan again on MBAR but this time updating the database version, and found nothing.

These detections did not pop up within MBAM when I do regular scans, but I decided to do a MBAR scan on the old database and found detections. Could this be a false positive?

have done a bit more digging, and I think I’ve discovered that the files flagged as Spyware.Pony were false positives as they seem to be legitimate files, could all these detections be because I was running MBAR on the old database? Is there any way to check whether the detections in the old database would be considered a detection in the newer databases? 

Assuming MBAM and MBAR use the same database, I am guessing that MBAM didn’t detect anything before because it is the updated database and there are no infections, however MBAR when I ran it on the old database it detected things, whereas the new database wouldn’t have, which would mean the detections I got in my scan are all false positives? 


Link to post
Share on other sites

  • Staff

The files are related with this: https://support.2k.com/hc/en-us/articles/5534336523155-2K-LAUNCHER-TROUBLESHOOTING

So if you have any issues, it says there how to reinstall the lastest one (as some do delete these contents manually already in case of problems)

As for the keys, these shouldn't be a problem if they got deleted, since if a new program requires/needs it, it will re-register these again anyway. So you should be ok.


Link to post
Share on other sites

When you say “…files/key…” do you mean “keys”? So all files and keys were not malicious, their signatures were on the old database whereas in the new one they are not because they were found to not be malicious, am I right in saying this? I am just trying to wrap my head around this.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.