Rainbow1112 Posted December 7, 2008 ID:38591 Share Posted December 7, 2008 with malwarebytes enable on protection and started with windows. IT detect many file on startup as Trojan vundo but right clicking on the files and scan does not report any virus... i printscreen 3 of the fp file and have attach below Link to post Share on other sites More sharing options...
Night_Raven Posted December 7, 2008 ID:38592 Share Posted December 7, 2008 I second that. Rebooted a few minutes ago and after the reboot MBAM went crazy and began detecting basically everything I started as a "Trojan.Vundo".Program version is 1.31 and definitions are the latest. Tried uninstalling MBAM, rebooting, cleaning the temporary folders and installing it again, but without avail.Right now it acts like a HIPS program.OS is Windows XP Professional SP3. Link to post Share on other sites More sharing options...
Rainbow1112 Posted December 7, 2008 Author ID:38593 Share Posted December 7, 2008 lots of other files are detected but i cant do a printscreen for every 1 of them... Link to post Share on other sites More sharing options...
Night_Raven Posted December 7, 2008 ID:38597 Share Posted December 7, 2008 Performed another testFirst: uninstall, reboot, reinstall, no update, activate real time protection, reboot. Everything was fine.Then: update, reboot. False positives started again.Conclusion: something in the latest definitions (version 1469) is causing all this.Added: manual scan reports no problems/malware. Link to post Share on other sites More sharing options...
Ni3K Posted December 7, 2008 ID:38602 Share Posted December 7, 2008 Yep can confirm the exact same problems today after rebooting. Norton is now classed as Trojan vundo along with several other applications.Had to uninstall malwarebytes for now. Hope this gets resolved quickly. All started after the last update to 1469 as earlier stated... Link to post Share on other sites More sharing options...
fredvries Posted December 7, 2008 ID:38603 Share Posted December 7, 2008 Yup, I can confirm it too.It detected loads of normal starting services as malign, wanted to stop them and my whole system froze to the point I had to shut it down with the on/off button. Link to post Share on other sites More sharing options...
ventanas Posted December 7, 2008 ID:38606 Share Posted December 7, 2008 Got this mess on three machines, just about everything is reported as malware.For the moment have disable running when Windows starts.I suppose we will have to wait for the next update, which I hope is soon.Is there any way of reporting this? Link to post Share on other sites More sharing options...
mona7865 Posted December 7, 2008 ID:38607 Share Posted December 7, 2008 Same problem here (Win SP SP3). I had to turn off the protection module as almost everything program was reported as having Trojan.Vundo.A quick scan reveils nothing:Malwarebytes' Anti-Malware 1.31Database version: 1469Windows 5.1.2600 Service Pack 37/12/2008 14:26:49mbam-log-2008-12-07 (14-26-49).txtScan type: Quick ScanObjects scanned: 62286Time elapsed: 5 minute(s), 55 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0And the "ignore list" is completely empty. Link to post Share on other sites More sharing options...
legaldeejay Posted December 7, 2008 ID:38614 Share Posted December 7, 2008 Ditto with Trojan.Vundo. Definitely a bug with the last update. I am getting the same thing with legitimate files being detected as this trojan. I am sure they will fix this ASAP.Same problem here (Win SP SP3). I had to turn off the protection module as almost everything program was reported as having Trojan.Vundo.A quick scan reveils nothing:Malwarebytes' Anti-Malware 1.31Database version: 1469Windows 5.1.2600 Service Pack 37/12/2008 14:26:49mbam-log-2008-12-07 (14-26-49).txtScan type: Quick ScanObjects scanned: 62286Time elapsed: 5 minute(s), 55 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0And the "ignore list" is completely empty. Link to post Share on other sites More sharing options...
tevion Posted December 7, 2008 ID:38619 Share Posted December 7, 2008 Same here ...MBAM messed up my system with last definition file.Avast Pro boot time scan found nothing !!MBAM realtime protection says all Avast system files are infected by vundo !!A heavy fp i believe ... .Switching of MBAM realtime protection was the last solution ....Tevion Link to post Share on other sites More sharing options...
nosirrah Posted December 7, 2008 ID:38623 Share Posted December 7, 2008 I need from anyone having this problem a copy of any file being detected . Link to post Share on other sites More sharing options...
nosirrah Posted December 7, 2008 ID:38625 Share Posted December 7, 2008 There has been an update that might have helped , if not I need a copy of any file hit by protection . Link to post Share on other sites More sharing options...
3DFireStarteR Posted December 7, 2008 ID:38628 Share Posted December 7, 2008 I would post all the files hit by the update, but it would be over 100 and i don't have the time ^^ Link to post Share on other sites More sharing options...
exile360 Posted December 7, 2008 ID:38629 Share Posted December 7, 2008 I would post all the files hit by the update, but it would be over 100 and i don't have the time ^^I think all he needs is one to figure it out, not sure though. He said in another thread that another update just rolled out that might have fixed it. Link to post Share on other sites More sharing options...
razzor Posted December 7, 2008 ID:38630 Share Posted December 7, 2008 There are very many programs, Antibot, OpenOffice and many many more Link to post Share on other sites More sharing options...
3DFireStarteR Posted December 7, 2008 ID:38631 Share Posted December 7, 2008 By the way, just for info, i updated the program and now its doing the same but not showing {Trojen.Vundo} its showing {Trojen-Downloader} there are less Fp's now thou, im only getting 3 Link to post Share on other sites More sharing options...
Dagobert51 Posted December 7, 2008 ID:38632 Share Posted December 7, 2008 There has been an update that might have helped , if not I need a copy of any file hit by protection .The update didn't fix the false positives on the startup scanner. I would also post all the files hit by the update, but it would be over 100 and i don't have the time. Malwarebytes reports about everything on two PC's here as trojans and other malware. It's ONLY the startup scanner who has this bug. If you run a quick or complete test with Malwarebytes, nothing is found. It reports both my PC's as clean. It's something wrong with the resident module! As I said, about everything are reportet as malware during startup! Link to post Share on other sites More sharing options...
Rainbow1112 Posted December 7, 2008 Author ID:38633 Share Posted December 7, 2008 dun think the files that are detected will be useful since there a lots being detected and not showing in a quick scan Link to post Share on other sites More sharing options...
tevion Posted December 7, 2008 ID:38634 Share Posted December 7, 2008 I need from anyone having this problem a copy of any file being detected .new signature update (1470) did not help ... same messages again and blocking startup of programs like AVAST Antivirus.see attached screenshot.Tevion Link to post Share on other sites More sharing options...
nosirrah Posted December 7, 2008 ID:38637 Share Posted December 7, 2008 I need a copy of ashAvast.exe please .Also the next update might fix the other problem . Link to post Share on other sites More sharing options...
mona7865 Posted December 7, 2008 ID:38638 Share Posted December 7, 2008 I can confirm there still are a lot of programs blocked as malware after updating to database version 1470.I've written down some but there are still a lot more detected:C\Program Files\Mozilla Firefox\firefox.exeC\Program Files\Spyware Blaster\SQlite36B.dllC\Program Files\Cyberlink\PowerDVD8\CLCR Engine 3.dllC\WINDOWS\system32\avgrsstx.dllC\Program Files\BILLP Studios\Winpatrol\patrolpro.dllC\Program Files\Rogue Remover Pro\Rogue Remover Pro.exeAlso Online Armor, AVG8, Java, Groove, Open Office, Sandboxie, Thunderbird, are detected as Trojan.Downloader.I'm meeting up with a friend now so I had to quit writing down everything but everything looks like the screen shots posted by the other members.EDIT: a quick scan still comes op with nothing and there is absolutely nothing to find in the "ignore list". Link to post Share on other sites More sharing options...
Guest Posted December 7, 2008 ID:38639 Share Posted December 7, 2008 Hello Forum,I am new here so please go easy on me.- Why aren't I getting any of these false positives or warnings?- My setup has some of the same programs mentioned in this thread.I have not had any of the aforementioned warnings from MBAM today. My setup is:- Windows Pro XP SP3- Avast Pro 4.8.1296- ZA Pro 8.059.000- Firefox 3.0.4- MBAM 1.31 (Just updated def file to 1470)A quick scan with MBAM found nothing either.Should I be worried?Peter Link to post Share on other sites More sharing options...
Guest Posted December 7, 2008 ID:38641 Share Posted December 7, 2008 MBAM log for the developers.Malwarebytes' Anti-Malware 1.31Database version: 1471Windows 5.1.2600 Service Pack 37/12/2008 4:51:08 PMmbam-log-2008-12-07 (16-51-08).txtScan type: Quick ScanObjects scanned: 47249Time elapsed: 4 minute(s), 35 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
Dagobert51 Posted December 7, 2008 ID:38642 Share Posted December 7, 2008 I need a copy of ashAvast.exe please .Also the next update might fix the other problem .Update 1471 didn't help either. It's not only the startup modue that's faulty. This is what happend when I should open Paint Shop Pro X Se attachment Link to post Share on other sites More sharing options...
Rainbow1112 Posted December 7, 2008 Author ID:38643 Share Posted December 7, 2008 updated to 1471 and still lots of files are detected i have upload some of the file that are detect to uploadNET the files are firefox 3.1 beta 1 firefox.exe and the flash player 10 file FlashUtil10a.exe Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now