On using the "update" function today in MalwareBytes anti malware software (MBAM),
(please note the update downloaded a new version of MBAM dated 26/03/09)
and spybot was last updated on wed 25/03/09)

teatimer detected and warned of the following process:

27/03/2009 07:52:43 AM Encountered and terminated PerfectKeylogger in C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe!

These two pieces of software have co-existed for over 6 months on my machine with no conflicts till this week. between them killing many nasties.

any idea if this is real? or just a false positive?

artist

Thanks for reporting, we gonna get into this.

TeaTimer identified the MalwareBytes update as Perfect Keylogger and killed the process.

Hello,

this should not happen. Please make sure to fully update Spybot S&D, then restart your computer.
Then try to execute the Malwarebytes update again, if TeaTimer should detect the file again please send it to detections@spybot.info for analysis.

I had the same problem yesterday.

It happened after clicking "Check For Updates" in Malwarebytes' Anti-Malware 1.43, which then downloaded and installed 1.44 (rather than just an updated database).

I've subsequently removed the Malwarebytes installation and manually downloaded and installed 1.44 from www.malwarebytes.org successfully (without complaint from TeaTimer).

This suggests that the only way to recreate the problem is to install Malwarebytes 1.43 and use "Check For Updates".

(the following has also been sent to you by email)

Hello

this appears to be a false positive. But since Malwarebyte's Anti-Malware version 1.43 is not available anymore (downloads direct to 1.44) we are unable to test this.
We usually add Malwarebyte's digital signature to our whitelist to ensure that the TeaTimer does not falsely flag signed Malwarebyte's files.
However this can fail if new digital signatures are available or the file is not signed.
It may also be possible that another active protection software interferes with the TeaTimer scan which results in such a false positive.

If you send us a full Spybot S&D report file, this may help us in finding out why the Malwarebyte's file was falsely detected.
The report file will also help in analyzing if your computer is infected with some kind of malicious software.
Do the following to produce the report file:

* start Spybot S&D
* switch to advanced mode
* navigate to tools - view reports
* make sure that all check boxes are activated
* click on the green "view report" button
* export the report to your desktop

Replied via email :)