LMT AntiMalware

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
Hello, in the last 3 days there have been nearly 230k requests to my cloud database. And I think the current 8 million hashes on the database are not enough to detect malware. So in the future I will try to import more data into it :rolleyes:
1628829437973.png
 
Last edited:

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
Hi!
LMT AntiMalware 5.7.3 released
Changelog:
  • Web Protection: Added an option that allows you to choose what action to take when malicious URLs are detected.
  • Updated Malware Scanner page.
  • Cloud Database: Added a server in Southeast Asia. From now based on your geographical location the system will automatically direct you to the nearest server (Southeast Asia or South Central US).
  • Improved Behavior Detection.
  • You can view information about the number of files that have been processed by the Cloud Database on About page.
  • Added a option to delete the quanrantine folder.
Homepage: LMT AntiMalware

1629460139666.png
 
F

ForgottenSeer 69673

I received an phishing e-mail including a HTML file. I am wondering what setting I have to make to detect this file doing a scan without adding it to right click context menu? When I do add it and scan it I do get an all safe warning. I had submitted it to Virus Total befor hand and did get the same 6 flags as phishing maleware.
Wondering why AMT shows it as safe?

1629737454166.png



 

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
I received an phishing e-mail including a HTML file. I am wondering what setting I have to make to detect this file doing a scan without adding it to right click context menu? When I do add it and scan it I do get an all safe warning. I had submitted it to Virus Total befor hand and did get the same 6 flags as phishing maleware.
Wondering why AMT shows it as safe?

View attachment 260246


Hello,
If Virustotal is more than 10 or CuteDuck engine detects it, it will be Unsafe.
If you want LMT AntiMalware block access to that file, you need to enable On Access Scanning and Cloud Database must detect it. I have added that file's information to Cloud Database but it takes some time to take effect.
 
Last edited:

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
Some information about Cloud database:
Currently Cloud Database has 8.087.789 hashes. Database will be updated daily from MalwareBazaar.
1629897700389.png

Last week there were more than 757.8k requests to 2 servers from all over the world.
1629897938039.png

And my servers are still working fine 😄
 

minhgi

Level 2
Verified
Mar 10, 2017
56
How do allow this program Lenovo Service Bridge Updater to execute random generate temp files? LMT constantly blocking from executing even when the temp file or temp folder was whitelist. Currently running Win10 and KIS / LMT.

LMT AntiMalware----------------
Log : 6:07:40 AM Thursday, August 26, 2021
Allowed C:\Users\username\AppData\Local\Temp\is-NJ95A.tmp\LSBUpdate.tmp to run and added to the exclusion list.
-------------------------------

LMT AntiMalware----------------
Log : 6:16:29 AM Thursday, August 26, 2021
Blocked C:\Users\username\AppData\Local\Temp\is-MVL7S.tmp\LSBUpdate.tmp from executing because this file is not trusted
 

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
How do allow this program Lenovo Service Bridge Updater to execute random generate temp files? LMT constantly blocking from executing even when the temp file or temp folder was whitelist. Currently running Win10 and KIS / LMT.

LMT AntiMalware----------------
Log : 6:07:40 AM Thursday, August 26, 2021
Allowed C:\Users\username\AppData\Local\Temp\is-NJ95A.tmp\LSBUpdate.tmp to run and added to the exclusion list.
-------------------------------

LMT AntiMalware----------------
Log : 6:16:29 AM Thursday, August 26, 2021
Blocked C:\Users\username\AppData\Local\Temp\is-MVL7S.tmp\LSBUpdate.tmp from executing because this file is not trusted
Hello, looks like you are using Anti Executable feature, I think you don't need to enable it (it can be annoying), real time protection is enough to protect the computer.
 

minhgi

Level 2
Verified
Mar 10, 2017
56
Hello, looks like you are using Anti Executable feature, I think you don't need to enable it (it can be annoying), real time protection is enough to protect the computer.
that seem to eliminate the false positive. Now after that rebooting my computer every time, this message popup. There no function or log to identify what powershell execution script getting run. Is it possible to include such feature to know what script is being run and a whitelist/blacklist feature for it? I know my laptop is clean of any malwares since I run Kaspersky and wisevector together. I have disable wisevector from running since installing LMT to test.



2021-08-26-092123
 
Last edited:

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
that seem to eliminate the false positive. Now after that rebooting my computer every time, this message popup. There no function or log to identify what powershell execution script getting run. Is it possible to include such feature to know what script is being run and a whitelist/blacklist feature for it? I know my laptop is clean of any malwares since I run Kaspersky and wisevector together. I have disable wisevector from running since installing LMT to test.



2021-08-26-092123
Hello, you can check the tab Fileless Malware Protection on main windows. It includes rules that block processes from executing commands. If you find it too annoying, you can remove that rule or temporarily disable Fileless Malware Protection when you need to execute a command line.
 

LeMinhThanh

From LMT AntiMalware
Thread author
Verified
Developer
Well-known
Apr 11, 2020
304
Hi!
LMT AntiMalware 5.7.5 released
Changelog:
  • Fileless Malware Protection: Added Whitelist Command Line.
  • Realtime Protection: Added Automatically scan USB devices.
  • Web Protection: Added an option that allows you to disable the WinDivert driver when your internet being weird.
Homepage: LMT AntiMalware
1630238189955.png
1630238203673.png
 

minhgi

Level 2
Verified
Mar 10, 2017
56
Hi!
LMT AntiMalware 5.7.5 released
Changelog:
  • Fileless Malware Protection: Added Whitelist Command Line.
  • Realtime Protection: Added Automatically scan USB devices.
  • Web Protection: Added an option that allows you to disable the WinDivert driver when your internet being weird.
Homepage: LMT AntiMalware
View attachment 260336View attachment 260337
This version didn't have the popup for the my powershell script. nicely done. When I saw your program have VirusTotal scanning ability, I wanted to try it and add my security tool set. Luckily, your program allow to disable functions I did not need or overlap with my other security software. koodos. Anyway, I have KIS, WiseVector, and LMT running smoothly after tweaking. A Little overkill but let see. You know how it is with searching online VN Phim Bo to watch.
 
F

ForgottenSeer 69673

This version didn't have the popup for the my powershell script. nicely done. When I saw your program have VirusTotal scanning ability, I wanted to try it and add my security tool set. Luckily, your program allow to disable functions I did not need or overlap with my other security software. koodos. Anyway, I have KIS, WiseVector, and LMT running smoothly after tweaking. A Little overkill but let see. You know how it is with searching online VN Phim Bo to watch.

you just need to remember if virustotal does not have at least 10 venders detecting a file as maleware, lmt will not alert you.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top