Jump to content

miekiemoes

Staff
  • Content Count

    9,164
  • Joined

  • Last visited

7 Followers

About miekiemoes

  • Rank
    Forum Deity
  • Birthday 07/19/1975

Contact Methods

  • MSN
    notimetochat
  • Website URL
    http://miekiemoes.blogspot.com

Profile Information

  • Location
    Belgium

Recent Profile Visitors

40,493 profile views
  1. miekiemoes

    Something seriously wrong 0DAY-PROTECTIOn.

    Hi, Thanks for your feedback. I have sent you a private message via this forum with some additional info. Thanks!
  2. miekiemoes

    Something seriously wrong 0DAY-PROTECTIOn.

    Hi, Yes, you are correct that this is confusing and people will see this as Malware, while, in many cases, it is Malware, but in your case, it's not. I will address this with the development team. Thanks!
  3. miekiemoes

    Something seriously wrong 0DAY-PROTECTIOn.

    Hi, Thanks for reporting this to us. To clarify this some more, our machinelearning engine detects as "Anomalous", not really malware. So that means, it triggers on some anomaly design, unfinished builds, sections without content, etc etc... This is detected correctly as anomalous. This is what Malware does a lot as they change almost hourly, hence why this additional protection. So if you are a developer, I suggest you exclude the working directory from detection. Once it's final and ready to be shared with others, in most cases it won't be detected anymore since it won't trigger the "anomaly" anymore either. In case a "final project" is still detected, please let us know (include the sample), so we can add it to the learning as well to prevent this in the future. Thanks!!!
  4. miekiemoes

    Are these false positives?

    Hi, What Malwarebytes detected aren't Trojans but Riskware. In your case, it seems like you're using a modified steam_api.dll (cracked/patched) which is always a risk, so that's why we detect correctly. You'll see that a lot of other AVs will also detect these.
  5. miekiemoes

    Is it safe to open and install

    Hi, It's safe to install, but it's not recommended. Also see here: But of course, it's your decision.
  6. miekiemoes

    My program falsely marked as MachineLearning/Anomalous.96%

    Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore. Thanks for reporting!
  7. miekiemoes

    Need to mark file as safe

    Hi, If it's a local batch for own use, I suggest you create an exclusion for it. In order to do so, open Malwarebytes > Settings > Exclusions tab Below, click the button: "Add Exclusion" Then, select "Exclude a File or Folder" (this should be prechecked already by default) Click Next You'll see a field that says: "Specify a File or Folder" - there, click the button "Select Files..." and browse to the file you want to exclude. For "How to Exclude", select: "Exclude from detection as malware, ransomware or potentially unwanted item" (this is normally also selected by default already) Then click the OK button below.
  8. Thanks. Above file should no longer be detected anymore either. And yes, if you add version information and keep it consistent, it will prevent future ones being flagged. Of course, we would need the new version first as well in order to have the MachineLearning engine to "train" on it - but at least it will go faster/easier then.
  9. miekiemoes

    is this a false positive?

    You should be OK here
  10. miekiemoes

    is this a false positive?

    None of these are really Spyware, but especially the Bitcoinminer exposes a risk as it's hogging your cpu like crazy.
  11. miekiemoes

    is this a false positive?

    For the Trojan.Agent.TskLnk & Trojan.CryptoNight - that one is related with a Bitcoinminer you have also installed. https://blog.malwarebytes.com/detections/riskware-bitcoinminer/ PUP.Optional.DriveTheLife - is detection for DriverTalent you have installed. It's your own choice whether you want to keep this or not, as PUP means, Potentially Unwanted Program. In most cases this comes installed with other 3rd party software, so most people aren't aware of its presence.
  12. miekiemoes

    is this a false positive?

    Hi, These don't look like False Positives, but are valid detections.
  13. Hi, Is this exact the same file? Because it might be another Profi_PNT.exe file with some modifications in it that is different from the one you uploaded before. Mind to zip and attach this one from the other PC as well? As an additional note, it's always good practice to use Version Information for your files, as that makes it easier for our MachineLearning engine to train on as well. Thanks!
  14. Hi, This is detected by our MachineLearning engine (and not really as malware), which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  15. miekiemoes

    False positive: ProtonVPN

    Hi Gin, This has been fixed already and should no longer be detected anymore.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.