Jump to content

miekiemoes

Staff
  • Content count

    9,084
  • Joined

  • Last visited

6 Followers

About miekiemoes

  • Rank
    Forum Deity
  • Birthday 07/19/1975

Contact Methods

  • MSN
    notimetochat
  • Website URL
    http://miekiemoes.blogspot.com

Profile Information

  • Location
    Belgium

Recent Profile Visitors

40,036 profile views
  1. miekiemoes

    False Positive - Firestorm Viewer

    Normally it should be OK and not detected anymore, as I got the above file. Unless the detection pops up again (who knows on a slightly different version), then please zip and upload the file (only the actual detected file and not the installer, as that makes it easier for us). I know this file is quite big (a 40-ish MB), so it probably won't allow to attach. So just use dropbox or any other similar filesharing interface for this. But normally, detection shouldn't happen anymore.
  2. miekiemoes

    False Positive - Firestorm Viewer

    You're most welcome
  3. miekiemoes

    False Positive - Firestorm Viewer

    Hi, This update will be delivered in the background.
  4. miekiemoes

    False Positive - Firestorm Viewer

    Hi, I Installed, collected the sample and fixed the false positive, so this should no longer be detected anymore. As an additional note, we have an updated build for our AntiRansomware in a meanwhile which is more finetuned in order to detect better + also reduces False Positives in general, so this should also help.
  5. miekiemoes

    False Positive - Firestorm Viewer

    Hi, Yes, figured that out already based on the filepath in above Please give me a few, as I need to install it on a seperate machine.
  6. miekiemoes

    False Positive - Firestorm Viewer

    Hi, We just needed this file: C:\Program Files\FirestormOS-Releasex64\FirestormOS-Releasex64.exe This to avoid any confusion. But the installer works as well. But we then need to install it in order to collect that file.
  7. miekiemoes

    False Positive - Firestorm Viewer

    Hi, Can you please zip and attach the file that was unquarantined? As I have not received it yet (from previous reply). Please see the instructions in above. As an additional note, a new component Update will go out soon for the Antiransomware protection where some of the above and similar FPs will be reduced and detection will be finetuned. Thanks!
  8. miekiemoes

    False Positive - My Own Code!

    Hi, I've sent you a private message with the reasoning why this is triggered.
  9. miekiemoes

    False Positive Detection

    Hi, Thanks for reporting. After a discussion with my team, this doesn't appear to be a false positive. Please see here for more info: If you believe your program is incorrectly classified based on the following criteria www.malwarebytes.com/pup, please contact pup AT malwarebytes DOT com. Only questions submitted to this email address will be reconsidered. Thanks!
  10. miekiemoes

    False Positive - My Own Code!

    Thanks. Seems they compressed fine, so it was able to attach. Someone will look into this shortly
  11. miekiemoes

    False Positive - My Own Code!

    Hi, We would love to get some additional files from you (the .arw captures) Can you also zip the folder ARW present in the C:\ProgramData\Malwarebytes\MBAMService folder? This file (zipped folder) might be too big to attach here, so can you upload it somewhere, so we can collect it easily? Thanks!
  12. miekiemoes

    False Positive - My Own Code!

    Hi, Yes, I asked someone from our Anti-ransomware team to give some more insight why the trigger happened.
  13. miekiemoes

    False Positive - My Own Code!

    Hi, I can't tell for sure, but it's possible why this is triggered.
  14. miekiemoes

    False Positive - My Own Code!

    Thanks. This helps to finetune the engine. Let me know if this is still detected. If so, please make sure/verify it's the correct GSBPArmyEditor.exe you sent, this since the one you attached doesn't seem to have the same exact checksum as in the log you attached.
  15. miekiemoes

    False Positive - My Own Code!

    Hi, The antiransomware engine is behavior detection, so it was probably triggered by file-modification/injecting in different files etc etc. Please zip and attach the actual file that is detected + the Mbamservice.log which is located in the following folder: C:\ProgramData\Malwarebytes\MBAMService\LOGS Thanks!
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.