Jump to content

miekiemoes

Staff
  • Content Count

    9,470
  • Joined

Everything posted by miekiemoes

  1. Hi, You can create an exclusion for it: https://support.malwarebytes.com/docs/DOC-1130
  2. Good to hear - thanks for the feedback!
  3. Thanks. I see this was fixed yesterday already on this file. Do you still have a detection on it? If so, Quit malwarebytes from the systemtray, Then navigate to the following folder: C:\ProgramData\Malwarebytes\MBAMService In there, locate the file HubbleCache and delete it. Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.
  4. Hi, Since you're having issues to zip and attach the exe file, would you mind to upload the exe file (SPFLITE2.EXE) to Virustotal instead? https://virustotalcloud.appspot.com/nui/index.html#/home/upload That way, we can collect it from there. Please post the link of the virustotal results here afterwards. Thanks!
  5. Thanks. It was the 64bits version that was whitelisted before. I've now whitelisted the 32bits version. This should no longer be detected anymore.
  6. Hi, Please see above how to add an exclusion. Additionally, Please zip and attach the exact file that was blocked, as it might be different than above one. Thanks!
  7. Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  8. Hi, This will be reviewed and detection removed if necessary. Thanks for reporting!
  9. Hi, This is behavior detection, but has been fixed in a meanwhile. Thanks for reporting!
  10. Thanks for reporting. We verified the site has been cleaned and the block has been removed. This will be affected in next database update.
  11. Hi, This isn't a false positive. They are marked/listed as Adware and/or Potentially Unwanted. If you want to keep both, please create an exclusion for these. In case you want to dispute, please see here: https://forums.malwarebytes.com/topic/130207-pupoptional-listings-and-disputes/ Thanks.
  12. Hi, The fact that you can't exclude or can't find it, is because it's still in your quarantine. So you have to unquarantine it first (select and click restore) and then reboot. After reboot, you will be able to create an exclusion for it. * To add the exclusion, open Malwarebytes > Settings > Exclusions tab * Below, click the button: "Add Exclusion" * Then, select "Exclude a File or Folder" (this should be prechecked already by default) * Click Next * You'll see a field that says: "Specify a File or Folder" - there, click the button "Select Files..." and browse to the file you want to exclude. * For "How to Exclude", select: "Exclude from detection as malware, ransomware or potentially unwanted item" (this is normally also selected by default already) * Then click the OK button below. Once you've done above, can you also zip and attach this exact Paladins file? This so I can have a look at it, if something changed. Thanks!
  13. Hi, Thanks for reporting. This will get fixed in next database update.
  14. Hi, We would need more info, so can you zip and attach the MBAMService.LOG, this so I can have a look why it is still detected. You can find this log in the following folder: C:\ProgramData\Malwarebytes\MBAMService\LOGS
  15. Hi, If you have unquarantined/restored it before and rebooted, it shouldn't display there anymore. Once you've set the exclusion, it should then show under settings > exclusions. Even though if it is still listed under quarantine, it shouldn't cause any problems.
  16. Thanks. Verified as a false positive indeed and should be fixed now. I however suggest you add an exclusion for this file too in Malwarebytes. In order to do this, * open Malwarebytes > Settings > Exclusions tab * Below, click the button: "Add Exclusion" * Then, select "Exclude a File or Folder" (this should be prechecked already by default) * Click Next * You'll see a field that says: "Specify a File or Folder" - there, click the button "Select Files..." and browse to the file you want to exclude. (in your case D:\Steam\steamapps\common\Football Manager 2019\fm.exe) * For "How to Exclude", select: "Exclude from detection as malware, ransomware or potentially unwanted item" (this is normally also selected by default already) * Then click the OK button below.
  17. Hmm, if the file is too big for Virustotal already, then it will also be too big to attach here. Let's try a different method and upload it via here: https://www.transfernow.net/en/ Once you drag and drop the fm.exe there, you *should* have an option to generate a custom link afterwards where to download it. Copy and paste that link in your next reply.
  18. Maybe, to make it easier for you, browse to the D:\Steam\steamapps\common\Football Manager 2019 folder Locate the file fm.exe in there and upload it to here: https://virustotalcloud.appspot.com/nui/index.html#/home/upload (you can use drag and drop) Then it performs a scan there and when finished, copy and paste the url in your next response
  19. No there isn't, as it seems to be a false positive
  20. Hi, Can you unquarantine the file, then reboot, then zip and attach the file please? Thanks!
  21. Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  22. Hi, It's because of this: user_pref("browser.newtab.url", "http://www.bing.com/?pc=COSP&ptag=<ID>&form=CONMHP&conlogo=CT3335799") This is conduit powered by bing. Some more info: https://www.merkleinc.com/blog/conduit-deal-boosting-bingcom-paid-clicks-near-10 Conduit isn't malware, but Potentially Unwanted. https://blog.malwarebytes.com/detections/pup-optional-conduit/ So it's your choice whether you want to have malwarebytes fix this or not. You can always add this detection to your exclsions. Thanks!
  23. Hi, Thanks for this. I reviewed and verified this is a false positive indeed (behavior ransomware detection), but this has been fixed already, so it should no longer be detected anymore.
  24. Hi Nippa, Sorry for the delay. Can you zip and attach the newsrover.exe file that was detected? Please unquarantine the file first, then reboot. Thanks!
  25. Thanks. It looks like this has been fixed already, so it should no longer be detected anymore.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.