-
Posts
10,855 -
Joined
Content Type
Events
Profiles
Forums
Everything posted by miekiemoes
-
Hi, Above shouldn't be detected anymore either with my previous fix already. I just verified. While you tested the above/modified your above file, you probably didn't have the latest update of our database yet with the fix :)
-
malwarebytes found this as a potential suspicious file
miekiemoes replied to Bobby1's topic in File Detections
I don't think you ever installed that program as it's just an installer file that was detected. You probably downloaded it once/or got downloaded with another program where the download/save location was accidentally that MobileSync\Backup location that session. In either way, don't worry about it too much, even if you had installed it, it's harmless :) -
Since we don't have the older file to compare against with, we can't tell if it was a false positive or not. It might have been a modified/patched version though, hence why we detected (but was a generic def). In either way, since this new file comes up clean and isn't detected, you should be ok.
-
Hi, This looks like a different generic detection by our other engine. I'll get this fixed as well :)
-
malwarebytes found this as a potential suspicious file
miekiemoes replied to Bobby1's topic in File Detections
It's the installer for DriverEasy, a program that checks for outdated drivers. This program comes often installed without user knowledge, as part of another bundled installer, as we have seen many times already, hence why most AVs detect this as a potential Unwanted program: https://www.virustotal.com/gui/file/bd27f2f5bb93a9458bb3d7b9056e376f4cb71178b284a961ee747efc42b374cf/detection Please note, this isn't malware. In your case, it's located in the D:\Users\Oldbl\AppData\Raming\Apple Computer\MobileSync\Backup\ Most probably because it was a file that was synced via another PC. -
malwarebytes found this as a potential suspicious file
miekiemoes replied to Bobby1's topic in File Detections
This file is not related with itunes or icloud at all, so you should be ok :) -
Hi, I forced a rescan on Virustotal, so it scans with recent database (as VT is always a little delayed). This isn't detected anymore now: https://www.virustotal.com/gui/file/57e11461fd3640718002ce16dbfe415714a984cd53349216a5b258aa1473ba3c?nocache=1
-
malwarebytes found this as a potential suspicious file
miekiemoes replied to Bobby1's topic in File Detections
Hi, This is a valid detection. We will adjust the name of the detection to PUP.Optional.DriverEasy. Note, this isn't malware, but a Potentially Unwanted Program. If you have willingly installed this, you can create an exclusion for it. Otherwise, you can have malwarebytes delete it. It looks like an installer file anyway, so these are safe to delete. -
Thanks for reporting. I'll get this fixed as well and make sure to prevent detection for future versions. This will be a database update, but that's usually fixed/applied within 2-3 hours.
-
PUP.Optional.IWin false positive for iwin gm dll
miekiemoes replied to valeron's topic in File Detections
Hi, This is a valid detection. We don't detect as Malware, but as PUP.Optional.IWin, which means, potentially unwanted program since this is often installed without user consent. If this is willingly installed, you can create an exclusion for this. In case you want to dispute, please see here: -
Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!
-
Hi, This has been whitelisted now.
-
Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!
-
Hi, We have reviewed and detection will be removed.
-
Hi, This will be reviewed and fixed if needed.
-
Hi, Thanks for reporting. This has been whitelisted now.
-
Native Instruments Synth Instrument Pack detected as malware.
miekiemoes replied to RainOnThem's topic in File Detections
We are sorry for this. Machinelearning engines are really powerful to detect a lot of malware and has helped our customers a lot as well. Unfortunately, FPs always happen as well especially when files aren't digitally signed, no clear version info instead of generic installwrapper version info or obfuscated code, so that makes it harder for engines to train on. But we keep on monitoring these to fix in time. -
My software triggers a false positive detection
miekiemoes replied to interflexo's topic in File Detections
Hi, I'm sorry your software was triggered again. I'll whitelist this so future versions won't be detected either. Edited to add, I couldn't reproduce detection locally though as this has been fixed a few days ago already (retraining on the sample). Virustotal probably didn't receive our latest database build or results are cached there. -
false positive MAchineLEarning/Anomalous.97%
miekiemoes replied to dejong64's topic in File Detections
Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore. -
The fix is applied immediately, so it won't be detected anymore :)
-
Trojan Detections in ACMP module install files
miekiemoes replied to fwaluda's topic in File Detections
Hi, These are indeed false positives and will get fixed. Thanks for reporting! -
Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!
-
Hi, Thanks for reporting. This will be whitelisted.
-
Hi, I'll get this fixed. Sidenote, it's always good practice to digitally sign files, especially given the nature that it's patching files. :)
-
Yes, it's a trojan. Looks like a part that came with a passwordstealer.