Jump to content

miekiemoes

Staff
  • Posts

    10,855
  • Joined

Everything posted by miekiemoes

  1. Hi, Above shouldn't be detected anymore either with my previous fix already. I just verified. While you tested the above/modified your above file, you probably didn't have the latest update of our database yet with the fix :)
  2. I don't think you ever installed that program as it's just an installer file that was detected. You probably downloaded it once/or got downloaded with another program where the download/save location was accidentally that MobileSync\Backup location that session. In either way, don't worry about it too much, even if you had installed it, it's harmless :)
  3. Since we don't have the older file to compare against with, we can't tell if it was a false positive or not. It might have been a modified/patched version though, hence why we detected (but was a generic def). In either way, since this new file comes up clean and isn't detected, you should be ok.
  4. Hi, This looks like a different generic detection by our other engine. I'll get this fixed as well :)
  5. It's the installer for DriverEasy, a program that checks for outdated drivers. This program comes often installed without user knowledge, as part of another bundled installer, as we have seen many times already, hence why most AVs detect this as a potential Unwanted program: https://www.virustotal.com/gui/file/bd27f2f5bb93a9458bb3d7b9056e376f4cb71178b284a961ee747efc42b374cf/detection Please note, this isn't malware. In your case, it's located in the D:\Users\Oldbl\AppData\Raming\Apple Computer\MobileSync\Backup\ Most probably because it was a file that was synced via another PC.
  6. This file is not related with itunes or icloud at all, so you should be ok :)
  7. Hi, I forced a rescan on Virustotal, so it scans with recent database (as VT is always a little delayed). This isn't detected anymore now: https://www.virustotal.com/gui/file/57e11461fd3640718002ce16dbfe415714a984cd53349216a5b258aa1473ba3c?nocache=1
  8. Hi, This is a valid detection. We will adjust the name of the detection to PUP.Optional.DriverEasy. Note, this isn't malware, but a Potentially Unwanted Program. If you have willingly installed this, you can create an exclusion for it. Otherwise, you can have malwarebytes delete it. It looks like an installer file anyway, so these are safe to delete.
  9. Thanks for reporting. I'll get this fixed as well and make sure to prevent detection for future versions. This will be a database update, but that's usually fixed/applied within 2-3 hours.
  10. Hi, This is a valid detection. We don't detect as Malware, but as PUP.Optional.IWin, which means, potentially unwanted program since this is often installed without user consent. If this is willingly installed, you can create an exclusion for this. In case you want to dispute, please see here:
  11. Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!
  12. Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!
  13. Hi, We have reviewed and detection will be removed.
  14. Hi, This will be reviewed and fixed if needed.
  15. Hi, Thanks for reporting. This has been whitelisted now.
  16. We are sorry for this. Machinelearning engines are really powerful to detect a lot of malware and has helped our customers a lot as well. Unfortunately, FPs always happen as well especially when files aren't digitally signed, no clear version info instead of generic installwrapper version info or obfuscated code, so that makes it harder for engines to train on. But we keep on monitoring these to fix in time.
  17. Hi, I'm sorry your software was triggered again. I'll whitelist this so future versions won't be detected either. Edited to add, I couldn't reproduce detection locally though as this has been fixed a few days ago already (retraining on the sample). Virustotal probably didn't receive our latest database build or results are cached there.
  18. Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  19. The fix is applied immediately, so it won't be detected anymore :)
  20. Hi, These are indeed false positives and will get fixed. Thanks for reporting!
  21. Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!
  22. Hi, Thanks for reporting. This will be whitelisted.
  23. Hi, I'll get this fixed. Sidenote, it's always good practice to digitally sign files, especially given the nature that it's patching files. :)
  24. Yes, it's a trojan. Looks like a part that came with a passwordstealer.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.