millertek2001
-
Posts
7 -
Joined
-
Last visited
-
Ransom.Petya : False Positive??
millertek2001 replied to PLP's topic in Malwarebytes Anti-Malware for Business
Updating now, thanks -
Ransom.Petya : False Positive??
millertek2001 replied to PLP's topic in Malwarebytes Anti-Malware for Business
I am getting them again as well v2016.09.15.09 -
Thank You!
-
Ransom.Petya : False Positive??
millertek2001 replied to PLP's topic in Malwarebytes Anti-Malware for Business
This is going on and on and on... -
Ransom.Petya : False Positive??
millertek2001 replied to PLP's topic in Malwarebytes Anti-Malware for Business
Yeah, I still have the notifications coming in, over and over. I investigated the mdm.exe (Machine Debug Manager) file and the file date on it is 10/26/2006 so this must certainly be a false positive. The Console is reporting that the .exe file and associated registry keys are being quarantined and deleted upon reboot which is not good. So my major concern after hearing that this is confirmed to be a false positive by a MB engineer is that even if they produce an update how am I going to reverse the deleting of these files without having to touch what is up to 50 endpoints right now? -
Ransom.Petya : False Positive??
millertek2001 replied to PLP's topic in Malwarebytes Anti-Malware for Business
Exact same thing here, I have received 16 messages from the console: C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe Quarantined Ransom.Petya The false positives over the last couple of week are going to give me a heart attack. I sure hope an engineer will chime in. The latest version of the DB I show is v2016.09.13.07. -
Thank you so much, same thing here...was awakened at 3am with 19 messages from my endpoint console that those machines detected Ransome.Crysis on orgchart.exe. Definitely not the way to wake up!