Jump to content

Ant Dude

Honorary Members
  • Posts

    139
  • Joined

  • Last visited

Posts posted by Ant Dude

  1. 3 minutes ago, miekiemoes said:

    I appreciate your feedback. Especially with machinelearning engines to pro-actively detect any new threats, unfortunately, false positives happen. This is the same with other Antivirus that use machinelearning engines, but we keep on top of these and monitor realtime to fix these asap.

    Luckily, the files are sent to quarantine, where you can always restore them again.

     

    Well, it would be bad if they are critical files for the OS.

  2. 10 minutes ago, miekiemoes said:

    We actually monitor for potential FPs realtime already where they also get fixed asap, so, these might have been fixed already earlier on. :)

     

    After seven minutes and 10 seconds, it said my G:\Windows was clean. Wow, in real-time? If we get these Malware.AI detections, should we rescan to double check? If so, then maybe MBAM should tell its users to rescan again to be sure they aren't FPs?

  3. 8 minutes ago, miekiemoes said:

    I can't reproduce any detection. Can you update and verify if these are still being detected?

    Thanks!

    Hmm, now they are considered clean from my 7-Zip file. Did the definition updates get fixes from almost twelve hours ago? Let me to do a rescan of my G:\Windows (not doing all drives like I did overnight that took almost three hours to complete).

  4. It seems unreliable with false positives like today's overnight scan in my decade old, updated PC with dual Windows boot setups (32-bit XP Pro. SP3 and 64-bit W7 HPE SP1). I hope these are really false positives (attached a 7z file with the EXEs and a screen shot/capture) since they never showed up as malicious before. Even with online scans (https://virusscan.jotti.org/en-US/filescanjob/zyph4syswd, https://r.virscan.org/language/en/report/0057a8b98f9c5854b830b299a7200abf, https://www.virustotal.com/gui/file/30c536948ce7a0c4e9417b88e81d77ac5c048917177dc06bc71dfa814900662d/details, and https://www.hybrid-analysis.com/sample/8ffc26bc2e827e94e534037bae4ab3fe3b7046a9f14977b6c77559d20ee3dfc2) confirm them being clean.

    Thank you for reading and hopefully fixing and answering soon. :)

    MBAMaiDetections.7z

  5. MBAM says Malware.AI.4195089919 says for my C:\winstuff\LDPlayer3.97andUp\ldnews.exe file (attached a 7Zipped copy; you can download and install https://encdn.ldmnq.com/download/package/en/LDPlayer_ens_3.97.exe from its https://www.ldplayer.net/ official web site). MBAM didn't say that this before yesterday's updates and its required restart.

    Most online web sites' scanners says clean:

    https://r.virscan.org/language/en/report/7c99fdc096342ed679d88caed8a77629

    https://metadefender.opswat.com/results/file/bzIwMDcxMTkyZE9ic19xX2h0ZjRyTUJxWXpx/regular/overview?lang=en

    https://www.hybrid-analysis.com/sample/dbe0b3cc202c3d690f03098d2e197b64acb5c05fe13b2bd821731969c6b538f3 says one supsicious.

    https://virusscan.jotti.org/en-US/filescanjob/e0bumjn8pq

    https://www.virustotal.com/gui/file/dbe0b3cc202c3d690f03098d2e197b64acb5c05fe13b2bd821731969c6b538f3/detection

    So, maybe a false positive? Thank you for reading and hopefully answering soon. :)

    ldnews.7z

  6. I attached a zip file with the four EXE files from old programs. Here's MBAM's text log requested:

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 1/10/20
    Scan Time: 9:29 AM
    Log File: bd963a2e-33ce-11ea-9113-001fbc01b9da.json

    -Software Information-
    Version: 4.0.4.49
    Components Version: 1.0.793
    Update Package Version: 1.0.17533
    License: Free

    -System Information-
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Harvester7\ant

    -Scan Summary-
    Scan Type: Custom Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 4
    Threats Detected: 4
    Threats Quarantined: 0
    Time Elapsed: 0 min, 23 sec

    -Scan Options-
    Memory: Disabled
    Startup: Disabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 4
    Generic.Malware/Suspicious, C:\USERS\ANT\DESKTOP\UPLOADS\FILES\SUOPGUI.EXE, No Action By User, 0, 392686, 1.0.17533, , shuriken,
    Adware.DownloadAssistant, C:\USERS\ANT\DESKTOP\UPLOADS\FILES\AUDIOBURNER.EXE, No Action By User, 7701, 766474, 1.0.17533, , ame,
    Adware.DownloadAssistant, C:\USERS\ANT\DESKTOP\UPLOADS\FILES\STARPORT.EXE, No Action By User, 7701, 766173, 1.0.17533, , ame,
    Adware.DownloadAssistant, C:\USERS\ANT\DESKTOP\UPLOADS\FILES\VIDEOBURNER.EXE, No Action By User, 7701, 766289, 1.0.17533, , ame,

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

     

     

    Thank you for reading and hopefully answering. :)

    files.zip

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.