Jump to content

BobSoul

Honorary Members
  • Posts

    58
  • Joined

  • Last visited

Reputation

1 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I had same file detected in photoshop - The update hasnt hit yet -- that I can tell since restore detects them. Ran through emsisoft as well and they come back clean - so hopefully soon the updated defs will be uploaded
  2. I havent checked this on the nebula endpoint or the premium 4.4.6 as of yet - but I will tomorrow - give the updates time to filter through
  3. OK - assuming the new update hasnt rolled out to premium 4.4.6 yet -- restored files and they got detected again... Ill try again later see what happens
  4. Thank You - IM assuming my other false positive with photoshop files is a false ID as well :)
  5. adobedetection.zipHere are the files and the log its adobephotoshop C3 older version and it happens on a few machines (4 that have it installed) adobedetection.zip scanresult.txt
  6. the following files come up as Malware.Ai.1222784086 C:\programfiles (x86)\ photoshop\adobeowl.dll Malware.Ai.1235203418 c:\programfiles (x86)\photoshop\axe8sharedexpat.dll Previous days scan didnt flag this till todays update ( Premium 4.4.6) system scans nightly
  7. Actually happens as well on a personal home version that happens to have same software installed on for watchguard router at home.
  8. This is on the endpoint nebula version for business so may have posted in wrong forum -- but endpoint doesn't have a specific false positive forum it seems
  9. The following false positives occurred today -- ( Nebula end point) on the router software for Watchguard routers.... which as of previous scans it never detected till the latest update today. Path: C:\PROGRAM FILES (X86)\WATCHGUARD\WSM11\UNINSHS.EXE Action Taken: Quarantined Scan time: 2021-09-16T18:01:00Z Report time: 2021-09-16T18:26:47.970415185Z Threat name: Malware.AI.1239893535 Path: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WatchGuard System Manager 11.12_is1 Action Taken: Quarantined Scan time: 2021-09-16T18:01:00Z Report time: 2021-09-16T18:26:47.970415185Z Threat name: Malware.AI.1239893535 Malwarebytes Diagnostics (1).zip
  10. The following false positives occurred today -- ( Nebula end point) on the router software for Watchguard routers.... which as of previous scans it never detected till the latest update today. Path: C:\PROGRAM FILES (X86)\WATCHGUARD\WSM11\UNINSHS.EXE Action Taken: Quarantined Scan time: 2021-09-16T18:01:00Z Report time: 2021-09-16T18:26:47.970415185Z Threat name: Malware.AI.1239893535 Path: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WatchGuard System Manager 11.12_is1 Action Taken: Quarantined Scan time: 2021-09-16T18:01:00Z Report time: 2021-09-16T18:26:47.970415185Z Threat name: Malware.AI.1239893535 Malwarebytes Diagnostics (1).zip
  11. Ok so I can restore them should I make a exception on them ?
  12. Hello - I am guessing the following is a false detection Malware.AI.36671320 ModuleMalwareQuarantined C:\XAMPP\PHP\LIBPQ.DLL Malware.AI.36671320ModuleMalwareQuarantinedC:\XAMPP\PHP\LIBPQ.DLL Malware.AI.36671320FileMalwareQuarantinedC:\XAMPP\PHP\LIBPQ.DLL This version of XAMPP has been installed for a year or more just last scan flagged it previous nights didnt. Malwarebytes Diagnostics.zip
  13. Appears to be still blocking in the last update 2.3.2 of the browser guard.. Kept in expections list for the time being
  14. Yeah that was my thought exactly - The endpoints are working etc its just slow for the updates to come back -- and of course the main irritation is the groups reverting back after I moved and seperating them.... at least only one days moved back even though when you look at groups it says the count is correct so its probably a reporting issue or log server delay
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.