Jump to content

blender

Staff
  • Content count

    1,052
  • Joined

  • Last visited

3 Followers

About blender

  • Rank
    Elite Member

Recent Profile Visitors

8,812 profile views
  1. blender

    MachineLearning/Anomalous.95% False Positive

    Hello, This has been fixed again. As the previous version fix, please give it about 10 minutes for your MBAM to see the update.
  2. Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. It's also always a good idea to digitally sign the files. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore. If still detected on your end after ~10 minutes from now. Perform the following steps: 1. Totally exit/shutdown Malwarebytes. 2. Go to here in explorer: 3. C:\ProgramData\Malwarebytes\MBAMService 4. delete the following file only: hubblecache. it doesn't have a file extension 5. Then you can restart MBAM and the cache file will rebuild on the next scan. Can you zip up a few more of the other files that are being hit as well please? Sometimes it takes a few files for the engine to "learn" to not detect. Thank you,
  3. blender

    False positive Anamolous 100%

    Hello, It could have been a number of factors why some machines did not recognise your exclusion. If you are using the Business version, possibly some of the deployed agents had temporary communication issues with your server & didn't get the update you applied. If you continue to have troubles with your endpoints getting updated settings you apply, I would contact support to help t-shoot.
  4. blender

    False positive Anamolous 100%

    It said 100% Anomalous not 100% malicious. Anomalous means "deviating from what is standard, normal or expected" so the MachineLearning component in MBAM saw something abnormal in that file & nabbed it to protect you. This is part of how it protects against 0-day malware. By your reporting though & providing the file, this allows us to fine-tune the MachineLearning so that file won't be hit anymore as Thisisu & Gonzo said. Thank you again for reporting.
  5. This was fixed within minutes of my post above. There should be no detections at all for RegOrganizer. If you are still seeing hits, please attach a scan log so I can look into it. Thanks!
  6. Hi @mgonzales - detections for this were removed yesterday so if you let MBAM quarantine it, you can restore everything that was detected as PUP.Optional.RegOrganizer.
  7. blender

    Scan found false positives?

    Hello, This detection is a false positive. It will be fixed in the next database update. Thank you for reporting.
  8. blender

    FP on Reg Organizer

    Hello, @ChemtableSomeone will reply to your email if you have one. @ Everyone else in this thread.. Detection for this will be removed in the next database update. Thank you for reporting the issue. I'll re-lock the thread to prevent more replies.
  9. Hello, Detection for this product will be removed shortly. Thank you for reporting.
  10. blender

    MachineLearning/Anomalous.95%

    Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. It's also always a good idea to digitally sign the files. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  11. Hello, We won't be removing detections for this but if you *really* like the software, you can exclude it from detections. Please see: https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ RE: Exporting reports.. If you click "view report", there should then be an option to export them. (can only do this one at a time though) By viewing report, you can see the path to the executable that is being blocked from making connections to the site. Not only will you need to exclude the software itself, but you will also need to add it to exclusions under "exclude an application that connects to the internet" & choose the filepath you noted in the reports. You will also need to exclude the URL that we keep blocking. Once you set all that up, you might need to shutdown & restart MBAM for your settings to work faster. Hope that helps.
  12. blender

    DovePOS False Positive

    Hello, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. It's also always a good idea to digitally sign the files. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  13. blender

    We are misusing the program. Please check

    Where does one download this? URL please? (You can mung the URL by using XX in place of tt in http ) Or did you suspend the entire site? As an English user, I cannot even read the EULA or component selection. So I have no clue what is happening. This is a standard Windows 7 Virtual machine I launched this on. Those pre-selected components are what? What is the one that is unchecked? Thank you,
  14. blender

    We are misusing the program. Please check

    So this is not bundled with anything? Please show me the website where people download this?
  15. blender

    We are misusing the program. Please check

    Hello, How does a typical user come across this program? I mean what would they download/install in order to consent to this? Thank you,
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.