blender

Hello, This should no longer be detected. Thanks for reporting.

Hello, Think I figured out the issue. It was an IP that was blocked. It has since been cleaned so block will be removed next database update. Thanks for reporting.

Hello, Thanks for the report and file. This should no longer be detected. (may take a few minutes for your machine to reflect this)

So the file was detected by one of our heuristic engines. I couldn't tell you what exactly triggered the detection. That being said, you can probably prevent future detections by ensuring your files have a valid digital signature.

I have a premium subscription to virustotal so I can see a bunch more info about sites, files, etc. I could see a bunch of files related to your site and could download them. Mind you, the ones I grabbed were not detected but did allow me to get a wider variety between versions to create a prevention sig. There are many checks MBAM does when scanning the files. It is a machine learning detection. I'll try to find more info.

I whitelisted the one you provided. I also found several others on virustotal when I checked your site. I was able to grab enough files to create a rule to help prevent future detections. Hopefully that covers them. Thanks for reporting.

Hello, The file you provided and the one in your detection log are different. Do you have the one in your c:\temp as well please? This is so I can compare the 2 and potentially create a rule to exclude these and future versions. Thanks!

Hello, This block should no longer occur. Takes ~1/2 hour for updates to go out for BrowserGuard. You might need to update BG database manually. Thanks for reporting.

Hello again, Just a note to say the rule responsible for this detection will be removed. Update will be within a couple hours. Thanks for reporting.

Hello, I see your struggle. I tried the same as you BUT I renamed the shortcut itself to taskmanager once it was created. And no need to exclude anything. THAT works. (at least a workaround for now) We're looking into this. Will reply back when I get some feedback from my peers.

Hello, Indeed it was the IP that was blocked due to previous brute force attacks. That activity has stopped so IP will be unblocked. Domain was not blocked. Usually takes an hour or 2 for updates to go out. Thanks for reporting.

Hello, This should no longer be detected. (It'll take a few minutes for your machine to recognize this) Thanks for reporting.

Attachment removed. :)

Hello, This should no longer be detected. Thanks for reporting.

I see the attachment. It should no longer be detected. (give it a few moments) Thanks for reporting.

Hello, This should no longer be detected. Thank you for reporting.

Hello, These should no longer be detected. 2 files were fixed a while back, whitelisted AVR-GCC-RANLIB.EXE so it might take several minutes for it to no longer detect. Rootkit scanning is not enabled by default. You may want to disable that unless you think you have a rootkit infection. Rootkit scanning is really aggressive and does ignore some whitelisting which can result in false positives. If you decide to keep rootkit scanning on, just be aware of the possibility of false positives. Thanks for reporting.

Hi drinx, Sorry I missed the notification here. I gather you are no longer seeing the detection? It is possible MBAM couldn't reach hubble to 'see' that the file is not supposed to be detected. Hubble connection issues are infrequent and usually very brief. I'm not getting any detections here so it should be good. Let me know?

Hello, This will be fixed next BrowserGuard database update. Usually takes about 1/2 hour or so. Thanks for reporting.

Hello, This should no longer be detected. Also next database update will have fix out to prevent future detections of this software. Thanks for reporting.

Hello, This shouldn't be detected anymore. Also a fix going out in next update to prevent future detections of this software. Thanks for reporting.

Hello, These should no longer be detected shortly. Thanks for reporting.

Hello, These should no longer be detected either. Next update should resolve the detection issue with the exes you attached. Thanks for reporting.

Hello, This should no longer be detected. Thanks for reporting.

Hello, It seems it was the xmlrpc.php file on the site causing the block. Unfortunately I couldn't find the infected version. File looks clean now so site will be unblocked next database update. I'm fairly new to the web research and had to look up the content showing in the file (not showing here for obvious reasons). You may want to check settings on it so your site is not vulnerable to attack in the future. I found this page explains it quite well. https://blog.wpsec.com/xml-rpc/ Hope that helps.