Jump to content

thisisu

Staff
  • Content count

    3,273
  • Joined

  • Last visited

  • Days Won

    4

About thisisu

  • Rank
    Research Engineer

Recent Profile Visitors

14,547 profile views
  1. thisisu

    Potential false positive

    Thank you. It is a false positive and will be fixed in an upcoming update. Sorry for the inconvenience
  2. thisisu

    Potential false positive

    Still need the following file: C:\Program Files\WinRAR\Default.SFX Your logs also aren't showing a detection
  3. thisisu

    Nexus.exe flagged as ransomware (again)

    Ok, thanks for letting me know. I'm not sure about the upload error, that could be due to some type of forum maintenance or limitation on file size. If the detection occurs again, try attaching this log file: C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.LOG Sorry for the inconvenience with the detection earlier.
  4. thisisu

    Nexus.exe flagged as ransomware (again)

    Hi, Please zip and attach C:\Program Files (x86)\Winstep\nexus.exe so we can whitelist this one too. Thanks
  5. thisisu

    False positive Anamolous 100%

    Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore. If still detected on your end after ~10 minutes from now. Perform the following steps: Totally exit/shutdown Malwarebytes. Go to here in explorer: C:\ProgramData\Malwarebytes\MBAMService and delete the following file only: hubblecache. it doesn't have a file extension Then you can restart MBAM and the cache file will rebuild on the next scan.
  6. Fixed in: MBAM2 Version: v2018.07.23.10 MBAM3 Version: 1.0.6029 Please update. Sorry for the inconvenience
  7. That's ok. Sorry I should have clarified. Only needed GyazoGIF.exe which you included. Thanks
  8. Can you zip and attach the file that was being quarantined please?
  9. Thanks for reporting. It will be fixed in the next update
  10. thisisu

    False positive executables WORKSHELF & SBE

    Hi, Thanks for reporting. Are you still experiencing issues with these being detected? They were already whitelisted when I looked them up. If there is still a problem, please attach C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.LOG 9EA23CB45EFF8CEF2EBEF047010A7B2A 1227278576F8963B2A40C4564A78D923
  11. thisisu

    False positive for Capella 8 Ransomware

    Thanks. It's a false positive but I wasn't able to reproduce the detection you saw. I've whitelisted the file you attached, let me know if that fixes the issue for you or not. If there is still a problem, please attach C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.LOG so we can get a better understanding. Regards 3F01631503DD3E5EE8C5E7BD6D54713B
  12. thisisu

    False positive for Capella 8 Ransomware

    Hi SineNomine, Can you attach that file which is in your screenshot so that we may review it? Thanks
  13. thisisu

    False positive Anamolous 100%

    They were different hashes 3342B6EE7FB97EA68D33A636A4A77F8D vs CDD39E654E8275B33A17D35A7AB78348 Both are now whitelisted. Sorry for the inconvenience.
  14. thisisu

    MachineLearning/Anomalous.96%

    This one should be fixed too. Sorry for the inconvenience.
  15. thisisu

    False positive Anamolous 100%

    Thank you. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore. If still detected on your end after ~10 minutes from now. Perform the following steps: Totally exit/shutdown Malwarebytes. Go to here in explorer: C:\ProgramData\Malwarebytes\MBAMService and delete the following file only: hubblecache. It doesn't have a file extension Then you can restart MBAM and the cache file will rebuild on the next scan.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.