• Content count

  • Joined

  • Last visited

  • Days Won


About thisisu

  • Rank
    Research Engineer

Recent Profile Visitors

13,934 profile views
  1. False Positive

  2. MachineLearning/Anomalous.100%

    Thanks. Confirmed it was a false positive and it should now be fixed. Might need to wait up to 10 minutes to see the effects on your end.
  3. MachineLearning/Anomalous.100%

    Thanks for the log. I understand your concerns. Can you try sending it to me via private message?
  4. MachineLearning/Anomalous.100%

    Hi, In order to fix false positives we need some information. Please read:
  5. False Positive

    Hi, This is detected by our MachineLearning/heauristic engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore
  6. Why did MBAM flag Azureus.exe as malware?

    Moving this to appropriate sub-forum (Website Blocking)
  7. Why did MBAM flag Azureus.exe as malware?

    1. Software that is considered risky. 2. I need more information to answer that. Please attach your MBAM log showing the detection. Also zip and attach the Azureus.exe file for analysis in order to confirm whether it is a false positive or not. Please read:
  8. False Positive - BNA Turbo/Spoon plugin

    Hi alicias, In order for me to fix this, I need some more information. For example, the log file from MBAM showing the detection. See below for more details:
  9. Confirmed it is FP (BCEA894F9A9ABCCF87168BD61804A2F1). Will be fixed in next update. Sorry for the inconvenience, Oliver. Regards
  10. validator.exe false positive

    Hello. I've whitelisted these latest two in the meantime: ed3511231089c327db4858504e75d261 ac50d662b8473ad4db91009642601fce Sorry for the inconvenience. @steve1717 Were you able to find the MBAMService.log file at C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMService.log? If you, can you please attach that one? I don't see it in your previous post.
  11. false positive rsync

    Hi Lester, Sorry for the inconvenience with this. The below file is now whitelisted 03/30/18 " 15:00:13.059" 28454515 3120 31e8 INFO AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::ArwShimDetectionCallback "ArwControllerImplHelper.cpp" 1102 "Received threat detection callback from ARW SDK, ObjectPath=C:\cygwin64\bin\rsync.exe, Sha256Hash=13b9f6fdcbdbfeb1d5e9ea85ffc68fefa7d72cabcde65059699440bd6a74b102" Let us know if you continue to experience an issue with this file being detected. Regards
  12. Werfault.exe Trojan.ServStart

    Is being fixed now. Sorry for the inconvenience
  13. Zygor Guides

    Hi, Thanks for reporting. Yes, it looks like a false positive. However, this is a generic rule that has been in the database for over a year. So I'm thinking something with Zygor guide's was updated and therefore it is now detected by us. We'll see what we can do on our end to avoid further wrongful detection. In the meantime, I recommend adding these detections to your exclusions list. Here's how:
  14. False Positive

    Thanks Chris, It should no longer be detected