Creepers05 Posted April 30, 2016 ID:1037496 Share Posted April 30, 2016 is this truly a PuP why exactly? is it malicious? Link to post Share on other sites More sharing options...
Staff screen317 Posted May 4, 2016 Staff ID:1037935 Share Posted May 4, 2016 Dear Creepers05, Thank you for bringing this to our attention. Upon further review, this detection will be removed with our next database version. This should be reflected in our regular database soon. Thank you, Link to post Share on other sites More sharing options...
Staff blender Posted May 4, 2016 Staff ID:1037959 Share Posted May 4, 2016 Hi Creepers05, Can you provide us with an MBAM detection log as well please so we can ensure complete fix for this false positive? If needed, here is how to gather the log info: Thanks! Link to post Share on other sites More sharing options...
Creepers05 Posted June 1, 2016 Author ID:1043073 Share Posted June 1, 2016 On 5/3/2016 at 10:44 PM, blender said: Hi Creepers05, Can you provide us with an MBAM detection log as well please so we can ensure complete fix for this false positive? If needed, here is how to gather the log info: Thanks! yes here it is MBAM Log Ultra surf.txt Link to post Share on other sites More sharing options...
Staff blender Posted June 1, 2016 Staff ID:1043075 Share Posted June 1, 2016 Thanks for the log. You should no longer be seeing this detection. Link to post Share on other sites More sharing options...
Gt-truth Posted June 9, 2016 ID:1044622 Share Posted June 9, 2016 hi I had the same issue ! mbam is still catch this software as a malware . I think Link to post Share on other sites More sharing options...
Staff blender Posted June 10, 2016 Staff ID:1044695 Share Posted June 10, 2016 Hi mrdodrop, If you are still seeing detections on this software with the latest database, please upload a log file as instructed above. If it is a file being detected, we will need the file as well. Instructions in the link I posted above. Thanks! Link to post Share on other sites More sharing options...
Gt-truth Posted June 11, 2016 ID:1044859 Share Posted June 11, 2016 21 hours ago, blender said: Hi mrdodrop, If you are still seeing detections on this software with the latest database, please upload a log file as instructed above. If it is a file being detected, we will need the file as well. Instructions in the link I posted above. Thanks! hi here is the both log file and software setup file u.zip mbam.log Link to post Share on other sites More sharing options...
thisisu Posted June 11, 2016 ID:1044869 Share Posted June 11, 2016 1 hour ago, mrdodrop said: hi here is the both log file and software setup file u.zip mbam.log Sorry for the inconvenience, the remaining detections are being removed now. Database version 2016.06.11.01 should fix any remaining detections of this software. Link to post Share on other sites More sharing options...
Gt-truth Posted June 11, 2016 ID:1044871 Share Posted June 11, 2016 7 minutes ago, thisisu said: Sorry for the inconvenience, the remaining detections are being removed now. Database version 2016.06.11.01 should fix any remaining detections of this software. thank you ! Link to post Share on other sites More sharing options...
Gt-truth Posted September 3, 2018 ID:1267350 Share Posted September 3, 2018 (edited) hi again MALWEARBYTES is yet again flagging this software as the today’s scan checks ! Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/3/18 Scan Time: 7:35 PM Log File: 6aab1397-af97-11e8-b155-00ffec958185.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.441 Update Package Version: 1.0.6627 License: Trial -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 222451 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 7 min, 49 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 PUP.Optional.UltraReach, C:\USERS\\DOWNLOADS\U.ZIP, Quarantined, [12694], [559342],1.0.6627 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) u.zip Edited September 3, 2018 by Gt-truth Link to post Share on other sites More sharing options...
Staff blender Posted September 5, 2018 Staff ID:1267737 Share Posted September 5, 2018 Hello, Thank you for reporting this once again. Next update it will be fixed again. Link to post Share on other sites More sharing options...
Gt-truth Posted December 9, 2018 ID:1285932 Share Posted December 9, 2018 (edited) On 9/5/2018 at 11:06 AM, blender said: Hello, Thank you for reporting this once again. Next update it will be fixed again. Hi @blender yes it was fixed as of your this reply at date September 5 but no not Again ! a new scan today is show that MALWAREBYTES is re-flag it Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/9/18 Scan Time: 8:59 PM Log File: 1b3f6b0e-fbdc-11e8-b43c-80c5f246c586.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8235 License: Trial -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 276261 Threats Detected: 2 Threats Quarantined: 0 Time Elapsed: 1 hr, 3 min, 47 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 2 Generic.Malware/Suspicious, C:\USERS\\DOWNLOADS\U(1).ZIP, No Action By User, [0], [392686],1.0.8235 Generic.Malware/Suspicious, C:\USERS\\DOWNLOADS\U.ZIP, No Action By User, [0], [392686],1.0.8235 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) Edited December 9, 2018 by Gt-truth Link to post Share on other sites More sharing options...
Staff blender Posted December 10, 2018 Staff ID:1286058 Share Posted December 10, 2018 Hello, Can you attach the u.zip please? I'd like to make sure it is the same file you attached last time or if it is an updated one. This is a Heuristics detection which is designed to target 0-day malware so although not very common, once in a while we still have false positives with this. Thanks! Link to post Share on other sites More sharing options...
Gt-truth Posted December 11, 2018 ID:1286246 Share Posted December 11, 2018 hi OK ! here are both zip’s files ! however , not sure if the latest version of the Ultrasurf is being detect by MALWARBYTES or not but I’m going to download the latest version right now! u.zip u(1).zip Link to post Share on other sites More sharing options...
Gt-truth Posted December 11, 2018 ID:1286249 Share Posted December 11, 2018 OK! here is the latest version of the software. u(2).zip Link to post Share on other sites More sharing options...
Staff blender Posted December 11, 2018 Staff ID:1286255 Share Posted December 11, 2018 u, u(1) fixed. Looking at u(2) I think most of the AV at Virustotal hate it because 1, it is packed, 2, it alters proxy settings. It might take a few minutes for MBAM to see the fix on your end. Link to post Share on other sites More sharing options...
Staff blender Posted December 11, 2018 Staff ID:1286280 Share Posted December 11, 2018 The newer version you posted is not detected so it is good to go. To help explain these "MachineLearning" or "Suspicious" detections... Please see: Thanks for reporting! Link to post Share on other sites More sharing options...
Gt-truth Posted December 14, 2018 ID:1287171 Share Posted December 14, 2018 On 12/11/2018 at 11:24 AM, blender said: u, u(1) fixed. Looking at u(2) I think most of the AV at Virustotal hate it because 1, it is packed, 2, it alters proxy settings. It might take a few minutes for MBAM to see the fix on your end. it still catch both . so do I need to delete both files from my system and go with latest version only ? On 12/11/2018 at 12:23 PM, blender said: The newer version you posted is not detected so it is good to go. To help explain these "MachineLearning" or "Suspicious" detections... Please see: Thanks for reporting! OK ! your welcome Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now