Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

PuP ultra surf


Creepers05
 Share

Recommended Posts

  • 4 weeks later...
  • 2 weeks later...
21 hours ago, blender said:

Hi mrdodrop,

If you are still seeing detections on this software with the latest database, please upload a log file as instructed above. If it is a file being detected, we will need the file as well. Instructions in the link I posted above.

Thanks!

hi

here is the both log file and software setup file

u.zip

mbam.log

Link to post
Share on other sites

  • 2 years later...

hi again

MALWEARBYTES is yet again flagging this software as the today’s scan checks !

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/3/18
Scan Time: 7:35 PM
Log File: 6aab1397-af97-11e8-b155-00ffec958185.json

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.441
Update Package Version: 1.0.6627
License: Trial


-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 222451
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 7 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
PUP.Optional.UltraReach, C:\USERS\\DOWNLOADS\U.ZIP, Quarantined, [12694], [559342],1.0.6627


Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

u.zip

Edited by Gt-truth
Link to post
Share on other sites

  • 3 months later...
On 9/5/2018 at 11:06 AM, blender said:

Hello,

Thank you for reporting this once again. Next update it will be fixed again.

Hi @blender

yes it was fixed as of your this reply at date September 5 but no not Again ! a new scan today is show that MALWAREBYTES is re-flag it

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/9/18
Scan Time: 8:59 PM
Log File: 1b3f6b0e-fbdc-11e8-b43c-80c5f246c586.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.8235
License: Trial


-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 276261
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 1 hr, 3 min, 47 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Generic.Malware/Suspicious, C:\USERS\\DOWNLOADS\U(1).ZIP, No Action By User, [0], [392686],1.0.8235
Generic.Malware/Suspicious, C:\USERS\\DOWNLOADS\U.ZIP, No Action By User, [0], [392686],1.0.8235

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

Edited by Gt-truth
Link to post
Share on other sites

  • Staff

Hello,

Can you attach the u.zip please? I'd like to make sure it is the same file you attached last time or if it is an updated one.
This is a Heuristics detection which is designed to target 0-day malware so although not very common, once in a while we still have false positives with this.

Thanks!

Link to post
Share on other sites

On 12/11/2018 at 11:24 AM, blender said:

u, u(1) fixed. Looking at u(2)
I think most of the AV at Virustotal hate it because 1, it is packed, 2, it alters proxy settings.
It might take a few minutes for MBAM to see the fix on your end.

it still catch both . so do I need to delete both files from my system and go with latest version only ?

 

On 12/11/2018 at 12:23 PM, blender said:

The newer version you posted is not detected so it is good to go.

To help explain these "MachineLearning" or "Suspicious" detections...

Please see:

Thanks for reporting!

 

OK ! your welcome

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.