Jump to content

Recommended Posts

With MBAM database version 2017.10.25.11 we are seeing c:\program files\rhinoceros 5 (64-bit)\plug-ins\rdk.rhp being detected as Spyware.Pony and Quarantined. I'm suspicious that this is a false-positive. The scan log and sample are attached. The log file was generated using mbam.exe /developer. The log file says "no action taken" but the file was quarantined.

Please advise.

MBAM-log-2017-10-25 (19-15-53)_.txt

rdk.zip

Link to post
Share on other sites

Hey Tammy or whomever is listening,

The problem is back. We were doing well until v2017.10.26.06. With that version of the definitions the file is getting quarantined again but flagged for Delete on Reboot.

Spyware.Pony delete-on-reboot          C:\Program Files\Rhinoceros 5 (64-bit)\Plug-ins\rdk.rhp

Please advise!

 

Link to post
Share on other sites

Hi Tammy, I'm working on getting you that log file. The scan to produce it is taking a while.

When I tested this morning on a couple of computers and no longer had the false-positive detection the computers had db version 2017.10.26.3 and I think .2. When computers started receiving v2017.10.26.6 we started seeing the false-positive again along with the new statement of "Delete-on-Reboot".

Thanks again for your replies.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.