Jump to content

MCCLAUNCHER.EXE - Believed to be False Positive.


Recommended Posts

  • Staff

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/
Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

 

Link to post
Share on other sites

Oh and amazingly fast response by the way and impressed a director is on the front line. Think i will buy a license if i get that level of response to reported malware? Microsoft, Symantec, and many various others I have used as head of infrastructure @ financials take at least a day.

What is your testing cycle time for updates? i.e. if i report something, you test it, agree its malware, how long until updated detection hash / AI update is out of the door?

 

 

Link to post
Share on other sites
  • Staff

We try our best as we can to respond to false positives and false negatives as fast as possible :)

As for fixing a false positive, this depends. In most of the cases, it's quite obvious already it's a false positive and not malware, so verifying goes quite fast.

As for updating/fixing this, this all depends which of our engines detected this, as we have a few of our own engines. In this case, it was detected by our machinelearning engine, so fixing a false positive should no longer take than 10 minutes. Regular detection rules (non machinelearning) might take a littlebit longer, but no longer than an hour.

Hope this answers your questions. :)

Link to post
Share on other sites
  • Staff
1 minute ago, TheVogon said:

(i am someone who bothers to report zero day malware to at least 3 virus products when i frequently come across it, you are not on my list as I have not tried. Being able to simply email it to an address as per Kaspersky is ideal.)

We unfortunately don't have a mailing list for this (as this is often abused), but I will send you a private message of a mail you can use to submit samples to us. :)

 

Link to post
Share on other sites
4 minutes ago, miekiemoes said:

We try our best as we can to respond to false positives and false negatives as fast as possible :)

As for fixing a false positive, this depends. In most of the cases, it's quite obvious already it's a false positive and not malware, so verifying goes quite fast.

As for updating/fixing this, this all depends which of our engines detected this, as we have a few of our own engines. In this case, it was detected by our machinelearning engine, so fixing a false positive should no longer take than 10 minutes. Regular detection rules (non machinelearning) might take a littlebit longer, but no longer than an hour.

Hope this answers your questions. :)

That response is enough to persuade me to buy a license. Will purchase on my registered email here.

I'm not clear on the real question though. From when you find a binary is Malware in your lab, allowing for normal testing / deployment / batching of other updates, how long until its available to users? Just want to understand your test / release cycle please.

(The only real competition for Malware Bytes in terms of zero day detection in my experience at least that is available to consumers is Kaspersky.) 🙂

 

 

Link to post
Share on other sites
  • Staff

If malware, then it also depends - as we need to need to compare with other similar samples to write a good detection rule. But usually, once the malicious sample arrived in our system, it no longer takes than 1 day before the detection rule is out for the customer. Usually it's a lot earlier than that as well (sometimes within 2 hours or the hour). Then again, this all depends on the load/queue of pending samples we have. :)

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.