Jump to content

We are suspecting false positives


Recommended Posts

Just now, cli said:

No, it only gives me the detection name and file name and from the quarantine folder, I was able to recover only some of the files.

Just trying to assist the user. Guess we have to wait for the OP to respond.

Link to post
Share on other sites
  • Staff
21 minutes ago, REGITDept said:

cli,

I have included that in the initial post.

Thanks.

I thought there might be additional logs in there.
 

Also, it's odd because I scanned the files in Quarrantined.zip and not seeing any of them being detected. For example, 

windows_wlan.exe - Backdoor.RevengeRAT.MSIL
https://www.virustotal.com/gui/file/da77035d3363da6f57ae6cce593a6cd77ac630f3aff1c94f35df4ea31e3aea71/detection
 

Excel.exe  - Trojan.Malpack.VB

https://www.virustotal.com/gui/file/fa70b41c7e3c7a9122132524a5db3b2f48da9568c36bd97b71e78bc523d2a146/detection

 

I'm going to continue digging.

Link to post
Share on other sites
3 minutes ago, cli said:

I thought there might be additional logs in there.
 

Also, it's odd because I scanned the files in Quarrantined.zip and not seeing any of them being detected. For example, 

windows_wlan.exe - Backdoor.RevengeRAT.MSIL
https://www.virustotal.com/gui/file/da77035d3363da6f57ae6cce593a6cd77ac630f3aff1c94f35df4ea31e3aea71/detection
 

Excel.exe  - Trojan.Malpack.VB

https://www.virustotal.com/gui/file/fa70b41c7e3c7a9122132524a5db3b2f48da9568c36bd97b71e78bc523d2a146/detection

 

I'm going to continue digging.

Yes, very weird because it only happened once to only this one client.

Thanks.

Link to post
Share on other sites
  • Staff

Oh I see. The client might have had a corrupt database since it was limited to just that client and I wasn't able to reproduce the detection. 

However, please let us know if you're seeing the detection again. Thanks.

Edited by cli
Link to post
Share on other sites
On 6/25/2020 at 5:16 AM, shadowwar said:

Just a tip. May want to see about upgrading to the latest available version. Whitelisting and protection are greatly improved and things like this should not happen with the latest version available. 

shadowwar,

There is a newer version under the Malwarebytes Endpoint Security?

Thanks.

Link to post
Share on other sites
On 7/1/2020 at 10:34 AM, shadowwar said:

You may want to talk to your business rep but i believe you would have to upgrade to the cloud version. 

 

shadowwar,

But isn't this more of a different product than an upgrade? One is cloud-based, and one is on premise based?

We would like to see an update to the on premise.

Thanks.

Link to post
Share on other sites
  • Staff

Please see here:

https://www.malwarebytes.com/upgrade/mbes-to-ep

or

https://www.malwarebytes.com/upgrade/mbes-to-teams

I am just in research so i dont really have the sales knowledge. The product has a client that runs on the machine but is cloud managed. 

 

Malwarebytes Endpoint Security product will be discontinued/end of life  on August 4, 2021

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.