Jump to content

We are suspecting false positives

REGITDept

By REGITDept
in File Detections

 Share

Recommended Posts

  • Staff
cli

cli

Posted
  • Staff
Posted
21 minutes ago, REGITDept said:

cli,

I have included that in the initial post.

Thanks.

I thought there might be additional logs in there.
 

Also, it's odd because I scanned the files in Quarrantined.zip and not seeing any of them being detected. For example, 

windows_wlan.exe - Backdoor.RevengeRAT.MSIL
https://www.virustotal.com/gui/file/da77035d3363da6f57ae6cce593a6cd77ac630f3aff1c94f35df4ea31e3aea71/detection
 

Excel.exe  - Trojan.Malpack.VB

https://www.virustotal.com/gui/file/fa70b41c7e3c7a9122132524a5db3b2f48da9568c36bd97b71e78bc523d2a146/detection

 

I'm going to continue digging.

Link to post
Share on other sites
REGITDept

REGITDept

Posted
  • Author
Posted
3 minutes ago, cli said:

I thought there might be additional logs in there.
 

Also, it's odd because I scanned the files in Quarrantined.zip and not seeing any of them being detected. For example, 

windows_wlan.exe - Backdoor.RevengeRAT.MSIL
https://www.virustotal.com/gui/file/da77035d3363da6f57ae6cce593a6cd77ac630f3aff1c94f35df4ea31e3aea71/detection
 

Excel.exe  - Trojan.Malpack.VB

https://www.virustotal.com/gui/file/fa70b41c7e3c7a9122132524a5db3b2f48da9568c36bd97b71e78bc523d2a146/detection

 

I'm going to continue digging.

Yes, very weird because it only happened once to only this one client.

Thanks.

Link to post
Share on other sites
  • Staff
cli

cli

Posted
  • Staff
Posted (edited)

Oh I see. The client might have had a corrupt database since it was limited to just that client and I wasn't able to reproduce the detection. 

However, please let us know if you're seeing the detection again. Thanks.

Edited by cli
Link to post
Share on other sites
REGITDept

REGITDept

Posted
  • Author
Posted
On 6/25/2020 at 5:16 AM, shadowwar said:

Just a tip. May want to see about upgrading to the latest available version. Whitelisting and protection are greatly improved and things like this should not happen with the latest version available. 

shadowwar,

There is a newer version under the Malwarebytes Endpoint Security?

Thanks.

Link to post
Share on other sites
REGITDept

REGITDept

Posted
  • Author
Posted
On 7/1/2020 at 10:34 AM, shadowwar said:

You may want to talk to your business rep but i believe you would have to upgrade to the cloud version. 

 

shadowwar,

But isn't this more of a different product than an upgrade? One is cloud-based, and one is on premise based?

We would like to see an update to the on premise.

Thanks.

Link to post
Share on other sites
  • Staff
shadowwar

shadowwar

Posted
  • Staff
Posted

Please see here:

https://www.malwarebytes.com/upgrade/mbes-to-ep

or

https://www.malwarebytes.com/upgrade/mbes-to-teams

I am just in research so i dont really have the sales knowledge. The product has a client that runs on the machine but is cloud managed. 

 

Malwarebytes Endpoint Security product will be discontinued/end of life  on August 4, 2021

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.