Jump to content

blender

Staff
  • Posts

    1,772
  • Joined

  • Last visited

Reputation

113 Excellent

4 Followers

About blender

Contact Methods

  • Website URL
    https://www.malwarebytes.com

Recent Profile Visitors

16,273 profile views
  1. Hello, This will be unblocked. Usually takes about an hour or so for the updates to reach everyone. Thanks for reporting.
  2. Hello, This has been fixed. It should only take a few minutes. Thank you for reporting.
  3. Hello, This should no longer be detected shortly. I think most of the AV hits at virustotal are because of the packer used in the program. https://www.virustotal.com/gui/file/4dbc39d84a00bc18dd0469cd82e29794e5e33d15c6d1b2e90fb27679faec6260/detection Thank you for reporting.
  4. Hello, This should be fixed next database update. It'll be detected as Hacktool.GameHack. Thank you for the report.
  5. Thanks for the logs. Everything looks OK. There was only that 1 actual file which was probably in use by the installer/updater you ran so the installer couldn't totally clean up. That file has since been whitelisted. All the rest of the detections were just empty folders. It just so happened that MBAM detected that random name folder in temp based on an old rule. It'll probably never happen again. If you didn't already, you can delete that folder in temp and be done with it. If you didn't already, you can delete the support tool you downloaded and the zip it created as well as FRSTEnglish.exe (in downloads) Hope the rest of your day is full of awesome.
  6. Given that you said earlier that a bunch of files were detected but log you posted had only 1 file detected, let's grab some logs to make sure nothing else is going on here. Please download file from this link: https://downloads.malwarebytes.com/file/mbst Save file Run file Click advanced & generate logs. File called mbst_grab_results.zip will be created to your desktop. I'll send PM where to send logs as it'll be too big to attach here. Thanks!
  7. Those nsis installers do create random name folders in temp. Usually the installer cleans up after. Highly unlikely to have that again with the folder with njrat in its name.
  8. Hello, Yes, that file in the log is indeed legit. We'll whitelist it to prevent future detection. It was a very generic detection that could have caused a false positive in this case but since the FP rate is really low, we'll be keeping the detection. It should be OK to delete anyway since it is just in your temp folder.
  9. Hello, Thanks for the report. Site shouldn't be blocked anymore. Give it about 1/2 hour then try again. If still blocked, you may need to update Browser Guard database. How to if needed: Click BG icon in browser toolbar > 3 dots beside settings gear > support > check for database updates. Because I don't have an account on that site, I couldn't try logging in to reproduce what you saw. If you can grab me some logs, that would be great. Click BG icon in browser toolbar > 3 dots beside settings gear > support > Download debug logs. Best to zip before attaching as it is usually about 5MB. Thanks!
  10. Hello, I'm not getting a detection locally. Possible it has already been fixed. If not, can I get you to grab me another log? Log I'll need is here: C:\ProgramData\Malwarebytes\MBAMService\ScanResults Name if it will look something like 5cfdaca4-e335-11ee-bedc-2cd26bcc51f6.json (name of your log for the "scan output 2.txt") Easiest to sort them by "date modified" and grab the newest one that is around 6kb. COPY it out somewhere easier to work with such as your desktop. Attach that to your next reply. If the forum software complains, just zip it and attach the zipped one. Once attached, you can delete the zip off your desktop if you want. Thanks!
  11. Hello, Probably not a false positive. We detect SystemRequirementsLab as a PUP or riskware. If you want to have us check if your particular detection is a false positive or legit detection, you can attach the quarantined file. File will be located here: C:\ProgramData\Malwarebytes\MBAMService\Quarantine If you have multiple quarantined items in there, sort by date and attach the bigger of the 2 files from today. The .QUAR file is the file itself that was detected, the .DATA is basically the log file so it is small. We need the .QUAR file. If it is larger than say 5MB, please zip it before attaching. (may need to copy it to your desktop first) Thanks.
  12. Usually updates go out near hourly. If you are still getting blocked, indeed you can add the site to your exclusion list.
  13. Hello, It looks like when it was blocked, there was a malicious script on the site. It has been since cleaned up so block will be removed next database update. Thanks for reporting.
  14. Hello, Looks like this one has been whitelisted. Thanks for reporting.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.