Jump to content

Differentunic

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

 Content Type 

Posts posted by Differentunic

    Minecraft Launcher Detected. False Positive?

    in File Detections

    Posted

    The Minecraft launcher and shortcut files are classified as malware by malwarebytes. I am suspicious that this is a false positive as the file has not been updated, and has not been detected in the past.  

    See logs below:

     

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 8/19/20
    Scan Time: 9:30 PM
    Log File: 66bfd7f6-e20f-11ea-a916-6c2b5977f5e7.json

    -Software Information-
    Version: 4.1.2.73
    Components Version: 1.0.1003
    Update Package Version: 1.0.28715
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.959)
    CPU: x64
    File System: NTFS
    User: DESKTOP-DDCQ9ST\maxt8

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 364934
    Threats Detected: 3
    Threats Quarantined: 0
    Time Elapsed: 6 min, 37 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 3
    Malware.AI.4289595226, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Minecraft Launcher.lnk, No Action By User, 1000000, 0, , , , , A26E109E175AE246660A946EB03C179B, 603F2B35D6A97520727CAAD0EB390C7DE6A122A430F9B36B1A69010D117BEBCD
    Malware.AI.4289595226, C:\USERS\PUBLIC\Desktop\Minecraft Launcher.lnk, No Action By User, 1000000, 0, , , , , A26E109E175AE246660A946EB03C179B, 603F2B35D6A97520727CAAD0EB390C7DE6A122A430F9B36B1A69010D117BEBCD
    Malware.AI.4289595226, C:\PROGRAM FILES (X86)\MINECRAFT LAUNCHER\MINECRAFTLAUNCHER.EXE, No Action By User, 1000000, 0, 1.0.28715, 6FDC65347CCD00E2FFAE075A, dds, 00858853, 49DEDAE3837705AB9AE041B00914DBA5, D9CDCF6FAE6BD3DDC5C8A61B4453A75F5516B71E518EE3E410FA8DF591940E70

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

     

     

    Python - pip.exe Detected

    in File Detections

    Posted

    I have just updated pip, which is a python package installer to version 20.2.2. The pip command has been working perfectly for me before the update and is only picked up by real-time. A manual scan does no detect, nor flag this file.

     

    This is the log for real-time detection as it is not detected by a makual scan.

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 8/18/20
    Protection Event Time: 11:40 AM
    Log File: c5528b14-e0f3-11ea-881d-6c2b5977f5e7.json

    -Software Information-
    Version: 4.1.2.73
    Components Version: 1.0.1003
    Update Package Version: 1.0.28641
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.959)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Malware Details-
    File: 1
    Malware.Heuristic.105, C:\Users\maxt8\AppData\Local\Programs\Python\Python38-32\Scripts\pip.exe, Quarantined, 1000001, 0, 1.0.28641, 000000000000000000000069, dds, 00856751, 76EEE2CD54C8CD6C03CE395F59E1CDBC, 8B5C4778532C157FB3224EE3BADC2D6CD9C4CB2CB1D91411A73B321A0DF533FE


    (end)

     

    Detected file is attached below.

    pip-flagged.zip

    Malwarebytes blocking excel

    in Exploit

    Posted

    I made an excel spreadsheet that malwarebytes blocks due to an "exploit". All I do to get this is click on a hyperlink.

    Here is the report:

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 5/11/20
    Protection Event Time: 8:47 PM
    Log File: beb3c3f8-9374-11ea-a1af-6c2b5977f5e7.json

    -Software Information-
    Version: 4.1.0.56
    Components Version: 1.0.896
    Update Package Version: 1.0.23664
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.778)
    CPU: x64
    File System: NTFS
    User: System

    -Exploit Details-
    File: 0
    (No malicious items detected)

    Exploit: 1
    Malware.Exploit.Agent.Generic, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -- https:\www.carsales.com.au\, Blocked, 0, 392684, 0.0.0

    -Exploit Data-
    Affected Application: Microsoft Office Excel
    Protection Layer: Application Behavior Protection
    Protection Technique: Exploit payload process blocked
    File Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -- https:\www.carsales.com.au\
    URL: 

    (end)

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.