Differentunic
-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Differentunic
-
-
The Minecraft launcher and shortcut files are classified as malware by malwarebytes. I am suspicious that this is a false positive as the file has not been updated, and has not been detected in the past.
See logs below:
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 8/19/20
Scan Time: 9:30 PM
Log File: 66bfd7f6-e20f-11ea-a916-6c2b5977f5e7.json-Software Information-
Version: 4.1.2.73
Components Version: 1.0.1003
Update Package Version: 1.0.28715
License: Premium-System Information-
OS: Windows 10 (Build 18362.959)
CPU: x64
File System: NTFS
User: DESKTOP-DDCQ9ST\maxt8-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 364934
Threats Detected: 3
Threats Quarantined: 0
Time Elapsed: 6 min, 37 sec-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect-Scan Details-
Process: 0
(No malicious items detected)Module: 0
(No malicious items detected)Registry Key: 0
(No malicious items detected)Registry Value: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Data Stream: 0
(No malicious items detected)Folder: 0
(No malicious items detected)File: 3
Malware.AI.4289595226, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Minecraft Launcher.lnk, No Action By User, 1000000, 0, , , , , A26E109E175AE246660A946EB03C179B, 603F2B35D6A97520727CAAD0EB390C7DE6A122A430F9B36B1A69010D117BEBCD
Malware.AI.4289595226, C:\USERS\PUBLIC\Desktop\Minecraft Launcher.lnk, No Action By User, 1000000, 0, , , , , A26E109E175AE246660A946EB03C179B, 603F2B35D6A97520727CAAD0EB390C7DE6A122A430F9B36B1A69010D117BEBCD
Malware.AI.4289595226, C:\PROGRAM FILES (X86)\MINECRAFT LAUNCHER\MINECRAFTLAUNCHER.EXE, No Action By User, 1000000, 0, 1.0.28715, 6FDC65347CCD00E2FFAE075A, dds, 00858853, 49DEDAE3837705AB9AE041B00914DBA5, D9CDCF6FAE6BD3DDC5C8A61B4453A75F5516B71E518EE3E410FA8DF591940E70Physical Sector: 0
(No malicious items detected)WMI: 0
(No malicious items detected)
(end) -
It's fixed the problem. I thought Malwarebytes searched for updates every scan.
Sorry for any troubles
Thanks
-
I have just updated pip, which is a python package installer to version 20.2.2. The pip command has been working perfectly for me before the update and is only picked up by real-time. A manual scan does no detect, nor flag this file.
This is the log for real-time detection as it is not detected by a makual scan.
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 8/18/20
Protection Event Time: 11:40 AM
Log File: c5528b14-e0f3-11ea-881d-6c2b5977f5e7.json-Software Information-
Version: 4.1.2.73
Components Version: 1.0.1003
Update Package Version: 1.0.28641
License: Premium-System Information-
OS: Windows 10 (Build 18362.959)
CPU: x64
File System: NTFS
User: System-Blocked Malware Details-
File: 1
Malware.Heuristic.105, C:\Users\maxt8\AppData\Local\Programs\Python\Python38-32\Scripts\pip.exe, Quarantined, 1000001, 0, 1.0.28641, 000000000000000000000069, dds, 00856751, 76EEE2CD54C8CD6C03CE395F59E1CDBC, 8B5C4778532C157FB3224EE3BADC2D6CD9C4CB2CB1D91411A73B321A0DF533FE
(end)Detected file is attached below.
-
It worked, there aren't anymore notifications, thanks.
-
I made an excel spreadsheet that malwarebytes blocks due to an "exploit". All I do to get this is click on a hyperlink.
Here is the report:
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 5/11/20
Protection Event Time: 8:47 PM
Log File: beb3c3f8-9374-11ea-a1af-6c2b5977f5e7.json-Software Information-
Version: 4.1.0.56
Components Version: 1.0.896
Update Package Version: 1.0.23664
License: Premium-System Information-
OS: Windows 10 (Build 18362.778)
CPU: x64
File System: NTFS
User: System-Exploit Details-
File: 0
(No malicious items detected)Exploit: 1
Malware.Exploit.Agent.Generic, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -- https:\www.carsales.com.au\, Blocked, 0, 392684, 0.0.0-Exploit Data-
Affected Application: Microsoft Office Excel
Protection Layer: Application Behavior Protection
Protection Technique: Exploit payload process blocked
File Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -- https:\www.carsales.com.au\
URL:(end)
Sandbox.23 detection for ARTURIA uninstall and PatchWorks_is1 registry key
in File Detections
Posted
None of these files were previously detected, and I have reason to believe that they are false positives. I'm not certain what the registry key is for or if it is genuinely malicious.
Scan results attached
detections.txt