Jump to content

TheDrgn

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you so much for you quick and simple help!
  2. Hello, I want to have someone look at files that Malwarebytes flagged as malware on my pc. I will be attaching the zip files of the 5 files detected as well as the report given by the Malwarebytes application. I belive these are false positives as Virus total only found one detection and said it was a file from EA (all of the files come from the "Battlefield 4") storage in my steam folder. 5 detections.txt Cleanup 4.zip Cleanup 5.zip Cleanup.zip Cleanup 2.zip Cleanup 3.zip
  3. Including the windows assembly ones that is
  4. So all the files are clear of malware?
  5. Here are all of the ISSetup files I am able to send that were detected. The Windows assembly ones I am having trouble with. ISSetup (2).zip ISSetup (3).zip ISSetup (4).zip ISSetup (5).zip ISSetup (6).zip ISSetup (7).zip ISSetup (8).zip ISSetup (9).zip ISSetup (10).zip ISSetup (11).zip ISSetup (12).zip ISSetup (13).zip ISSetup.zip
  6. Hi, I was wondering if I could get conformation that these are false positives. I am running a free trial of Malwarebytes premium at the moment and I turned on the "Use expert system algorithms to identify malicious files." Then I left it on a full custom scan (C, D, and E drives with all options on) and I let it run while I was away. When I came back I saw that it had 10 file detections: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/20/21 Scan Time: 1:29 PM Log File: 140c442c-b9aa-11eb-9fd7-8c04ba992800.json -Software Information- Version: 4.3.3.116 Components Version: 1.0.1292 Update Package Version: 1.0.40702 License: Trial -System Information- OS: Windows 10 (Build 19043.985) CPU: x64 File System: NTFS User: DESKTOP-0U77RA8\510co -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 686239 Threats Detected: 10 Threats Quarantined: 10 Time Elapsed: 48 min, 34 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 10 Malware.Heuristic.1001, C:\PROGRAM FILES (X86)\INSTALLSHIELD INSTALLATION INFORMATION\{2BFB2C26-CC8B-4F2B-B5C9-E2131DEFED5C}\ISSETUP.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003E9, dds, 01253903, C2565BCCA73137DD2D3C2F7C268B47B0, 6C544FEED9B986FDC3FFC815FD512A89ADFDFE0A044787DEE33F5A5E0B62B207 Malware.Heuristic.1001, C:\PROGRAM FILES (X86)\INSTALLSHIELD INSTALLATION INFORMATION\{822AAF78-06DB-4C14-85A2-BCE22E3B81A9}\ISSETUP.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003E9, dds, 01253903, CE2652E8222DC72EE05AFC208408F1EB, 45E98EBC6C1842B230188CC723D1F8686AF04B3FB43B5236C35123C7D7AEFB05 Malware.Heuristic.1001, C:\PROGRAM FILES (X86)\INSTALLSHIELD INSTALLATION INFORMATION\{A4114DAF-C7EB-477F-B984-8A45FBA745E3}\ISSETUP.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003E9, dds, 01253903, CCC707703DCA3D3BC914E4111FD086DD, 8BBBC6E00ACEC987D12EE4C9208E347EEB8544DF2C4F76A4A2D17910E3033051 Malware.Heuristic.1001, C:\PROGRAM FILES (X86)\INSTALLSHIELD INSTALLATION INFORMATION\{342330C8-D6E1-4522-AF15-2E457BC58464}\ISSETUP.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003E9, dds, 01253903, 98C1A5C6788D06FAC4DDBD1829CECD10, 628284D1EA59EAF16B9D068D1FA9F4D69B0A9410F9A956B9ADD031EB3EEEC6CA Malware.Heuristic.1001, C:\PROGRAM FILES (X86)\INSTALLSHIELD INSTALLATION INFORMATION\{8C91E386-C6DD-4387-AD74-415895342AE5}\ISSETUP.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003E9, dds, 01253903, B8CF2E07B6461FADFE6B8F13D3E8BA28, 87B435984155D61C8594B7ACD8002ABC4CB69EB34A31D48F61199243323BFCB8 Malware.Heuristic.1001, C:\PROGRAM FILES (X86)\INSTALLSHIELD INSTALLATION INFORMATION\{A5015A20-3D3D-427D-9783-73FB369BD6B9}\ISSETUP.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003E9, dds, 01253903, 7C64586830766A39F5255429B442CFE0, A889348D7A4671B941D665C44E6B551CEDC325CEF3FCE77AE0A4690548502ED0 Malware.Heuristic.1003, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\A62478EFA06D171B98CCCE5EFE8FF2CE\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.HOSTADAPTER.V10.0.NI.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003EB, dds, 01253903, BDD49153589DDE19C50DD5C65A3A64F1, 8D2EB7B17DE7B101F805478724776AA9CFE4FE3EB4E590C67F9C1B7DC7A86C99 Malware.Heuristic.1003, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\0E61EA3982597BA829AB0D6EB3051296\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.OUTLOOK.HOSTADAPTER.V10.0.NI.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003EB, dds, 01253903, 9719B737F79D17AB9C3D39FA98F76D26, 2A341851DCB3F5E4E9CC4F9C93AA6764F07F62CAA0E943FF4DB061ED3B622F97 Malware.Heuristic.1003, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\BBA8A039CA75E31E880C129D29EAEFC0\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.WORD.HOSTADAPTER.V10.0.NI.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003EB, dds, 01253903, A2E491128D7789EFCB335B562EA20D76, 7FB51DE48371B2EF1A13A82ECCB04D39AE14D46F33E8979288957DCC82AE6F02 Malware.Heuristic.1003, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\B0D278F3E0EAD4223F021C1FD0432232\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.EXCEL.HOSTADAPTER.V10.0.NI.DLL, Quarantined, 1000001, 0, 1.0.40702, 0000000000000000000003EB, dds, 01253903, 7E7618628119B60C467843BF10027A47, BEFF3307A89CEB64A68192DBE8FFB203F4324CF8DA6717F91BE63432C7FF8C08 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) After doing some digging I believe these are false positives. Since this I have been updating Malwarebytes and running different scans on the each of the locations (both with the expert algorithms option on and off). I have only seen these files flagged with the Expert algorithms option on. I have also scanned the files with Windows defender, McAfee, and Virus total. With Virus total only flagging a few of the ISSETUP.DLL files with 1 warning. Presently I have unquarantined the files. 1. I want to confirm these are false positives 2. I want to report this as I know that reporting FP's can help the software improve.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.