J06246

We have been getting numerous detection and quarantine of Verifone PinPad files for OpenEdge X-Charge software. Is this a false positive? I've attached diagnostics of the most recent endpoint to quarantine this file. Thanks! Name: Malware.Sandbox.23 Category: Malware Type: File Location: C:\ProgramData\CAM Commerce Solutions\X-Charge\PINPadDevice\VeriFone\Mx800Downloader_2.5_Setup.exe Detection ID: f66509f0-3cb6-11ec-ba1e-ccf9e4f059f0 Endpoint: Scanned At: 11/03/2021 10:00:00 AM Quarantined At: 11/03/2021 10:05:46 AM Reported At: 11/04/2021 8:57:50 AM Scan ID: 6934d3d9-24e6-446f-a82c-48de5b01d62b 651270811_MalwarebytesDiagnostics.zip

Ok I do have a diagnostics Zip I can upload but it contains info I do not want seen publicly. Please advise where I can send. Malwarebytes Diagnostics.zip

We don't have Premium, we have we have Enterpise endpoint Protection. And there is nowhere on the endpoints that I know of where I can open a management console like you are displaying. I have checked C:\ProgramData\Malwarebytes Endpoint Agent\Logs, but this appears to only populate a log when a manual scan is run. Thanks!

Where can I find the full scan results?

Getting a lot of these yesterday and today. Is this a false positive? Scan date and time: 05/20/2021 10:00:02 AM Version: 4.3.2.106 Component package version: 1.0.1251 Protection update version: 1.0.40692 OS: Windows 10 (Build 19042.985) CPU: x64 File system type: NTFS Logged-in user: Scan Summary Scan Type: Threat Result: Completed Objects scanned: 586134 Time elapsed: 0h 5m 54s Processes: 0 Modules: 0 Registry keys: 0 Registry values: 0 Registry data: 0 Folders: 0 Files: 7 Scan Options Memory: True Startup: True File system: True Rootkits: True Heuristics: True Archives: True PUM: True PUP: True Threats Found Name Type Location Action ID Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{F3E4F9ED-5685-458A-9421-B1AD7198C1EE}\NEWSHORTCUT612_71A9BE5D58104E249040FD623A41C26F.EXE Quarantined b3c64d92-b97c-11eb-ac5c-1866da4a609b Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{F3E4F9ED-5685-458A-9421-B1AD7198C1EE}\NEWSHORTCUT611_A2CC2C9DABCA454BAF74905C3F287666.EXE Quarantined b39acf50-b97c-11eb-84d0-1866da4a609b Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{F3E4F9ED-5685-458A-9421-B1AD7198C1EE}\NEWSHORTCUT6111_135D5D44138147F3A442F95139B50793.EXE Quarantined b36e4ba6-b97c-11eb-98d7-1866da4a609b Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{C0FD0913-A1C0-40C7-8AE8-4072D4A41044}\NEWSHORTCUT612_71A9BE5D58104E249040FD623A41C26F.EXE Quarantined b33f9478-b97c-11eb-9173-1866da4a609b Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{AA5FB520-F649-40C6-BB8B-13419A3481A8}\NEWSHORTCUT612_71A9BE5D58104E249040FD623A41C26F.EXE Quarantined b2dcb0f6-b97c-11eb-8df0-1866da4a609b Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{AA5FB520-F649-40C6-BB8B-13419A3481A8}\NEWSHORTCUT611_A2CC2C9DABCA454BAF74905C3F287666.EXE Quarantined b2d9ccd8-b97c-11eb-a011-1866da4a609b Malware.AI.3346706190 File C:\WINDOWS\INSTALLER\{AA5FB520-F649-40C6-BB8B-13419A3481A8}\NEWSHORTCUT6111_135D5D44138147F3A442F95139B50793.EXE Quarantined adc9601e-b97c-11eb-b04c-1866da4a609b