Hurin

Members

View Profile See their activity

Posts
6
Joined
March 21, 2010
Last visited
January 20, 2023

Reputation

0 Neutral

rufus v3.14p - false positive

Hurin replied to Hurin's topic in File Detections

rescanned a few minutes ago and this appears to now be resolved. No longer flagged as malware.
- May 16, 2021
- 3 replies
rufus v3.14p - false positive

Hurin replied to Hurin's topic in File Detections

Woops, here's the attachment. rufus.zip
- May 16, 2021
- 3 replies
rufus v3.14p - false positive

Hurin posted a topic in File Detections

The very popular/respected/trusted "rufus" app is coming up as "malware" this morning according to locally installed MalwareBytes scan. This, despite VirusTotal's fresh scan of it coming up clean. MD5 c1df434cf15aeb31783e1144b8a30059 SHA-1 1c385ec41d5f20ab411bd20e792ad8e7da7feaf9 SHA-256 c0ccf4f480545b50169cc1f5bf92b357ce588520cb8534128200ca48fc6ae588 Scan result from MalwareBytes. . . File: 1 Malware.AI.4211603495, C:\USERS\--redacted--\DOWNLOADS\RUFUS-3.14P.EXE, No Action By User, 1000000, 0, 1.0.40486, D797EB6AD89A7B01FB07F827, dds, 01247964, C1DF434CF15AEB31783E1144B8A30059, C0CCF4F480545B50169CC1F5BF92B357CE588520CB8534128200CA48FC6AE588 Best Regards, H
- May 16, 2021
- 3 replies
Lord of the Rings Online (game) - lotrobrowserhelper.exe

Hurin posted a topic in File Detections

The Lord of the Rings Online, published by Standing Stone Games (formerly published by Turbine/WB), uses a file called lotrobrowserhelper.exe. Recently, Kaspersky and ZoneAlarm began detecting this file as malware. These were dismissed as false positives. This morning, Malwarebytes began detecting it as malware as well. As well as several other AV engines. Thirteen by last count on virustotal.com. I'm attaching the lotrobrowserhelper.exe file in a ZIP. As well as the log file from malwarebytes. lotrobrowserhelper.zip mblog.txt
- August 24, 2017
- 1 reply
[Backdoor.Celofot] Possible F.P

Hurin replied to leofelix's topic in File Detections

Hehe. . . nothing that should cause trouble. But you never know!
- March 22, 2010
- 71 replies
[Backdoor.Celofot] Possible F.P

Hurin replied to leofelix's topic in File Detections

Glad to find this thread! I was about to enter "panic mode" since I occasionally use the laptop showing this apparent false positive for some secure stuff at work. Same exact issue as described above. Use Firefox with noscript, MSSE as antivirus, and computer comes up otherwise completely clean. The only possible vector I would consider at all likely is that my wife sometimes uses this laptop. Here's something else odd. . . when I went to go find the registry entry it was describing (prior to having MBAM delete it), it wasn't even actually there (unless it's somehow hidden or transient). So, it appears MBAM is possibly seeing a phantom registry value? Best, H
- March 21, 2010
- 71 replies

Sign In

Hurin

Posts

Joined

Last visited

Reputation

rufus v3.14p - false positive

rufus v3.14p - false positive

rufus v3.14p - false positive

Lord of the Rings Online (game) - lotrobrowserhelper.exe

[Backdoor.Celofot] Possible F.P

[Backdoor.Celofot] Possible F.P

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information