Jump to content

Recommended Posts

Hello,

 

I believe I've encountered a false positive, and I don't see mention of it having already been reported (I apologize if it has been). The log is included below, and the file is attached. The file (install_flash_player.exe) appears to reach out to a legitimate sever at the macromedia.com domain, for the purposes of downloading updates to Flash. The file also comes up clean on VirusTotal.com. While I'm confident this is a false positive, I can definitely see how heuristically this would get flagged - it is reaching out for a file download, and I understand from another post that .exe files running out of AppData are treated with heavy suspicion (understandably).

 

Coyle

 

 

================================================================================================

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.25.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
xxxxxxx :: xxxxxxx [xxxxxxx]

11/25/2013 7:48:37 PM
MBAM-log-2013-11-25 (19-50-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 252495
Time elapsed: 1 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\xxxxxxx\AppData\Local\Adobe\AIH.56cefe21463c39c77d9c21070fa1a1e1b276c8e8\install_flash_player.exe (Trojan.Downloader) -> No action taken. [b9034db0d3991125d0694a151ce42ad6]

(end)

================================================================================================

install_flash_player.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.