Jump to content

Ransomware, Hiddentear. False Positive?


Jkeel
 Share

Recommended Posts

An threat scan turned up an infection of Ransom.HiddenTear.E.Generic at the following location:

 C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\UPDATE NOTIFIER.LNK

Does this sound like a false positive, or is it a genuine malware detection? It sounds fairly serious if accurate.  It has been successfully quarantined, however.

Thanks

Link to post
Share on other sites

I got the exact same scan result this morning, too. I've quarantined it (which I assume means it's been deleted?). Never had anything like that come up before, so would appreciate reassurance that it's a genuine threat I've deleted and not some useful thing that was a false positive and I was supposed to ignore!

Link to post
Share on other sites

  • Staff
Just now, GarethD said:

Thanks guys - I've already deleted it after quarantine - won't make a difference will it?

Bit more reassured now after a morning of running scans - roguekiller, adwcleaner etc!!

Thanks

Hi Gareth, no, it won't really break anything. It just won't check if there are updates for Winzip every Windows startup. Most people have this disabled anyway.

Alternatively, if Tom997 or ohsuzieqgm can zip and attach the UPDATE NOTIFIER.LNK to this thread, you can put it back in this folder: C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP

Link to post
Share on other sites

  • Staff
10 minutes ago, Stanleycat said:

I got this same threat alert.  The target via the Properties window is "C:\Program Files\WinZip\WZUpdateNotifier.exe".  This file is an executable for WinZip.  It was last modified on 8/27/2016 at 6:37 AM PT.  Is this a legitimate alert?

Hi,

This has been a false positive and has been fixed in our database already that just went out.

MB2: v2017.03.29.04

MB3: Package build 1.0.1621

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.