Jump to content
ronzie009

21 old installation files flagged

Recommended Posts

After a regular scheduled quick scan today, 21 installation files in my Downloads folder were flagged by MBAM as either PUPs or Malware.  These files have been there for various lengths of time and never been flagged bad before.  They were all originally downloaded while MBAM real time protection was running and not flagged, and I scanned every one of them with MBAM after downloading them and they were not flagged then, so I think it is extremely unlikely that they are dangerous now.  I have attached the report, but due to the large number of files involved I have not attached them.

2018-10-06FalsePositives.txt

Share this post


Link to post
Share on other sites

Hi,

These don't look like false positives though, but are valid detections.

If you would execute them, malwarebytes would block/delete them.

Share this post


Link to post
Share on other sites

This seems to be because we recently added redirect support for the downloads folder. So now as of 3.6.1 a threat scan will follow a redirected download folder. In your case your downloads are located on G drive and not the normal location. This is why they were not detected before. These are pup detections as they can include adware.

 

 

Edited by shadowwar

Share this post


Link to post
Share on other sites

Hello,

Can you zip & attach this file please?
Generic.Malware/Suspicious, G:\DOWNLOADS\LIGHT_IMAGE_RESIZER4_SETUP.EXE, No Action By User, [0], [392686],1.0.7217

The rest - I looked through the log & most are OpenCandy & Bundle Installers. These contain the OpenCandy module which typically when you run the installer has other offers within the app that you would have to uncheck in order to avoid the extra installs.

We detect IEPV because some people may not want to have their IE passwords revealed. If used by you to recover a password you forgot on some site you go to, then it is Ok to have, but if someone else was to launch this on your machine without you knowing, you would want it nabbed before they got your passwords. 

PUP.Optional isn't necessarily "dangerous" - it just means it is Potentially unwanted. If you're familiar with how all these programs work, then you can exclude them.

Share this post


Link to post
Share on other sites
2 hours ago, blender said:

Hello,

Can you zip & attach this file please?
Generic.Malware/Suspicious, G:\DOWNLOADS\LIGHT_IMAGE_RESIZER4_SETUP.EXE, No Action By User, [0], [392686],1.0.7217

The rest - I looked through the log & most are OpenCandy & Bundle Installers. These contain the OpenCandy module which typically when you run the installer has other offers within the app that you would have to uncheck in order to avoid the extra installs.

We detect IEPV because some people may not want to have their IE passwords revealed. If used by you to recover a password you forgot on some site you go to, then it is Ok to have, but if someone else was to launch this on your machine without you knowing, you would want it nabbed before they got your passwords. 

PUP.Optional isn't necessarily "dangerous" - it just means it is Potentially unwanted. If you're familiar with how all these programs work, then you can exclude them.

 

light_image_resizer4_setup.zip

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.