Jump to content
jayman1000

Visual Studio payload.vsix file "adware". False positive?

Recommended Posts

Today Malwarebytes found that the file Payload.vsix, a visual studio file in one of the visual studio install folders is "adware". Im leaning towards this being a false positive? The file has been on my pc since november 2011, so not a new file at all.

 

I attached file for you too research it. Also attached mb3 report file.

payload.zip

mb3Report.txt

Share this post


Link to post
Share on other sites

Hello. This has been confirmed by our Research team that is indeed a false positive and will be fixed in the next database update. See:

 

Share this post


Link to post
Share on other sites

I also had a similar false positive, in this case it was Webtools.visx and not payload.visx

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/20/18
Scan Time: 3:54 AM
Log File: 883e1a52-d413-11e8-bb73-00ffb0dbea24.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.7434
License: Premium

-System Information-
OS: Windows 10 (Build 17134.345)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 517212
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 18 min, 26 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Adware.Agent, C:\PROGRAMDATA\MICROSOFT\VISUALSTUDIO\PACKAGES\MICROSOFT.VISUALSTUDIO.WEBTOOLS,VERSION=15.0.26424.2\MICROSOFT.VISUALSTUDIO.WEBTOOLS.VSIX, No Action By User, [103], [585098],1.0.7434

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

microsoft.visualstudio.webtools.vsix.zip

Share this post


Link to post
Share on other sites

Both files were caught by the same false positive which has now been fixed. Database v1.0.7438 or newer

Thanks for your reports and your patience!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.