Jump to content

Visual studio payload.vsix


MarkInTexas

Recommended Posts

Getting this too - I will ignore - running the latest version of MB

Log Details-
Scan Date: 12/21/18
Scan Time: 2:45 AM
Log File: c75d4568-04fc-11e9-a8b3-e470b896f5d1.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.8423
License: Premium

 

File: 2
MachineLearning/Anomalous.100%, C:\PROGRAMDATA\MICROSOFT\VISUALSTUDIO\PACKAGES\POWERSHELLTOOLS.VS2017,VERSION=4.1.3\PAYLOAD.VSIX, Quarantined, [0], [392687],1.0.8423
MachineLearning/Anomalous.100%, C:\WINDOWS\TEMP\VSIX0FVTIFU5.VSIX, Quarantined, [0], [392687],1.0.8423

Link to post
Share on other sites

@tetonbob Here's the report (copy/pasted). Username redacted.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/30/18
Scan Time: 12:19 PM
Log File: c261d7c0-0c24-11e9-abd6-bc8385def7b7.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.8553
License: Premium

-System Information-
OS: Windows 10 (Build 17763.195)
CPU: x64
File System: NTFS
User: **redacted**

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 367082
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 5 min, 29 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
MachineLearning/Anomalous.100%, C:\PROGRAMDATA\MICROSOFT\VISUALSTUDIO\PACKAGES\POWERSHELLTOOLS.VS2017,VERSION=4.1.4\PAYLOAD.VSIX, No Action By User, [0], [392687],1.0.8553
MachineLearning/Anomalous.100%, C:\WINDOWS\TEMP\VSIX2WAL2ZSD.VSIX, No Action By User, [0], [392687],1.0.8553

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • 3 weeks later...

Problem has returned again. the vsix is being detected as MachineLearning malware again.

Updates are current

 

File: 2
MachineLearning/Anomalous.100%, C:\PROGRAMDATA\MICROSOFT\VISUALSTUDIO\PACKAGES\POWERSHELLTOOLS.VS2017,VERSION=4.1.6\PAYLOAD.VSIX, No Action By User, [0], [392687],1.0.8858
MachineLearning/Anomalous.100%, C:\WINDOWS\TEMP\VSIX3FEH4MCO.VSIX, No Action By User, [0], [392687],1.0.8858

 

result.txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.