Jump to content

InstallShield False Positive ?

siliconman01

By siliconman01
in File Detections

 Share

Recommended Posts

  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hi,

I can't reproduce detection on this, even after extracting the support.cab file as well. I remember this was fixed a few days ago already.

Can you verify if this is still detected? If so, then, Quit malwarebytes from the systemtray.

Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

Link to post
Share on other sites
siliconman01

siliconman01

Posted
  • Author
Posted
15 minutes ago, miekiemoes said:

Hi,

I can't reproduce detection on this, even after extracting the support.cab file as well. I remember this was fixed a few days ago already.

Can you verify if this is still detected? If so, then, Quit malwarebytes from the systemtray.

Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

It is still detected even after deleting HubbleCache per your recommendation.  This is on a Custom scan with "Scan rootkits"  selected and also with "Scan rootkits" not selected.  

It is not detected on a standard routine scan. 

MBAMLogCustomNORootkitScan.txt MBAMLogCustomRootkitScan.txt MBAMLOGStandardScan.txt

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hmm, this is weird, as I really can't reproduce detection, even with rootkit scan on.

Can you rightclick the support.cab file and extract it with 7zip? Then scan that support folder and let me know if you get a detection?

This so I know what exact file in that cab file is causing this for you. I've done the same here as well, but it's not detecting any of the contents either.

Thanks!

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

 

This is really curious.

I would need more info, so can you zip and attach the MBAMService.LOG, this so I can have a look why it's detecting in your case and not in my case.

You can find this log in the following folder: C:\ProgramData\Malwarebytes\MBAMService\LOGS

 

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted (edited)

Hi,

This has been confirmed as a bug indeed (as bugs might always happen with beta-versions), so it will be resolved in one of the next Component Updates.

I suggest you temporary exclude this file (folder) from detection for now.

Thanks for your help/feedback on this!

Edited by miekiemoes
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.