Jump to content
denisz12

Is this a false positive or malware?

Recommended Posts

Share this post


Link to post
Share on other sites
16 minutes ago, denisz12 said:

Thanks in advance.

Malware or not, they are too old to be detected by MB. It would help to know what software they belong to.

Share this post


Link to post
Share on other sites
Posted (edited)

Guessing it is the game Project IGI. Windows defender deletes it as PUA:Win32/InstallCore which is adware that is bundled with many free programs to make the publisher some money with each install.

Edited by Porthos

Share this post


Link to post
Share on other sites
Posted (edited)

The False Positive sub-forum is for False Positive declarations made by Malwarebytes' software and not for declarations made by other vendors.

You submitted three Virus Total Report URLs for detections not showing a Malwarebytes detection. 

One was for a Visual Basic Encoded ( VBE ) file which isn't even targeted by Malwarebytes.  The first submission was made on 2017-12-31 and has a low detection rate.  Without accessing the file itself a determination can't be fully made but it may be legitimate but I can't be sure.  A malicious VBE would be expected to have many more detections than that shown for a file known to Virus Total ( and associated vendors ) over this time frame.

The other two files are file types targeted by Malwarebytes but their first submission goes way back to 2010.  Files that have been  known to Virus Total ( and associated vendors ) over this long a time frame that arre malicious would have many more detections so they are most likely False Positive declarations.

In the future please restrict False Positive queries to those made specifically by Malwarebytes' software.

 

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar

Share this post


Link to post
Share on other sites
8 hours ago, Porthos said:

Guessing it is the game Project IGI. Windows defender deletes it as PUA:Win32/InstallCore which is adware that is bundled with many free programs to make the publisher some money with each install.

Yes, that is right. It is from the game Project IGI, an old game from 2000.

So what you are saying is that installing this I would be bombarded with ads and/or unwanted applications also being installed on my system? Is that a treat that I should avoid and can it lead to any serious infections? 

Share this post


Link to post
Share on other sites
8 hours ago, David H. Lipman said:

The False Positive sub-forum is for False Positive declarations made by Malwarebytes' software and not for declarations made by other vendors.

You submitted three Virus Total Report URLs for detections not showing a Malwarebytes detection. 

One was for a Visual Basic Encoded ( VBE ) file which isn't even targeted by Malwarebytes.  The first submission was made on 2017-12-31 and has a low detection rate.  Without accessing the file itself a determination can't be fully made but it may be legitimate but I can't be sure.  A malicious VBE would be expected to have many more detections than that shown for a file known to Virus Total ( and associated vendors ) over this time frame.

The other two files are file types targeted by Malwarebytes but their first submission goes way back to 2010.  Files that have been  known to Virus Total ( and associated vendors ) over this long a time frame that arre malicious would have many more detections so they are most likely False Positive declarations.

In the future please restrict False Positive queries to those made specifically by Malwarebytes' software.

 

I appreciate you taking the time to help.

One of my concerns regarding the VBE file is that when I click on the Relations tab, it shows PE Resource Parents and two win32.exe files that have big detection rates.

54/65 and 56/67. I am not sure exactly what this means. Does it mean that the VBE file downloads these two files to my system? 

This is what I mean: https://www.virustotal.com/gui/file/9505901ddf7ebffcac87a5a03307527c6fea7311e841f69c5abb65ba30cb6119/relations

Would it help if I attached the files here?

 

Thanks

 

Share this post


Link to post
Share on other sites

I decided to attach all three files in question. I hope someone knowledgeable will be able to check what they do and if I should risk installing this game.

I will have a lot of free time in the next couple of weeks due to an injury and would like to revisit this game and play it.

Thanks!

Project IGI.rar

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.