Jump to content
CCC_1

vulkan-1.dll possible false positive

Recommended Posts

Hello, a Windows system file which is signed by LunarG, Inc. and Microsoft Windows Hardware Compatibility Publisher was flagged by Malwarebytes this morning on one user PC. The file has been there for several months at this path C:\Windows\System32\vulkan-1.dll and I will include a sample with this post (File Extension has been changed to "EXE" so I can attach it). I have run the file through several online databases and it comes back clean every time. Is it possible this is a false positive caused by a recent definitions update?

 

vulkan-1.txt

Share this post


Link to post
Share on other sites

So, I take it you are confirming this is a false positive? 

Share this post


Link to post
Share on other sites

Can you tell us when the next database update is scheduled to be released?

Share this post


Link to post
Share on other sites

Hi,

This has been released already and fixed in:

MB2 Version: v2020.01.16.06
MB3 Version: 1.0.14367

MB4 Version: 1.0.17806

Edited by miekiemoes

Share this post


Link to post
Share on other sites

Hello. I am currently am running database version : v2020.01.16.06 and I see the above-mentioned vulkan dll's listed in quarantined. Also, I checked another system running v2020.01.16.07 and these items are also quarantined. Will I need to manually un-quarantine these or take other steps to resolve?

 

Thanks,

J

Share this post


Link to post
Share on other sites

Thanks Porthos, but this works a little bit different for me. I use Connectwise Automate with the MBAM Plugin.

Edited by AdvancedSetup
removed unneeded quoting

Share this post


Link to post
Share on other sites
Just now, jp18 said:

Thanks Porthos, but this works a little bit different for me. I use Connectwise Automate with the MBAM Plugin.

Oh, Sorry. Managed client. Answer will be forthcoming from someone that supports the business products.

Share this post


Link to post
Share on other sites

Perfect thank you! Looking to take this a step further by adding to the global ignore list for now. I've gone ahead and posted to the business form. Thanks, Mieke!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.