Jump to content
Batman1901

False positive as generic malware

Recommended Posts

I downloaded a zipfile containing an executable file. I've had it for a while and used it on another pc. I moved the zip to my new pc and then to dropbox. Dropbox alerted so I scenned the zip file with malwarebytes and it alerted as generic malware. I've had this false positive happen with older files before. Here is the info.

 

URL: https://doc-0g-28-docs.googleusercontent.com/docs/securesc/jumcmbsi99cqrfhop6ugj1hlc9kmmga4/cdlbvvh81tg3rrvfpluoshoq14ph7ubd/1572667200000/05867583680014792591/10856130464805800588/17NYxXV-Tf1pYSnxZBD4ENmit3XUovwIw?e=download&nonce=fcrhm4bq5a7qc&user=10856130464805800588&hash=a5i4rupg73iqmip1tl5dlc0a5spsea60

 

Scan results:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/13/20
Scan Time: 4:50 PM
Log File: 44850714-4eb3-11ea-8fbf-645d868bf6c7.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.785
Update Package Version: 1.0.19174
License: Premium

-System Information-
OS: Windows 10 (Build 18362.657)
CPU: x64
File System: NTFS
User: KCSOFTWARE-HPLT\kcsof

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 0 min, 18 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, E:\DROPBOX\TEMP\BORLAND\KEYGEN_C++ BUILDER.7Z, No Action By User, 0, 392686, 1.0.19174, , shuriken, 

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

KEYGEN_C++ BUILDER.7z

Share this post


Link to post
Share on other sites

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

If still detected on your end after ~10 minutes from now. Perform the following steps: 

  1. Totally exit/shutdown Malwarebytes.
  2. Go to here in explorer: C:\ProgramData\Malwarebytes\MBAMService
  3. Delete the following file only: hubblecache
  4. Then you can restart MBAM and the cache file will rebuild on the next scan.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.