Jump to content

Recommended Posts

Read the instructions, but not sure I'm doing this right...  Here goes.

Downloaded Harry Potter Game.  The .exe is coming up as Heuristic Virus on Norton, and TrojanGen8 Cloud.

Malwarebytes flags it as MachineLearning/Anomalous.100%

Log details below

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/13/20
Scan Time: 8:05 PM
Log File: af4a007e-7db9-11ea-ae4a-00137792124e.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.867
Update Package Version: 1.0.22404
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: lewis-PC\lewis

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 389
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 1 min, 28 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
MachineLearning/Anomalous.100%, C:\GAMES\HARRY_POTTER_AND_THE_PHILOSOPHERS_STONE_WIN_FILES_EN\GAME FILES\SYSTEM\HP.EXE, No Action By User, 0, 392687, 1.0.22404, , shuriken,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

MBAM Threat Removal.txt HP Threat Removal Results.txt

Link to post
Share on other sites

Thanks very much for getting back to me by the way.    From doing some research I'm thinking it may be because it is a 'cracked' file to facilitate play on Windows 10.  But i obviously wnat to besure before I take any risk.  let me know you're thoughts.  Thanks

Link to post
Share on other sites
33 minutes ago, shadowwar said:

This should be fixed now. Thanks for reporting.

Ok great.  When you say 'fixed', how do you mean?  Was it a safe file and just a scanning issue? Sorry, I don't know much about Viruses and the like.  And I want to be sure before I go on.

I did run the game yesterday for a while and Malwarebytes detected 4 MachineLearning/Anomalous.100%, all do do with the File and Process relating to HP.exe - is this worrying at all?

 

 

Link to post
Share on other sites

Also, in Task Manager, there seemed to be 2 HP.exe processes running...  First one starts when I click the game, but the game doesn't launch.  Then, when I click it again the second one appears and the game launches - and concerns?

Link to post
Share on other sites
6 minutes ago, Hal-Sendo said:

Ok, thanks. So then you check the file for hidden code, and found nothing? 

Sorry for all the questions that's the last one i promise!  I appreciate you taking the time to help me

Link to post
Share on other sites

Hello again,

Sorry, but I did another scan of my computer with a new version of the files, and Malwarebytes picked up on HP.exe again.  I have re-attached the file.  Would you be able to double check? Or will it still pick up on the scans?

HP.rar

Link to post
Share on other sites
  • Staff

Showing still fixed on my end. Please do this.

 

Quit malwarebytes from the systemtray.
Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.