Jump to content

False Postive for AzureLauncher for Win7


Recommended Posts

Additional information. The developer put out this message:

"Ok, one more section to delve a little further into what this really is. To explain further, it's a PowerShell script converted to an executable using Win-P2SEXE. Because it uses "Get-Process" to see if the game/config successfully launched, among other functions such as as directly editing configuration files, virus scanners are going to flag it as potentially malicious. But I promise that there is nothing nefarious going on here, you can either trust me or not, the source code is all there. The reason I have included a "Windows 7" version is because the normal version will not work there. Different Windows versions come with different versions of PowerShell, and Windows 7 is ancient at this point and uses PowerShell v2.0 so it had to be compiled specifically for it. Windows 8 can probably use either version since it's somewhere between 2.0 and 5.0 which is what Windows 10 uses, so just use whatever if you're on it for some reason."

The source is linked below

AzureLaunch_source.zip

Link to post
Share on other sites
25 minutes ago, cli said:

Thanks for reporting, this has been fixed. 

Thanks for your rapid fix! I must ask, has the fix been deployed to MWB yet? I updated the database and did a scan; it still gets flagged

Link to post
Share on other sites

Hi,

This should no longer be detected anymore. I can't reproduce detection on my end either.

In case it's still detected on your end, it's probably because of a caching issue. In order to fix that, Quit malwarebytes from the systemtray.
Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

Link to post
Share on other sites
2 hours ago, miekiemoes said:

Hi,

This should no longer be detected anymore. I can't reproduce detection on my end either.

In case it's still detected on your end, it's probably because of a caching issue. In order to fix that, Quit malwarebytes from the systemtray.
Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

Thank you, my bad. I should have checked first. Can confirm it no longer flags a false positive. Cheers

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.