Jump to content

Recommended Posts

Hello, I'm use Universal Extractor in the updated version (UniExtract2) from Bioruebe [ https://github.com/Bioruebe/UniExtract2 ] to extract some types of files. The scan report me for the .lnk on the desktop and the .exe in the program folder a "MachineLearning/Anomalous.100%". I don't know if this a false positive detection or not.

Could you clarify it?

And the other one is a "Malware.Generic.4233839557" report for the new Sandboxie V5.40.1 (SANDBOXIEINSTALL64-V5.40.1.EXE in "User/Downloads" and in "Windows/Installer" folders).

In addition in a registry key (HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Sandboxie).

Could you clarify it also?

Thank you!

Kind regards, Kippi

(and a special sorry for my clumsy English ;-(  )

PS: report as .txt file in the attachment

MalwareBytesReport.txt

Link to post
Share on other sites

  • Staff
Quote

Hello, I'm use Universal Extractor in the updated version (UniExtract2) from Bioruebe [ https://github.com/Bioruebe/UniExtract2 ] to extract some types of files. The scan report me for the .lnk on the desktop and the .exe in the program folder a "MachineLearning/Anomalous.100%". I don't know if this a false positive detection or not.

Since the .exe was detected, the .lnk was detected as well. I downloaded the version 2.0.0 RC2 and scanned it, but it wasn't detected.

Quote

And the other one is a "Malware.Generic.4233839557" report for the new Sandboxie V5.40.1 (SANDBOXIEINSTALL64-V5.40.1.EXE in "User/Downloads" and in "Windows/Installer" folders).

In addition in a registry key (HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Sandboxie).

In your logs, I don't see a registry key detected.

Can you attach:

C:\PROGRAM FILES (X86)\UNIVERSAL EXTRACTOR\UNIEXTRACT.EXE

C:\USERS\HTPC\DOWNLOADS\SANDBOXIEINSTALL64-V5.40.1.EXE

C:\WINDOWS\INSTALLER\SANDBOXIEINSTALL64.EXE

Edited by cli
Link to post
Share on other sites

20 hours ago, cli said:

Since the .exe was detected, the .lnk was detected as well. I downloaded the version 2.0.0 RC2 and scanned it, but it wasn't detected.

Yes, I have the 2.0.0 RC2. It is the file that MalwareBytes reported. But I think the program load special plugins from the net when the program is open. Maybe it has to do with that...

20 hours ago, cli said:

In your logs, I don't see a registry key detected.

I can see it in the LOG. Under "Registrierungsschlüssel: 1"
Malware.Generic.4233839557, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Sandboxie, Keine Aktion durch Benutzer, 1000000, 0, , , ,

20 hours ago, cli said:

Can you attach:

C:\PROGRAM FILES (X86)\UNIVERSAL EXTRACTOR\UNIEXTRACT.EXE

C:\USERS\HTPC\DOWNLOADS\SANDBOXIEINSTALL64-V5.40.1.EXE

C:\WINDOWS\INSTALLER\SANDBOXIEINSTALL64.EXE

Yes :-)

And thank You!

UniExtract.7z SandboxieInstall64-v5.40.1.7z SandboxieInstall64.7z

Link to post
Share on other sites

  • Staff

Sorry to hear that. Can you delete your HubbleCache? In order to so, 

  1. Exit Malwarebytes
  2. Navigate to "C:\ProgramData\Malwarebytes\MBAMService"
  3. Delete a file named "HubbleCache"
  4. Restart Malwarebytes

When that is completed, please scan the files again.

If that doesn't work, I'll need more detailed logs. Collect it by following the instructions in this article (Upload Malwarebytes Support Tool logs offline) and attach the generated .zip file here. Thanks.

Link to post
Share on other sites

Ok. Thanks!

I have deleted the file "HubbleCache" and start a new scan.

After that I saw a weird notification from Malwarebytes: the scan report window shows me the message "0 Elemente erkannt", what means "No suspicious elements detected" but on the listing below flagged the same 2 elements from Universal Extractor. To ignore?

 

Malwarebytes-Scan_report.jpg

MalwareBytesReport(New2).txt

Link to post
Share on other sites

  • Staff

Did you exit out of Malwarebytes completely? Clicking 'X' in the upper right corner closes the window, but doesn't exit out of Malwarebytes. You can do so by going into the tray and exiting out. 


Untitled.png.45a364e172c9d9a53d37a916a6267a1e.png

 

If that doesn't work, I'll need more detailed logs. Collect it by following the instructions in this article (Upload Malwarebytes Support Tool logs offline) and attach the generated .zip file here. Thanks.

 

Edited by cli
clarification
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.