Jump to content

Window OS File Detected by Malwarebytes AI


Recommended Posts

Given this file is on the H Drive it is probably a very old system file, but interesting that the AI thinks it is a threat, perhaps it has been interfered with? Is there a way to get the MD5 hash, so I can plug it into VirusTotal to see what other vendors think of it?


Name: Malware.AI.1431233598
Category: Malware
Type: File
Location: H:\Windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_10.2.9200.16521_none_7b14ed51c173bb6d\mshta.exe
Detection ID: 1b07a5ae-3558-11eb-bee3-7085c277369f
Endpoint: REDACTED
Scanned At: 03/12/2020 7:01:01 PM
Quarantined At: 04/12/2020 12:15:25 AM
Reported At: 04/12/2020 9:17:01 AM
Scan ID: 839fb3d2-672d-47e1-8d8d-db142bf7871d
Link to post
Share on other sites

1 minute ago, Porthos said:

Business or consumer a FP is the same.

One would hope that business customers would get priority as it may affect multiple clients at the same time. Also we use Nebula, and perhaps soon OneView, while home users use Premium, but I'm not sure how much diffence there is between them in regards to the scanning systems.

Link to post
Share on other sites

7 minutes ago, AlexLeadingEdge said:

One would hope that business customers would get priority as it may affect multiple clients at the same time.

Other than False Positives which it is faster to report here on the forum in the correct section for False positives, You are entitled to priority support either from the help desk or from the business support phone number.

Help Desk hours are still only weekdays excluding US hilidays during Malwarebytes business hours.

Link to post
Share on other sites

16 minutes ago, shadowwar said:

can you zip and attach the file detected here. It may be fixed already but that is the only way to confirm. Or a virustotal link to the file. 


How do I unquaratine the file without releasing it back to the end user? How do I run a VirusTotal scan against a file I haven't un-quarantined?  i.e. if it is a virus I don't want to reinfect the end user's machine.

Surely Malwarebytes can generate an MD5 hash from a Quarantined file?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.