Jump to content

c:/cygwin64//lib/gcc/x86_64-pc-cygwin/10/collect2.exe not ransomware?

ingber

By ingber
in Ransomware

 Share

Recommended Posts

ingber

ingber

Posted
Posted

This was flagged and quarantined by MB?  I'm in Detection History, but I do not see how to recover this file?  Where is the recovery item??

The report from what appears to be the download button is:

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/20/20
Protection Event Time: 6:24 AM
Log File: 22d18dfc-42cf-11eb-8c84-3c18a0561f85.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.34541
License: Premium

-System Information-
OS: Windows 10 (Build 19041.685)
CPU: x64
File System: NTFS
User: System

-Ransomware Details-
Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

File: 1
Malware.Ransom.Agent.Generic, C:\cygwin64\lib\gcc\x86_64-pc-cygwin\10\collect2.exe, Quarantined, 0, 392685, 0.0.0, 77ef47fc60c41afb4d28002bd4df3146, 1e70097d32c6db96cd5d0811e7e7677214be6cdb73b520827023e5b21f6d5009

(end)
 

Link to post
Share on other sites
ingber

ingber

Posted
  • Author
Posted

OK, I can restore this file, but why was it flagged at all?  From the report, it looks fine?

Link to post
Share on other sites
David H. Lipman

David H. Lipman

Posted
Posted (edited)

If you believe this to be a False Positive declaration,  there is a section of the Forum for submitting False Positives - False Positives

File detections in general are submitted in;  File Detections

Ransomware detections believed to be a false Positive are submitted in;  Ransomware

I have requested this thread be moved to;  Ransomware

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites
ingber

ingber

Posted
  • Author
Posted

OK.  Thanks.

I'd guess this won't be answered, given my previous experiences.  However, if enough people point out a problem, e.g., with some popular software like gcc, then I think it's a good change that the MB database will be updated.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

As long as it is posted in the appropriate area where David recommended, Research should see it and will be able to take a look and correct it.  Here in the general forums it's mainly just support staff and volunteers who have no access to or control over Malwarebytes' database, so getting a false positive corrected by posting it here is far less likely.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept