Jump to content

SnapPy.lnk and Snappy.exe


rick87437

Recommended Posts

These files have been living happily on my machine for over a year until today. But Malwarebytes (4.2.3.96) has attempted to ostracize them.  I suspect a false positive, but what do I know? The warning and then the quarantine logs are below. I cannot easily give more info due to the quarantine, but the files were installed in Oct 2020, so are most likely the latest, from here:

https://github.com/3-manifolds/SnapPy/releases/tag/2.8_as_released

(A fresh download of the installer is of the identical size as the one I used.)

--------------------

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/11/21
Scan Time: 8:46 AM
Log File: 31fe36ee-6c3d-11eb-8a96-9c5a44142187.json

-Software Information-
Version: 4.2.3.96
Components Version: 1.0.1122
Update Package Version: 1.0.36957
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1350)
CPU: x64
File System: NTFS
User: LAPTOP-4G6C63UK\rick

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 339476
Threats Detected: 3
Threats Quarantined: 0
Time Elapsed: 1 min, 22 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
Malware.AI.3929698541, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\SnapPy.lnk, No Action By User, 1000000, 0, , , , , 268806BCA5F019E2E8FAB3C178421FC9, 1D59436E01352FE740E7BD269B2CDF706B765B3A91093FB1F0EFB09E0B567298
Malware.AI.3929698541, C:\USERS\PUBLIC\Desktop\SnapPy.lnk, No Action By User, 1000000, 0, , , , , 268806BCA5F019E2E8FAB3C178421FC9, 1D59436E01352FE740E7BD269B2CDF706B765B3A91093FB1F0EFB09E0B567298
Malware.AI.3929698541, C:\PROGRAM FILES (X86)\SNAPPY\SNAPPY.EXE, No Action By User, 1000000, 0, 1.0.36957, 81C6BDB709D2B932EA3A70ED, dds, 01112063, 5E6E96E3CF05E17F8D7868617BB38407, 641F3E6F223146446524B8023623FCDBFE22A8449407BCB343AAC2DF6BF919D4

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

====================

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/11/21
Protection Event Time: 8:53 AM
Log File: 4ad8671a-6c3e-11eb-97e1-9c5a44142187.json

-Software Information-
Version: 4.2.3.96
Components Version: 1.0.1122
Update Package Version: 1.0.36957
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1350)
CPU: x64
File System: NTFS
User: System

-Blocked Malware Details-
File: 1
Malware.AI.3929698541, C:\Program Files (x86)\SnapPy\SnapPy.exe, Quarantined, 1000000, 0, 1.0.36957, 81C6BDB709D2B932EA3A70ED, dds, 01112063, 5E6E96E3CF05E17F8D7868617BB38407, 641F3E6F223146446524B8023623FCDBFE22A8449407BCB343AAC2DF6BF919D4


(end)

 

 

Link to post
Share on other sites

  • 10 months later...

It's back. I downloaded and installed the latest version of SnapPy for Windows, via the file named "InstallSnapPy.exe" from the horse's mouth ( https://snappy.math.uic.edu/installing.html#windows ). It must be another false positive. But what is behind this? In any case, I hope this can be resolved as quickly (meaning at amazing speed) as last time (thanks for that!). Here are the bits from MalwareBytes:

Quote

-Log Details-
Protection Event Date: 1/9/22
Protection Event Time: 8:26 AM
Log File: 80c3158e-711d-11ec-b1ff-9c5a44142187.json

-Software Information-
Version: 4.5.0.152
Components Version: 1.0.1538
Update Package Version: 1.0.49582
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1348)
CPU: x64
File System: NTFS
User: System

-Blocked Malware Details-
File: 1
Trojan.Glupteba, C:\Program Files (x86)\SnapPy\SnapPy.exe, Quarantined, 4230, 922780, 1.0.49582, , ame, , F5F58F362FC3C074E5CB9FEF2F800902, EF1EF705E67B9256CD607338AEEBDC1A711449C2CAFF31DB111AF8C88CC7CD1C
 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.