REGITDept Posted March 17, 2021 ID:1445412 Share Posted March 17, 2021 Dear Malwarebytes, We recently got a detection for MachineLearning/Anomalous.100% for the Setup file of the Adobe Photoshop Elements 10. I have attached the file for verification whether this is a false positive or not. Thanks. Setup.zip Link to post Share on other sites More sharing options...
Porthos Posted March 17, 2021 ID:1445417 Share Posted March 17, 2021 (edited) 24 minutes ago, REGITDept said: We recently got a detection for MachineLearning/Anomalous.100% for the Setup file of the Adobe Photoshop Elements 10. The main program does not detect it for me. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/17/21 Scan Time: 2:33 PM Log File: ab1bf9f0-8757-11eb-8967-001a7dda7102.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1217 Update Package Version: 1.0.38305 License: Premium -System Information- OS: Windows 10 (Build 19042.868) CPU: x64 File System: NTFS User: I7-PC\SAPC -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 0 min, 12 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) But VT does. https://www.virustotal.com/gui/file/1cfc603ce057ad09e0b1f78fe3dd223e5c466e47ff15a9539fd922ecb3cfcef6/detection The engine format and configuration in VirusTotal is different than our consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal. This will resolve itself in Virustotal after a while. Edited March 17, 2021 by Porthos Link to post Share on other sites More sharing options...
REGITDept Posted March 17, 2021 Author ID:1445419 Share Posted March 17, 2021 Here is the attached screenshot. Thanks. Link to post Share on other sites More sharing options...
Porthos Posted March 17, 2021 ID:1445421 Share Posted March 17, 2021 (edited) 4 minutes ago, REGITDept said: Here is the attached screenshot. O I see it is a managed endpoint. Staff will look into the detection. Might want to see if the update on the endpoint is up to date. The scan report might also assist staff. Edited March 17, 2021 by Porthos Link to post Share on other sites More sharing options...
REGITDept Posted March 17, 2021 Author ID:1445422 Share Posted March 17, 2021 2 minutes ago, Porthos said: O I see it is a managed endpoint. Staff will look into the detection. Might want to see if the update on the endpoint is up to date. Thank you. Another screenshot from the Cloud Management. Link to post Share on other sites More sharing options...
Staff cli Posted March 17, 2021 Staff ID:1445426 Share Posted March 17, 2021 Thanks for reporting, it was whitelisted on March 8, 2021 and should no longer be detected. 1 Link to post Share on other sites More sharing options...
REGITDept Posted March 17, 2021 Author ID:1445468 Share Posted March 17, 2021 2 hours ago, cli said: Thanks for reporting, it was whitelisted on March 8, 2021 and should no longer be detected. Thank you. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now