Jump to content

False Positive - Systemus.zip and Systemus.exe - VirusTotal & Installed


BillR5
 Share

Recommended Posts

1. Both systemus.zip and systemus.exe are detected as malware on installed free version of Malwarebytes.  The .exe is in the .zip.  I think both flags are false positives, although I could understand a riskware, PUP, or system tool type classification as Systemus is a menu of system tools.

systemus.exe (Generic.Malware/Suspicious) on https://www.virustotal.com/gui/file/b250b79a87b596381fe53f2c14c3db556ce79cc84753c4a2e06762acd4f86017/details

sytemus.zip (Undetected) on https://www.virustotal.com/gui/file/f8611a12d02038504585f2b225d802a6ee0832e68522d8fad046769e7045e935/detection

Found at

2. The pinned create log instructions don't work.  A. Requires full path to mbam.exe  B. Instructions for running on just a subfolder are not included.  I run on a subfolder via the context menu.

Systemus.zip

Link to post
Share on other sites

Thanks for the very prompt reply.   .EXE and .ZIP are undetected on VirusTotal (April 2),

but MBAM Free still detects both after a manual update with MBAM restart (Friday) and a manual update (Sat.). 

MBAM: 4.3.0.98      Update: 1.0.39024     Component: 1.0.1249 
Updated: 4/2/21 4:03 PM [US EDT; UTC-4]

and                          Update: 1.0.39026     
Updated: 4/3/21 6:20 PM

 

Link to post
Share on other sites

2 minutes ago, BillR5 said:

but MBAM Free still detects both after a manual update with MBAM restart (Friday) and a manual update (Sat.). 

Please clear your hubble cache by doing the following:

  1. Click on the Malwarebytes icon in the system tray
  2. Select "Quit Malwarebytes"
  3. Navigate to %PROGRAMDATA%\Malwarebytes\MBAMService
  4. Delete the file HubbleCache
  5. Open Malwarebytes and rescan.
Link to post
Share on other sites

Neither waiting, updating, nor exiting MBAM worked.  Deleting hubble cache worked.  Thanks @shadowwar @Porthos  @cli for the quick review and followup.

Was there an obvious instruction or setting for a casual user somewhere that I missed that would have done that automagicly?  While easily done, this seems round about.

Also, I realize now that the numbering in the pinned post were not steps as I originally carelessly thought, but referred to versions.  An obvious mistake, but if I made it, then others may as well.  Perhaps "MBAM release 1.* instructions for the log:" and/or most recent first release order would help klutzes like me provide you with the desired logs.

 

Link to post
Share on other sites

31 minutes ago, BillR5 said:

Was there an obvious instruction or setting for a casual user somewhere that I missed that would have done that automagicly?

Should happen automatically but sometimes it does not, at least not right away. I restart of the computer might of helped.

Edited by Porthos
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.