Malware.AI.2711381214 UNWISE32.EXE False Positive

[WestM]

Scan Report: 05/21/2021  1:00:01 AMBack to Scan History
Scan Log Details    
Endpoint name:    xxxxx.WMDOMAIN01.local
Scan date and time:    05/21/2021 1:00:01 AM
Version:    4.3.2.106
Component package version:    1.0.1251
Protection update version:    1.0.40722
OS:    Windows 10 (Build 19042.985)
CPU:    x64
File system type:    NTFS
Logged-in user:    xxxxx\Clerks
Scan Summary    
Scan Type:    Custom
Result:    Completed
Objects scanned:    557421
Time elapsed:    6h 30m 12s
Processes:    0
Modules:    0
Registry keys:    0
Registry values:    0
Registry data:    0
Folders:    0
Files:    1
Scan Options    
Memory:    True
Startup:    True
File system:    True
Rootkits:    True
Heuristics:    True
Archives:    True
PUM:    True
PUP:    True
Threats Found
Name    Type    Location    Action    ID
Malware.AI.2711381214    File    C:\WINDOWS\SYSWOW64\UNWISE32.EXE    Quarantined    bb9686ac-ba23-11eb-be80-f8b156a92423

[miekiemoes]

Hi,

This is only a partial log. Can you post the full log, as there's info missing that we need.

Thanks!

 

[WestM]

Files attached

UnWise32.zip 65df89d5-b9f1-11eb-9741-e454e87335e9.zip

[miekiemoes]

Hi,

I can't reproduce detection on this file anymore, so this must have been fixed in a meanwhile.

[WestM]

Detected again.... see below & diagnostic log attached.

• Endpoint name: xxxxxxxxxxxxxxxxxxxxxxx
• OS release name: Microsoft Windows 10 Pro
• OS Platform: Windows
• Category: Malware
• Type: file
• Path: C:\WINDOWS\SYSWOW64\UNWISE32.EXE
• Action Taken: Quarantined
• Scan time: 2021-09-17T05:00:02Z
• Report time: 2021-09-17T12:09:48.573628377Z
• Machine IP: xxxxxxxxxxxxx
• Group name: xxxxxxxxxxxx
• Policy name: xxxxxxxxxx

Threat name: Malware.AI.3695474678

735716846_MalwarebytesDiagnostics.zip

[miekiemoes]

Hi,

This has been fixed in a meanwhile as well as I can't reproduce detection anymore.