Jump to content

possible gvim false positive, Malware.Heuristic.1003

quantumentangld

By quantumentangld
in File Detections

 Share

Recommended Posts

quantumentangld

quantumentangld

Posted
Posted

I was trying to install gvim on my windows machine, but when I ran a security check on the file it detected Malware.Heuristic.1003. I am not entirely sure if this is correct because I have used gvim in the past, but I do not want to install it if there is an issue with it containing malware. Any help with this would be most appreciate. Thank you in advance. 

Here is the log file: 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/11/21
Scan Time: 8:55 AM
Log File: 68d46550-cacd-11eb-a0d3-c03eba43a949.json

-Software Information-
Version: 4.4.0.117
Components Version: 1.0.1318
Update Package Version: 1.0.41591
License: Premium

-System Information-
OS: Windows 10 (Build 19043.1052)
CPU: x64
File System: NTFS
User: AngerKaur\AngerKaur

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 0 min, 18 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.Heuristic.1003, C:\USERS\ANGER\DOWNLOADS\GVIM_8.2.2825_X86_SIGNED.EXE, No Action By User, 1000001, 0, 1.0.41591, 0000000000000000000003EB, dds, 01285296, C7C6C60D271E0C1EE53C4939A01951A4, 562AC07738301E70C48C9029848BF1CC1AC0589B0D068D4BAA4B05D0B3F97C8E

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
32 minutes ago, quantumentangld said:

Any help with this would be most appreciate. Thank you in advance. 

Hi,

Do you have "Use expert system algorithms to identify malicious files" enabled? It is located in Settings > Security> Scan option.

This is normally disabled by default.

In either way, Staff will look into this and get this fixed.

Thanks for reporting!

FYI. This setting is in the experimental stage.

That setting is to detect malformed files but sometimes legit files use protection that make them malformed. Malwarebytes is still tweaking the algorithms that is why it’s off by default. If you switch it on it is assumed, you are able to tell the difference between a FP and a legit detection. 

And if you keep it on, I suggest also turn off auto quarantine. Gives you the time to report FP's and not go thru the extra step to have to restore from quarantine.

Please turn off "Use expert system algorithms to identify malicious files" enabled? It is located in Settings > Security> Scan option to avoid these detections

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.