Chizzy Posted July 2, 2021 ID:1467096 Share Posted July 2, 2021 I have automatic scans daily and it picked this one up. I am wondering if its a false positive or some malware lingering in spotify software? Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/2/21 Scan Time: 2:59 AM Log File: ff0bc046-db02-11eb-8ac7-4ccc6a902119.json -Software Information- Version: 4.4.0.117 Components Version: 1.0.1344 Update Package Version: 1.0.42554 License: Premium -System Information- OS: Windows 10 (Build 19043.1081) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 381635 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 5 min, 58 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.Heuristic.1001, C:\USERS\DJCHI\APPDATA\LOCAL\SPOTIFY\USER DATA\CRASHPADMETRICS-ACTIVE.PMA, Quarantined, 1000001, 0, 1.0.42554, 0000000000000000000003E9, dds, 01315029, 669808456121FD2CF9512F3E32C29D0D, FF11B0EDE7FCAE67109B2538237C7B2A0B3E8D16100BB09D0290686F5D82E8AC Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) Link to post Share on other sites More sharing options...
Staff cli Posted July 2, 2021 Staff ID:1467105 Share Posted July 2, 2021 Do you have the file? Thanks. Link to post Share on other sites More sharing options...
Chizzy Posted July 2, 2021 Author ID:1467106 Share Posted July 2, 2021 i ended up deleting it just for good measure. but there is another one that sprung up a couple days ago if i could post that one as well. Link to post Share on other sites More sharing options...
Chizzy Posted July 2, 2021 Author ID:1467107 Share Posted July 2, 2021 Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/27/21 Scan Time: 9:07 PM Log File: 3058c88c-d7ad-11eb-90d6-4ccc6a902119.json -Software Information- Version: 4.4.0.117 Components Version: 1.0.1344 Update Package Version: 1.0.42351 License: Premium -System Information- OS: Windows 10 (Build 19043.1052) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 381235 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 6 min, 15 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4172189505, C:\USERS\DJCHI\APPDATA\ROAMING\RED GIANT LINK\TOOLS\RGLICENSECHECK.EXE, Quarantined, 1000000, 0, 1.0.42351, 9B90602DA1FD3583F8AE8F41, dds, 01308968, 76B2F97ABAB9C7FAB09F2C4073B89408, 7EEE5A9E18D90ACD68047276EA97F439A946DCA49301AB55F884321B7C6ECF52 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) Link to post Share on other sites More sharing options...
Chizzy Posted July 2, 2021 Author ID:1467108 Share Posted July 2, 2021 i do not have the files of either of them. sorry i am new to the whole forum scene and what is required. Link to post Share on other sites More sharing options...
Porthos Posted July 2, 2021 ID:1467113 Share Posted July 2, 2021 52 minutes ago, Chizzy said: i do not have the files of either of them. Please stop deleting the quarantine. Nothing there can harm your computer. Both items especially the first could be false positives. Also, Do you have "Use expert system algorithms to identify malicious files" enabled? It is located in Settings > Security> Scan option. It is is normally disabled by default. FYI. This setting is in the experimental stage. That setting is to detect malformed files but sometimes legit files use protection that make them malformed. Malwarebytes is still tweaking the algorithms that is why it’s off by default. If you switch it on it is assumed, you are able to tell the difference between a FP and a legit detection. And if you keep it on, I suggest also turn off auto quarantine. Gives you the time to report FP's and not go thru the extra step to have to restore from quarantine. Please turn off "Use expert system algorithms to identify malicious files" enabled? It is located in Settings > Security> Scan option to avoid these detections 1 Link to post Share on other sites More sharing options...
Chizzy Posted July 2, 2021 Author ID:1467114 Share Posted July 2, 2021 Understood. I appreciate the help! 1 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now