digmorcrusher Posted September 3, 2021 ID:1478327 Share Posted September 3, 2021 (edited) The latest Malwarebytes update gives a (false?) alarm on mp3DirectCut (.exe and .lnk files).All VirusTotal engines claim that the executable is clean. This was posted on another forum by a person who does not have an account here. I'm posting it here to help him out. Edited September 3, 2021 by digmorcrusher Link to post Share on other sites More sharing options...
Staff cli Posted September 4, 2021 Staff ID:1478376 Share Posted September 4, 2021 Can you attach the detected file and logs? Thanks. Link to post Share on other sites More sharing options...
digmorcrusher Posted September 4, 2021 Author ID:1478377 Share Posted September 4, 2021 Nope, as I said in the original post, it wasn't me who got this detection, I'm posting for someone else from another forum who got this detection and who doesn't want to post here. I will post a link to this for him and see if he wants to help out. Link to post Share on other sites More sharing options...
1PW Posted September 4, 2021 ID:1478378 Share Posted September 4, 2021 Since both forum topics are in the public's eye, the other topic is: https://www.wilderssecurity.com/threads/malwarebytes-anti-malware-updates.389946/page-109#post-3031314 Thank you Link to post Share on other sites More sharing options...
1PW Posted September 4, 2021 ID:1478404 Share Posted September 4, 2021 (edited) Hello @cli: The following VT detection analysis is derived from the user's posting at Wilders: https://www.virustotal.com/gui/file/da6fdd972d4f1bcc21c70f4fc610c51d001af83ada8c6909c9ae23643191464e/detection Quote File: 2 Malware.Heuristic.1003, C:\USERS\XIII\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Apps\MP3 Direct Cut.lnk, No Action By User, 1000001, 0, , , , , , Malware.Heuristic.1003, C:\PROGRAM FILES (X86)\MP3DIRECTCUT\MP3DIRECTCUT.EXE, No Action By User, 1000001, 0, 1.0.44526, 0000000000000000000003EB, dds, 01404724, 21BD1D99F890218F0C0E358EA6A1A5AF, DA6FDD972D4F1BCC21C70F4FC610C51D001AF83ADA8C6909C9AE23643191464E Since the above VT analysis implies version 2.3.3.0, the following is a Fosshub download URL for the mp3DirectCut v2.3.3.0 installer only and not the installed executable in question: https://www.fosshub.com/mp3DirectCut.html?dwl=mp3DC233.exe HTH Edited September 4, 2021 by 1PW Link to post Share on other sites More sharing options...
Staff shadowwar Posted September 4, 2021 Staff ID:1478406 Share Posted September 4, 2021 this file has been whitelisted. Suggest they turn off expert system algorithms. This is off by default. Its designed to catch zero day malformed files but sometimes packers malform them and cause fps. This is only to be turned on if there is an active infection that is cleaned up and want to scan to make sure there isnt any unknown zero days. Its assumed when you turn this on you can tell the difference between a fp and a legit detection. 1 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now