Jump to content

Recommended Posts

Here is the log information (also the log is attached).  Please correct this since users are reporting false positives.  Thank you.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/24/21
Scan Time: 9:09 AM
Log File: 916ab97c-4d38-11ec-903d-a0cec8d1910e.json

-Software Information-
Version: 4.4.11.149
Components Version: 1.0.1513
Update Package Version: 1.0.47592
License: Free

-System Information-
OS: Windows 10 (Build 19043.1288)
CPU: x64
File System: NTFS
User: XXXXX

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 483438
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 7 min, 53 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
MachineLearning/Anomalous.96%, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\POWERGOLD SQL\PGSQL_SERVERPTCHTOOL.EXE, Quarantined, 0, 392687, , , , , , 

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
MachineLearning/Anomalous.96%, C:\PROGRAM FILES (X86)\POWERGOLD SQL\PGSQL_SERVERPTCHTOOL.EXE, Quarantined, 0, 392687, 1.0.47592, , shuriken, , 53F9383D7C120879BC2B4FF182464A23, DCF6C1A9C208667E2E1107FF805E8F5BFF514C8C53CFCE622D7957E123B4E821

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

False.txt

Link to post
Share on other sites

  • Staff

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation:


However, to make sure, can you unquarantine the file "PGSQL_SERVERPTCHTOOL.EXE" and zip and attach it to your next post please? This so we can have a look.

Thanks!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.