Jump to content

False Detection Possible- SNAPSHOT_BLOB.BIN


BobSoul
 Share

Recommended Posts

Scheduled scan ran at 9 then at 1pm ( new def files ) and got this

Spyware.AgentTesla File

C:\PROGRAM FILES\COMODO\DRAGON\SNAPSHOT_BLOB.BIN

 

Detection  - This program was removed and this appears to be what was left behind -

this is the program

 

https://www.comodo.com/home/browsers-toolbars/browser.php

 

at one point a user installed this an there free virus scanning software - I believe this file is one of there bin files for virus scanning software.

This was removed awhile back so  this left behind remnant would have been present on machine for awhile ( I thought I had got all of it uninstalled)

I'm assuming a false ID on an old file ( which is not needed anyway) so I can tell user they can stop worrying :)

 

I attached the diagnostic logs 

 

I restored file to get copy -- then updated MWB nebula client and am running a scan to see if it triggers again... I did get a copy to a thumbdrive

 

Malwarebytes Diagnostics (1).zip

Edited by AdvancedSetup
Corrected font issue
Link to post
Share on other sites

  • BobSoul changed the title to False Detection Possible- SNAPSHOT_BLOB.BIN

After second scan after restoring file to get sample - and updating the client once again it wasnt detected this time ( though not sure if restore made the client flag it as an exception -- my understanding from past restores etc this wasnt case )

 

Link to post
Share on other sites

Ran Emsisoft Emergency scanner against the file --- on an isolated machine -- and it came up clean -- then ran fresh install of nebula endpoint against it and it also came clean  -- I'm almost sure this is a false positive

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.