Another False Detection - Malware.AI.1417261220 (cyberlink install file)

[BobSoul]

• Category: Malware
• Group name: 
• Public endpoint IP: 
• Endpoint name: 
• OS platform: Windows
• OS release name: Microsoft Windows 10 Pro
• Location: C:\PROGRAMDATA\TEMP\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\SETUP.EXE
• Policy name: Retina Consultants
• Report time: July 15th 2022, 02:20:46 UTC
• Scan time: July 15th 2022, 02:01:01 UTC
• Action taken: Quarantined
• Threat name: Malware.AI.1417261220
• Type: file

The file is the default system setup files from cyberlink dvd software from a dell install -- its an old file that is just there from setup once machine restarts and finsihes updates ill add the diags .. this machine like my other one runs about 4 to 6 scans a day previous scans 2 hours before last scan where clean with this file present

 

[BobSoul]

3 other files detected in same directory as same AI dectection with same details

C:\PROGRAMDATA\TEMP\{2A87D48D-3FDF-41FD-97CD-A1E370EFFFE2}\SETUP.EXE

C:\PROGRAMDATA\TEMP\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\SETUP.EXE

C:\PROGRAMDATA\TEMP\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\SETUP.EXE

 

[BobSoul]

ok here are the diags from that machine -- all the files appear to be the setup files from the default preinstalled system files pre shipped with dell -- they have been on the machine for awhile and previous scanns throughout the week found them fine till the latest updated definitions tonight from the endpoint console

640011938_MalwarebytesDiagnostics(2).zip

[miekiemoes]

Hi,

This detection has been removed 4 hours ago already, so should no longer be detected anymore.