Jump to content

Technic Launcher false positive

Go to solution Solved by Arthi,

Recommended Posts

This was reported by one of our users.

   "applicationVersion": "",
   "chromeSyncResetQueryRequested": false,
   "chromeSyncResetQueryResult": false,
   "clientID": "",
   "clientType": "other",
   "componentsUpdatePackageVersion": "1.0.2005",
   "coreDllFileVersion": "0.0.0",
   "cpu": "x64",
   "dbSDKUpdatePackageVersion": "1.0.69588",
   "detectionDateTime": "2023-05-17T06:16:40Z",
   "fileSystem": "NTFS",
   "id": "63181764-f47a-11ed-8896-04d9f5d35dde",
   "isUserAdmin": true,
   "licenseState": "licensed",
   "linkagePhaseComplete": false,
   "loggedOnUserName": "System",
   "machineID": "",
   "os": "Windows 10 (Build 19044.2965)",
   "schemaVersion": 20,
   "sourceDetails": {
      "type": "ae"
   "threats": [
         "ddsSigFileVersion": "",
         "linkedTraces": [

         "mainTrace": {
            "archiveMember": "",
            "archiveMemberMD5": "",
            "cleanAction": "block",
            "cleanResult": "successful",
            "cleanResultErrorCode": 0,
            "cleanTime": "2023-05-17T06:16:40Z",
            "exploitData": {
               "appDisplayName": "Java",
               "blockedFileName": "C:\\Users\\Ciaran\\AppData\\Roaming\\.technic\\temp.exe -movetarget \\C:\\Users\\Ciaran\\Desktop\\TechnicLauncher.exe -moveronly",
               "documentFileName": "",
               "layerText": "Application Behavior Protection",
               "protectionTechnique": "Exploit payload process blocked",
               "url": ""
            "generatedByPostCleanupAction": false,
            "hubbleRequestErrorCode": 0,
            "id": "631b8728-f47a-11ed-b9de-04d9f5d35dde",
            "igExitCode": "",
            "isPEFile": false,
            "isPEFileValid": false,
            "isWhitelistedByAdsInfo": false,
            "linkType": "none",
            "objectMD5": "",
            "objectPath": "",
            "objectSha256": "",
            "objectSize": -1,
            "objectType": "exploit",
            "resolvedPath": ""
         "ruleID": 392684,
         "ruleString": "",
         "rulesVersion": "0.0.0",
         "srcEngineComponent": "unknown",
         "srcEngineThreatNames": [

         "threatID": 0,
         "threatName": "Exploit.PayloadProcessBlock"
   "threatsDetected": 1

The file itself is clean, no detections, it's just the exploit protection kicking in: https://www.virustotal.com/gui/file/0faebc4de7b208ab83880b6e686e9630ed3d40891848aa694a953bb0b6677b11/detection (https://launcher.technicpack.net/launcher4/773/TechnicLauncher.exe).

Link to post
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.