« previous next »
Pages: [1]   Go Down

Author Topic: False Positive: Media Player Classic  (Read 426 times)

0 Members and 1 Guest are viewing this topic.

Offline trparky

  • Jr. Member
  • **
  • Posts: 28
False Positive: Media Player Classic
« on: September 05, 2024, 01:51:38 AM »
hXXps://github.com/clsid2/mpc-hc/releases/download/2.3.5/MPC-HC.2.3.5.x64.exe

This download is being treated as a virus by Avast. Avast is the only antivirus engine out of several at VirusTotal that's detecting it as a virus.

My Event ID is 6cbaaae270f7/2024-09-04T23:47:38.739Z
« Last Edit: September 05, 2024, 02:23:20 AM by trparky »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89670
  • No support PMs thanks
Re: False Positive: Media Player Classic
« Reply #1 on: September 05, 2024, 02:15:21 AM »
Quote from: trparky on September 05, 2024, 01:51:38 AM
hXXps://github.com/clsid2/mpc-hc/releases/download/2.3.5/MPC-HC.2.3.5.x64.exe

This download is being treated as a virus by Avast. Avast is the only antivirus engine out of several at VirusTotal that's detecting it as a virus.

My Event ID is 6cbaaae270f7/2024-09-04T23:47:38.739Z

Please break active link to the suspect file, as I have in the quoted link.

Possible False Positive - New location to report both a False Positive and or a False Negative (for File or URL) - https://www.avast.com/submit-a-sample#pc

What is the VirusTotal link for the scan ?
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline trparky

  • Jr. Member
  • **
  • Posts: 28
Re: False Positive: Media Player Classic
« Reply #2 on: September 05, 2024, 02:47:44 AM »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89670
  • No support PMs thanks
Re: False Positive: Media Player Classic
« Reply #3 on: September 05, 2024, 03:11:49 AM »
That is good in that the file has been analysed as if it was simply the URL that you gave, in the VT tests the Web Shield scan on live sites can't be run.

So you could possibly override the Avast Alert Exception for the download location to download but not run the file. 
Now the File System Shield, should kick in and alert. It could be sent to quarantine and from there submitted to avast for analysis. 
Giving details on it and possibly this topic and or the virustotal results.

It may even be because the file isn't digitally signed given what I would consider a low grade alert FileRepMalware [Misc].
« Last Edit: September 05, 2024, 03:13:32 AM by DavidR »
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
Re: False Positive: Media Player Classic
« Reply #4 on: September 06, 2024, 04:45:15 PM »
This is probably what is been alerted, the IP for that download address.
There is abuse on there. https://www.abuseipdb.com/check/140.82.112.4

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »