-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
msys-2-0.dll quarantined by Malwarebytes #3943
Comments
What exactly does Malwarebytes quarantine and how does that lead to a forced reboot? |
https://www.virustotal.com/gui/url/56943470194302e45bd24362d1eddb92208189e9b3875987a3d5cd6e5cac3f77/detection disagrees with the anti-malware's assessment. |
@rimrul |
just ran a 7z extract instead of .exe and everything was fine until I ran the git-bash command as written in post-install.bat just as an fyi I use and have used git-for windows for years without this problem. both portable and windows installed version. I'm contacting malwarebytes was I type to try to sort this out. |
update: |
No. It has some native parts (in
Ok, so It quarantines |
@N6REJ it is unfortunate that you simply deleted the bug reporting template, instead it would have been much better to take the hint to include as much information as possible. Now we have a time-consuming back-and-forth instead, which is frustrating to all involved. One thing that strikes me as a very likely culprit is that your copy of Malwarebytes might be different from (and I suspect: it is older than) VirusTotal's copy. Since VirusTotal labels this safe (and has Malwarebytes' blessing to do so), I will close this ticket as a false positive. |
@dscho sorry for erasing the template, it seemed irrelvant since it was asking what I was doing that triggered it. since I hadn't even run it at the time there were no answers I could give. I understand your frustration. My copy of malwarebytes is up-to-date and is their premium version. |
Right, it's probably a good question for Malwarebytes' support team. |
@N6REJ thank you for adding that information! I am curious, though, why their expert system algorithm triggers. Maybe there is something in the MSYS2 runtime we can change so that Malwarebytes gets less trigger-happy? |
I'm not sure... you want their ticket #? |
I am not a customer, therefore I have no chance of getting their attention. |
let me see if I can get them to participate. I'll fire off a response to them.
|
@dscho ok, fired it off with details. hope this helps. |
@N6REJ not sure whether you intended to paste the report about a VBS script? I thought we were talking about |
These expert algorithms seem to be a family of aggressive heuristics that
https://forums.malwarebytes.com/topic/278532-malwareheuristic100x-detections-and-explanation/ They also note that these heuristics commonly produce false positives. |
That's just a tangent about another recent experience where malwarebytes seemingly produced a false positive. |
upon extracting PortableGit-2.37.0-32-bit.7z.exe malware bytes throws an immediate quarantine on mysys32 severe enough that a forced reboot is required.
The text was updated successfully, but these errors were encountered: