schuetzdentalCB 8 Posted January 22, 2020 Share Posted January 22, 2020 Today ESET marked the same File which looks like something as an microsoft update as a trojan on 3 PC's. - Maybe someone can tell me something about this? Looks Like False Positive to me. Threatname: XML/Runner.M Hash: B885CB1F1F93D57B56F07EF5789AECA4CA170336 file:///C:/Windows/servicing/LCU/Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.535.1.6/amd64_microsoft-onecore d..ectxdatabaseupdater_31bf3856ad364e35_10.0.18362.387_none_8b2d87237c70998c.manifest THX Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted January 22, 2020 Administrators Share Posted January 22, 2020 Yes, this was a false positive, fixed at approx. 7:45 CET. schuetzdentalCB 1 Link to comment Share on other sites More sharing options...
Zakes 0 Posted January 22, 2020 Share Posted January 22, 2020 We received the same alert for "Windows10.0-KB4528760-x64.cab" with SHA256: DF04023D99202BAAAC3B3464FFCFBA674B6A31F1D94E9CFABB55FEBBA39F8438 Along with one other Windows updated file that I don't currently have a filename or hash. Same false positive issue? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted January 22, 2020 Administrators Share Posted January 22, 2020 As I wrote above, the FP was fixed about 9 hours ago. The file should not be detected any more. Link to comment Share on other sites More sharing options...
LinkinForcer 1 Posted January 23, 2020 Share Posted January 23, 2020 Nice to know! Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts