False alarms related to Microsoft Updates on Windows 10?

Superuser

False alarms related to Microsoft Updates on Windows 10?

Dear Sir,

 

Are we aware of possibly false trojan malware alarms occuring during Microsoft Updates? I have reports of this happening today on some Windows 10 computers in Hungary.

 

For example I can see this in F-Secure PSB portal happening on various school computers, but I have no access to samples, regrettably:

Threat: Trojan.Generic.15676248
Action: blocked
Path: F:\System Volume Information\DFSR\Private\{BFFFCE57-6480-40F9-9F24-284552F1FC32}-{8D4BC535-C650-4627-AA15-E75336D0A4E5}\Installing\Patch-{A1252A9E-F565-4365-96CB-D784464C7D1D}-v688895.exe

 

Thanks in advance, Yours Sincerely:
Tamas Feher, 2F 2000 Kft., Budapest, Hungary.

 

7 REPLIES 7
Superuser

Re: False alarms related to Microsoft Updates on Windows 10?

Hello,

 

Another report says the following (false?) alert causes repeated system restarts on Windows 10 but eventually the situation normalizes automatically somehow.

 

Date and time: 2017.12.19. 10:24:30
Computer name: <censored>
User account: SYSTEM
Path: C:\Windows\Temp\SppExtComObjHook.dll​
Threat: Trojan.HackTool.SUP
Action: Blocked

 

Thjanks in advance, Yours Sincerely:

Tamas Feher, Hungary.

Highlighted
F-Secure Product Expert
F-Secure Product Expert

Re: False alarms related to Microsoft Updates on Windows 10?

Hi Tamas, 

 

We are looking into this.



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Superuser

Re: False alarms related to Microsoft Updates on Windows 10?

Dear Ben,

Many thanks for the very quick response!

Please note I have also sent a report to the lab, these are the data if needed for collaboration:
Case ID: XXXXXXXXX
Sandbox ID: XXXXX

Yours Sincerely: Tamas Feher, Hungary.

EDIT: Removed PII

F-Secure Product Expert
F-Secure Product Expert

Re: False alarms related to Microsoft Updates on Windows 10?

The sample we have seems to be properly detected and not only by us.

 

Our labs would definitely need a sample to be able to cross check your detection sample. 



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Superuser

Re: False alarms related to Microsoft Updates on Windows 10?


@Ben wrote:

The sample we have seems to be properly detected and not only by us.

 

Our labs would definitely need a sample to be able to cross check your detection sample. 


by the way -> it's most popular detection (today?):

https://worldmap3.f-secure.com/

 

and does not detected by F-Secure a week ago (as example):

https://www.virustotal.com/en/file/ee186d0ce73e0dbc8f52cbad5658e9c07f24f1a3656c668ac79c26a64cd99e68/...

Novice

Re: False alarms related to Microsoft Updates on Windows 10?

My system reports Trojan.HackTool.SUP and is starting up over and over again, does not return to normal

Superuser

Re: False alarms related to Microsoft Updates on Windows 10?

Hello,

Is your system pirated or is it a legitimately licenced Windows copy?

Best Regards: Tamas Feher, Hungary.