Re: Update 1.4.1.1025 Quarantined as malicious

If you are experiencing problems with "Everything", post here for assistance.
Post Reply
brebbin
Posts: 2
Joined: Thu Aug 01, 2024 7:24 am

Update 1.4.1.1025 Quarantined as malicious

Post by brebbin »

Hello,

Our I.T is removing Everything from machines because the most recent update is being flagged as a threat by our endpoint security:

Secure Endpoint found a total of 1 events matching your subscription named dangers since 2024-08-01 07:10:07 UTC.
1.
o Event Type: Threat Detected
o Computer: PC001.local
o Hostname: PC001.local
o IP: 111.111.11.5
o User: SYSTEM@NT AUTHORITY
o Detection: Gen:Variant.Mikey.149441
o File: Everything.exe
o File path: \\?\C:\Program Files (x86)\Everything\Everything.exe
o Detection SHA-256: dab850efaa0f83d7863c01674371990c559516def3b7790b05fa1e273ab953ed
o By Application: Everything_1.4.1.1025_x86_Setup.exe
o Application SHA-256: 885dd2d65dc09c763b7da00707f3599963f37bc985e3fe78d555f7c74d998ac3
o Severity: Medium
o Timestamp: 2024-08-01 07:07:25 +0000 UTC
Log into your Cisco Secure Endpoint Console for more information.

is there anything that could have caused this to happen?
We use software to keep all 3rd party apps updated.
i would like to keep the tool on the machines as it's so helpful. :mrgreen:
Last edited by brebbin on Thu Aug 01, 2024 7:58 am, edited 3 times in total.
void
Developer
Posts: 16680
Joined: Fri Oct 16, 2009 11:31 pm

Re: Update 1.4.1.1025 Quarantined as malicious

Post by void »

Everything 1.4.1.1025 and 1.4.1.1026 are only localization updates.

This is a false positive.

I will send Cisco Secure Endpoint a false positive report.

For now, use the Lite version.
brebbin
Posts: 2
Joined: Thu Aug 01, 2024 7:24 am

Re: Update 1.4.1.1025 Quarantined as malicious

Post by brebbin »

Ah Awesome, Thank you very much.

if there is any more information a i can provide please let me know!
Johnny99
Posts: 2
Joined: Thu Aug 12, 2021 6:00 am

Re: Update 1.4.1.1025 Quarantined as malicious

Post by Johnny99 »

void wrote: Thu Aug 01, 2024 7:45 am This is a false positive.

I will send Cisco Secure Endpoint a false positive report.

For now, use the Lite version.
Hi.. can you please do the same for ESET? 1.4.1.1026 is getting flagged here.. thanks.
void
Developer
Posts: 16680
Joined: Fri Oct 16, 2009 11:31 pm

Re: Update 1.4.1.1025 Quarantined as malicious

Post by void »

ESET is no longer flagging Everything 1.4.1.1026.
It may take up to 24 hours for this to filter down to clients.



There was zero changes in 1.4.1.1026

Please let me know if 1.4.1.1026 is being flagged.
Johnny99
Posts: 2
Joined: Thu Aug 12, 2021 6:00 am

Re: Update 1.4.1.1025 Quarantined as malicious

Post by Johnny99 »

void wrote: Sat Aug 03, 2024 12:19 am ESET is no longer flagging Everything 1.4.1.1026.
It may take up to 24 hours for this to filter down to clients.



There was zero changes in 1.4.1.1026

Please let me know if 1.4.1.1026 is being flagged.
It is fine now.. thanks.
Post Reply