Re: Update 1.4.1.1025 Quarantined as malicious

brebbin · Post by **brebbin** » Thu Aug 01, 2024 7:37 am

Hello,

Our I.T is removing Everything from machines because the most recent update is being flagged as a threat by our endpoint security:

Secure Endpoint found a total of 1 events matching your subscription named dangers since 2024-08-01 07:10:07 UTC.
1.
o Event Type: Threat Detected
o Computer: PC001.local
o Hostname: PC001.local
o IP: 111.111.11.5
o User: SYSTEM@NT AUTHORITY
o Detection: Gen:Variant.Mikey.149441
o File: Everything.exe
o File path: \\?\C:\Program Files (x86)\Everything\Everything.exe
o Detection SHA-256: dab850efaa0f83d7863c01674371990c559516def3b7790b05fa1e273ab953ed
o By Application: Everything_1.4.1.1025_x86_Setup.exe
o Application SHA-256: 885dd2d65dc09c763b7da00707f3599963f37bc985e3fe78d555f7c74d998ac3
o Severity: Medium
o Timestamp: 2024-08-01 07:07:25 +0000 UTC
Log into your Cisco Secure Endpoint Console for more information.

is there anything that could have caused this to happen?
We use software to keep all 3rd party apps updated.
i would like to keep the tool on the machines as it's so helpful.

Post by **void** » Thu Aug 01, 2024 7:45 am

Everything 1.4.1.1025 and 1.4.1.1026 are only localization updates.

This is a false positive.

I will send Cisco Secure Endpoint a false positive report.

For now, use the Lite version.

brebbin · Post by **brebbin** » Thu Aug 01, 2024 7:51 am

Ah Awesome, Thank you very much.

if there is any more information a i can provide please let me know!

Johnny99 · Post by **Johnny99** » Thu Aug 01, 2024 8:16 pm

void wrote: ↑Thu Aug 01, 2024 7:45 am This is a false positive.

I will send Cisco Secure Endpoint a false positive report.

For now, use the Lite version.

Hi.. can you please do the same for ESET? 1.4.1.1026 is getting flagged here.. thanks.

Post by **void** » Sat Aug 03, 2024 12:19 am

ESET is no longer flagging Everything 1.4.1.1026.
It may take up to 24 hours for this to filter down to clients.

There was zero changes in 1.4.1.1026

Please let me know if 1.4.1.1026 is being flagged.

Johnny99 · Post by **Johnny99** » Sat Aug 03, 2024 4:10 pm

void wrote: ↑Sat Aug 03, 2024 12:19 am ESET is no longer flagging Everything 1.4.1.1026.
It may take up to 24 hours for this to filter down to clients.

There was zero changes in 1.4.1.1026

Please let me know if 1.4.1.1026 is being flagged.

It is fine now.. thanks.