Both MalwareBytes and Symantec Endpoint Protection are flagging osmc-installer.exe with MD5: 1588E73087F6903D04BA5100CA1ED6E9.
MBytes flags as Malware.AI.4229275713
SEP flags as Bloodhound.MalPE
Both appear to be potential false positives but it is concerning that they both tripped in very short succession on the same machine where the installer has existed for at least a couple of weeks.
2 thoughts:
-
Were there any other .exe showing same infection? (that might have contaminated the osmc_installer.exe)
-
Most AV use heuristics, that are often shared among databases. So one hit can become many in a short while.
Try download a fresh installer, and scan it (preferably on another computer).
Full scans with both come back clean, no other files of any type showing infection.
I have to imagine you’re right and the file hash was flagged in a database with as quickly as both products jumped on it.
I’m not in need of it anymore and its probably an old build at this point anyway. Searching on the file hash it looks like it was from back in January. (I haven’t checked if a newer download exists, what the file hash is…)
Both products tripped on the exact same file and both say they quarantined it so its kind of interesting. - Which one actually grabbed it and has it now? (I probably should have written “interesting” in place of “concerning” I guess.)
Anyway. Not a problem (for me, right now) per se, just throwing it out there as an FYI.
Thank you for the feedback.
I’ve checked this with VirusTotal and the file looks clean.
If you search on this forum - we do get a false positive occasionally.