MalwareBytes flagging PYTHONLIB.zip

Anything that doesn't fit into any of the other forums
Post Reply
knak
Posts: 2
Joined: Mon May 24, 2021 1:06 am

MalwareBytes flagging PYTHONLIB.zip

#1

Post by knak »

Hello. For some reason MalwareBytes is wanting to quarantine PYTHONLIB.ZIP as malware. Any idea why? Note I'm running v3.2 64 bit.

Keith

.
User avatar
Menno555
Posts: 1053
Joined: Mon Apr 20, 2020 2:19 pm
Location: The Netherlands
Contact:

Re: MalwareBytes flagging PYTHONLIB.zip

#2

Post by Menno555 »

Hi Keith

Most likely a false positive flag. I just scanned the ZIP with Kaspersky and nothing is found.
Do you have the latest versions of SharpCap and MalwareBytes?

Menno
User avatar
admin
Site Admin
Posts: 13173
Joined: Sat Feb 11, 2017 3:52 pm
Location: Vale of the White Horse, UK
Contact:

Re: MalwareBytes flagging PYTHONLIB.zip

#3

Post by admin »

Hi,

this zip file contains basically the entire standard code library for the Python programming language zipped up into one zip file (a single zip saves installing hundreds of small files which would slow down the install).

I expect that somewhere else in the world, someone has written malware based on python and the people at Malwarebytes haven't been careful enough distinguishing between the actual evil code and the standard python code library it is built on.

Sadly these sorts of false positives are inevitable given the amount of stuff antivirus tries to detect these days. My suspicion is that the freemium (free, but selling premium option) antivirus tends to raise more issues and be more intrusive as they want to make you feel it is doing something to justify the upgrade price.

Microsoft Windows Defender for me - unobtrusive and rare to get false positives.

cheers,

Robin
knak
Posts: 2
Joined: Mon May 24, 2021 1:06 am

Re: MalwareBytes flagging PYTHONLIB.zip

#4

Post by knak »

Thanks for the responses. I updated SharpCap and ran Malwarebytes again, and it didn't flag anything, though I highly doubt the upgrade had anything to do with it. As you say, false positive, though not sure why now (but it looks like this was detected by their new AI module: https://blog.malwarebytes.com/detections/malware-ai/).

Keith
Post Reply