Is this a known thing to take place? Either way, if someone smarter than myself could explain how/why to me, that would be fantastic.
Here is the :link to the file that this happened while installing.
The following is the entire log from during the installation:
Protection Event Date: 3/26/21
Protection Event Time: 6:52 AM
Log File: 4b1f5ecc-8e21-11eb-8276-2cf05d3e21a8.json
Components Version: 1.0.1236
Update Package Version: 1.0.38723
OS: Windows 10 (Build 18363.1316)
File System: NTFS
(No malicious items detected)
Malware.Exploit.Agent - T1003 - Credential Access, , Blocked, 0, 392684, 0.0.0, ,
Affected Application: C:WindowsSysWOW64WindowsPowerShellv1.0powershell.exe
Protection Layer: APT Behavior Protection
Protection Technique: T1003 - Credential Access
You're getting a generic suspicious behavior warning, highly likely it's a false positive, however i cannot guarantee it, so download from AMD's own site if you're feeling uneasy about this.
Driver installation of some kind is likely to trigger this, especially if it takes some unusual way to do its thing. AV scanners are set to be highly paranoid about any low level access behavior they don't recognize.ID: gsb8yh3
highly likely it's a false positiveID: gsc0d0o
Ooh I didn't even think about virus total. Good lookin out
+1 download Chipset and GPU drivers directly from AMD.ID: gsae7bl
I was getting the new BIOS for my mobo, so I was already there. That's how it came about that I used msi's site.ID: gsb04ll
I hear ya. The convenience is there, unfortunately the AIBs don't always update their drivers listed to the latest version, and at times they add a bit of bloat to the installers, which may be the false positive malware bytes picked up on. One example is ASROCK has an AMD-all-in-one driver update availble. They stopped updating it after around 4-6 months post release (Just looked, they outright removed it since I last checked out of curiousity). Mind you this was for my x370 board, so its aged.
Another example using my motherboard and ASROCK, is they updated their driver page for my motherboard with chipset drivers ver 18.104.22.168, dated 3/9/2021. I currently have Motherboard chipset driver 22.214.171.1241 installed.
It's a credential problem: T1003 means one (or more?) of the data packages has an expired or invalid Digital Certificate or, more likely, that Malwarebytes recognizes that Certificate as potentially damaging.
Since it seems like you have a Premium account, try dropping them a line: you are a paying customer after all, and it cannot be worse than dealing with Digital River.ID: gsadwt9
I might just do that.ID: gsap8hj
Haha i love it how we are just talking shit about dr after this whole store ordering shenanigans.ID: gsawcov
You know those old flicks about Vietnam where a veteran sees something that awakens suppressed trauma like seeing his best friend shot by a sniper or something equally atrocious? Same thing. Digital River has long had its tentacles everywhere, so it's likely a a lot of folks is starting to have far from pleasant flashbacks.
I submitted a ticket. If I learn anything interesting, I will post it hereID: gsbv22j
You're doing gods work.ID: gsbxzxk
Just an automated response giving me a ticket number, thus far.
I know others have already said so, but download chipset drivers only from AMD's website.
It's highly likely a false positive, but you never know. Razer a decade ago was hacked and Razer's drivers were reuploaded with a trojan virus in them.ID: gsc7bf4
ASUS in 2019, too.
I haven’t used AV software since like 2007. It’s all garbage. Windows has enough built-in security.ID: gsb1bmn
Malwarebytes and ESET are aightID: gsb1ak9
Malwarebytes and ESET are aightID: gscq2l2
Not really especially if you work with new files / use pirate games/soft. Using Kapersky cloud + wise vector for extra anti ransomware. Free and minimum false alarms (I think I got 3 last year)
lol, someone in another thread gave MalwareBytes as an example of a "good" antivirus suite.
In any case - download direct from AMD's site, not the mobo vendor's.
Msi's a taiwan company. Get the chipset drivers from amd site if you're worried
Update, i'm sayin it's taiwan to assure op it's safe, op said that china's trying to ship malware with the driversID: gsa1dav
Retracted. They were trying to silence negative reviews fairly recently,so I think you can see why I might get them confusedID: gsa1jdw
Am not worried, more curiousID: gsaqmda
Funnily enough TSMC is too ..should we be worried about malware in the PSP 😛
In all honesty with how fucking overzealous Malwarebytes is at times I wouldn't be at all surprised to see it flag the PSP as malware at some point.
I get more false positive warnings from it than I do actual real warnings.
Was this update to fix the USB connection issues?ID: gsc2knj
No idea, but im pretty sure the issue date was newer than what I had running
MSI dragon center can be classified a malware as it keeps installing cfospeed(it messes up my upload speeds) without any visible way to disable it.ID: gsbn7op
With the latest dragon center you can. Don't get me wrong. Dragon center is the worst kind of pc cancer there is.ID: gsbz6vf
I don't see this issue, thankfully. I use it for fan curves without having to enter the bios. All other monitoring is done by Ryzen Masters and Radeon software, although I have been thinking about trying afterburner with my new ekwb gpu cooler. Still gotta get the rgb working. That 3 pin connector is pure torture,imo
I was about to install the MSI chipset driver!!
Edit: the Audio and Lan drivers should be okay to download from my MSI board page??ID: gsbzfd2
I installed them, they were fine.
Yeah, I'm my experience you'll get the most up to date chipset drivers direct from AMD. MSI is actually pretty good about getting bios updates out pretty quick (at least for my board) but, chipset must be the job of another department because they're months old most times
Maybe scalping and increasing prices were not enough for MSI so they decided to turn customer pcs to zombies and mine with them for even moar profit xd
I wish I could be as cool as some of you all. Your opinions are so edgy and impressive
Always download from AMD lolID: gsdahqz
What a refreshing comment
Wrong sub, try.ID: gsalktt
Is it so wrong to be curious about something? How tf do yall learn anything?ID: gsawz8j
Your mistake was using Malwarebytes. Even Norton AV is better.
It's Malwarebytes. They probably have a false positive they whitelisted for AMD package but the white list isn't working here.
Malware bytes in any event is shit anyway
People avoid them for a reason. If you try to see since which bios version a cpu is supported for their mainboards ... no data (very sad) !