O
OlliverAira
Guest
A screenshot of the full report:
Learn more: PUA:Win32/InstallCore threat description - Microsoft Security Intelligence
The file which it mentions in the report is an exe downloaded with Microsoft edge and which I then copied into a Windows Sandbox and ran from there.
So I tried removing the file from my downloads directory, restarted my pc and then ran a quick scan of my system with Windows Security. and then it gave me a new security alert: (The old one still being there)
Did the app run itself from the downloads directory or did it escape the sandbox, or could this be that it actually just found the malware files in my downloads directory and that it doesnt actually know if it have actually been executed? Non the less Im 100% positive I never opened it from my downloads directory, but that I only copied it into my sandbox and ran it from there, which is why Im asking about this here, because it just sounds so weird to me that it would be running without me ever executing it outside of the sandbox, and that the only infected files happen to be the ones I downloaded.
Also about the second security alert, there it says its not active and that its not running, but what I actually did was just uninstall it. If it really was a malware running on the device, wouldnt it of already copied itself to other directories at this point (Judging by what it says on the learn more page)?
My windows Version : 10.0.19041.329
More...
Learn more: PUA:Win32/InstallCore threat description - Microsoft Security Intelligence
The file which it mentions in the report is an exe downloaded with Microsoft edge and which I then copied into a Windows Sandbox and ran from there.
So I tried removing the file from my downloads directory, restarted my pc and then ran a quick scan of my system with Windows Security. and then it gave me a new security alert: (The old one still being there)
Did the app run itself from the downloads directory or did it escape the sandbox, or could this be that it actually just found the malware files in my downloads directory and that it doesnt actually know if it have actually been executed? Non the less Im 100% positive I never opened it from my downloads directory, but that I only copied it into my sandbox and ran it from there, which is why Im asking about this here, because it just sounds so weird to me that it would be running without me ever executing it outside of the sandbox, and that the only infected files happen to be the ones I downloaded.
Also about the second security alert, there it says its not active and that its not running, but what I actually did was just uninstall it. If it really was a malware running on the device, wouldnt it of already copied itself to other directories at this point (Judging by what it says on the learn more page)?
My windows Version : 10.0.19041.329
More...