1 2 Previous Next 14 Replies Latest reply on Jan 26, 2015 7:54 AM by exbrit

    GetSusp Identifies Microsoft Mahjong Files As Suspicious

    bxcrwlly

      Downloaded and ran the GetSusp scan.  Greater than 10MB files were identified as suspicious.  99.9% of the files were Microsoft Mahjong files.  Log file too large to upload to McAfee.  Mahjong appears to be legit gameware from Microsoft based on my limited research.  I actually don't run the software.  Why are these files identified as suspicious and how can I send McAfee a log file 10MB or larger?

        • 1. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
          exbrit

          Normally anything in the system like MS Games would be fine, but maybe something else has crept in.

          Try running Malwarebytes Free, see last link below, to check for malware.

          Note: to keep Malwarebytes actually free of charge do NOT accept the free trial NOR activate the product, if asked to.

          Toronto ▪ Canada
          Volunteer Moderator - Consumer Products
          I CAN'T HELP PRIVATELY - PLEASE POST IN THE FORUMS
          Use Advanced Search To Find Answers

          Consumer Technical Support (alter Country @ top right as needed)

          Consumer Customer Service (Accounts, Billing, Registration, etc.)
          Anti-Spyware/Malware/Hijacker Tools

          • 2. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
            bxcrwlly

            Thanks Ex_Brit....will give it a shot.  Also ran BitDefender Malware Scan and ADW.  Neither identified the files as suspicious....WEIRD!  Last time I ran GetSusp, only 4 files found and none of them related to Majhong.  I couldn't specifically identify the Mahjong program as I was going to uninstall; however according to various articles,  it appears to be buried underneath Wild Tangent Games.  I searched for all Mahjong files and deleted all of them, then uninstalled Wild Tangent Games.  Will follow through on your suggestion too, then run GetSusp again and see what happens.  THANKS!

            • 3. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
              exbrit

              Well good luck.  BTW what operating system is this so maybe I can compare?

              • 4. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
                bxcrwlly

                Win 8.1, 12GB Ram, 1TB Drive

                • 5. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
                  exbrit

                  OK I just booted over to my Win 8.1 partition and I discover that by default there are no installed games, so you must have downloaded this one I assume?

                  GetSusp (which I assume you got from http://getsusp.mcafee.com/ ) only finds my Alienware lighting software as 'unknown' and nothing else.

                  The chances are it is a false positive, one never knows.  If you entered your email address in GetSusp Preferences they will get back to you eventually, if you managed to get it to submit the files, that is.

                  A file the size you mention shouldn't be a problem for GetSusp but may very well br a problem for your ISP as they often restrict upload/downloads.

                  Did you try unchecking the logs option and just letting GetSusp submit the actual software sample?

                  • 6. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
                    Hayton

                    Mah Jong came pre-loaded on Vista and Windows 7, but not on Windows 8(.x) machines, and I don't see it listed in Apps for Windows (although it might be there somewhere). So this game was probably downloaded from somewhere else, and the highest ranking download source listed by Google is .... Softonic, of evil repute. If that's where the game files came from I'm not at all surprised that GetSusp has found a problem with them. It might have been instructive to upload some of the exe and dll files to VirusTotal to test them against a range of other antivirus products.

                    • 7. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
                      exbrit

                      The Mahjong that comes with the earlier editions of Windows comes from Oberon Games.

                      The OP mentions Wild Tangent Games here.  So I went to my Windows 8.1 Games - which switches you to the Metro interface and I searched for Mahjong (once in Metro or the App simply type the name of the game and it will search for you).  Up came Microsoft Mahjong made by Arkadium.

                      I installed it and no problems since.  Incidentally there are other free games branded by Microsoft which can be installed in that manner.

                      I suspect the OP downloaded it externally via this Wild Tangent outfit and it came accompanied by possible malware or at best unwanted baggage in the shape of "extras" hence GetSusp wanting to check what's going on.

                      If you want the games to be included in the Games App then they must be installed via the App.

                      I went looking for Pinball (à la XP) a while back and came across a highly improved one, Pinball FX2, and installed that outside the Games App.  If you do it that way it will be listed as just another App or Programme but not within the Games umbrella.

                       

                      Untitled.jpg

                      • 8. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
                        bxcrwlly

                        Ex_Brit....use of GetSusp is getting more weird each time I use it.  I'm finally rid of the Mahjong files issue.  Now GetSusp is identifying what appears to me as "false positives."  13 files.  Some were from HP who built my computer with some sort of Snapfish identification.  Some from Dashlane, my password manager, some from Garmin my GPS manufacterer, one from Seagate my USB drive manufacterer.  I'm going to send them to McAfee in a log file.  Hopefully I'll get some feedback.  I think in the meantime, I'll leave the files alone.  Most of the files are in my Apps Directory...again, just weird.  I do have a feeling that as both you and Hayton noted above; some of the Mahjong stuff and perhaps some of this HP Snapfish stuff is sneaking in within other legitimate downloads I've made, even Google.  Chrome is my browser of choice at least until Win10 rolls out, then I'll try out Microsofts replacement for IE.  Thanks for all your help and guidance on this issue.

                        • 9. Re: GetSusp Identifies Microsoft Mahjong Files As Suspicious
                          bxcrwlly

                          Hayton....pls see my reply above to Ex_Brit.

                          1 2 Previous Next