I wrote a program MyMsg.exe (32 bit) using Delphi XE2 that MalwareBytes MachineLearning insists on quarantining. The 64bit version of the same program will scan just fine.
I wrote the program so it is not infected with anything. Can you tell me why it is being flagged? Can you whitelist it?
TIA
Here is the log file:
{
"applicationVersion" : "4.1.0.56",
"clientID" : "MbamUI",
"clientType" : "rightClickUIScan",
"componentsUpdatePackageVersion" : "1.0.848",
"cpu" : "x64",
"dbSDKUpdatePackageVersion" : "1.0.21248",
"detectionDateTime" : "2020-03-23T21:06:06Z",
"fileSystem" : "NTFS",
"id" : "1c908bd8-6d4a-11ea-a80c-50e549c95078",
"isUserAdmin" : true,
"licenseState" : "licensed",
"linkagePhaseComplete" : true,
"loggedOnUserName" : "MWIN\\MUser",
"machineID" : "",
"os" : "Windows 10 (Build 18362.720)",
"schemaVersion" : 14,
"sourceDetails" : {
"aggressiveMode" : false,
"clientMetadata" : {
"jobId" : "",
"scheduleId" : "",
"scheduleTag" : ""
},
"filesScannedByIG" : 0,
"objectsScanned" : 1,
"scanEndTime" : "2020-03-23T21:06:18Z",
"scanOnlineStatus" : "online",
"scanOptions" : {
"pumHandling" : "detect",
"pupHandling" : "detect",
"scanArchives" : true,
"scanFileSystem" : true,
"scanMemoryObjects" : false,
"scanPUMs" : true,
"scanPUPs" : true,
"scanRookits" : false,
"scanStartupAndRegistry" : false,
"scanType" : "custom",
"useHeuristics" : true
},
"scanResult" : "completed",
"scanStartTime" : "2020-03-23T21:06:06Z",
"scanState" : "completed",
"shurikenEnabled" : true,
"type" : "scan"
},
"threats" : [
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "1e44cdae-6d4a-11ea-acd7-50e549c95078",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "5466007094B01AD6A717C301E99412D2",
"objectPath" : "D:\\PROGRAMS\\DELPHIAPPS\\MYMSG\\WIN32\\RELEASE\\MYMSG.EXE",
"objectSha256" : "8865C7C362AD2322BAB8C6C72B5C8E6F3EDEF538A7F15373ACDC34E042DA463D",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"whitelistCheckError" : false
}
},
"ruleID" : 392687,
"ruleString" : "",
"rulesVersion" : "1.0.21248",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "MachineLearning\/Anomalous.95%"
}
],
"threatsDetected" : 1
}
MyMsg.zip