floogy

I got 0.9.17.661 with Component Update Package 1.1.46. Is that still the newest setup file I used? Anyway the version number 0.9.17.689 looks newer. I noticed, that my AntiVirus and MBARW are decreasing the speed of my cygwin bash scripts and imagemagick vastly.

Hello, I had once a similar issue. I got a bash.exe false positive from cygwin64 and Quarantined it. After the reboot I booted into a temporary profile. https://forums.malwarebytes.org/index.php?/topic/179346-feedback-false-positive-bashexe-cygwin64/

I had an SYSTEM_SERVice_ERROR "Stop 3B". I manually started the service MB3 in services. Then I started MalwareBytes AntiRansomWare. When I tried to open the 'MBAMSERVICE - Kopie.LOG' (NOT the 'MBAMSERVICE.LOG') in notepad++ I got the BSOD. Unfortunately there is no minidump created. PS C:\Users\f.floogy> ls "C:\Windows\Minidump" Verzeichnis: C:\Windows\MinidumpMode LastWriteTime Length Name---- ------------- ------ -----a--- 23.03.2014 18:37 292040 032314-8782-01.dmp-a--- 15.06.2015 10:06 466296 061515-9282-01.dmp-a--- 18.06.2013 08:54 292160 061813-8564-01.dmp-a--- 26.07.2013 17:27 292104 072613-9001-01.dmp-a--- 04.08.2014 17:45 536064 080414-12370-01.dmp-a--- 03.11.2013 03:29 312736 110313-8611-01.dmpMBAMSERVICE-2.zip Malwarebytes Anti-Ransomware.zip

Here the files after reboot. Malwarebytes Anti-Ransomware.zip MBAMSERVICE - Kopie.zip I had to close MB3service with pid 5224 (ProcessExplorer shows it as MBAMservice.exe) too, to get that zipped without creating a copy. MBAMSERVICE.zip

I now rebooted the computer and restored bash.exe from quarantine. After reboot it was moved to quarantine. It got the same md5sum: f.floogy@PC20 ~$ md5sum /usr/bin/bash.exefef2e008b08376d5a16c650ce0190609 */usr/bin/bash.exe Do you still need the other files after the reboot?

Maybe interesting too: bash exe was interrupted, but was able do get over that point. [...]Creating TIFF Texture 120dpi.[1879] Texture Size: 9640x6094Load/Image/6155_white_apple_mF_1S[6155_white_apple_mF_1S_150dpi.tif]: 7617 of 7618, 100% coSave/Image/6155_white_apple_mF_1S[6155_white_apple_mF_1S_120dpi.tif]: 6093 of 6094, 100% coCreating JPEG Texture for 120dpi.Load/Image/6155_white_apple_mF_1S[6155_white_apple_mF_1S_120dpi.tif]: 6093 of 6094, 100% coSave/Image/6155_white_apple_mF_1S[6155_white_apple_mF_1S_120dpi.jpg]: 6093 of 6094, 100% coAdjust the exif header of TIFF and JPEG to fit to the density and ICC profile. 1 image files updated 0 [main] bash 8716 fork: child -1 - CreateProcessW failed for 'C:\cygwin64\bin\bash.e./rename_baruth_scans_dev.sh: fork: Permission deniedScript rename_baruth_scans_dev.shfinnished at Fr, 26. Feb 2016 15:38:52Processed 1 items.Processed 2 decors are:.zm6155_white_apple_mF_1SElapsed time: 0h 33min 49sElapsed time per item: 0h 16min 54sf.floogy@PC20 ~$ peflags -v /usr/bin/bash/usr/bin/bash: coff(0x002e[+executable_image,+line_nums_stripped,+local_syms_stripped,+bigaddr]) pe(0x8000[+tsaware])f.floogy@PC20 ~$ peflags -d -l -v /usr/bin/bash/usr/bin/bash: coff(0x002e[+bigaddr]) pe(0x8000[-dynamicbase])f.floogy@PC20 ~$ which bash/usr/bin/bashf.floogy@PC20 ~$ bash --versionGNU bash, Version 4.3.42(4)-release (x86_64-unknown-cygwin)Copyright (C) 2013 Free Software Foundation, Inc.Lizenz GPLv3+: GNU GPL Version 3 oder jünger <http://gnu.org/licenses/gpl.html>Dies ist freie Software. Sie darf verändert und verteilt werden.Für den größtmöglichen gesetzlich zulässigen Umfang wird jede Haftung ausgeschlossen.f.floogy@PC20 ~$ file /usr/bin/bash/usr/bin/bash: PE32+ executable (console) x86-64, for MS Windowsf.floogy@PC20 ~$ file /usr/bin/bash.exe/usr/bin/bash.exe: PE32+ executable (console) x86-64, for MS Windowsf.floogy@PC20 ~$ md5sum /usr/bin/bashfef2e008b08376d5a16c650ce0190609 */usr/bin/bashf.floogy@PC20 ~$ md5sum /usr/bin/bash.exefef2e008b08376d5a16c650ce0190609 */usr/bin/bash.exef.floogy@PC20 ~$

Hello, at the moment I cannot reboot the computer, due to work I got to finish. Please let me know, if the attached files are not sufficant. https://www.virustotal.com/de/file/61aa4515c636067adef83f4a06410d250260a75d5c38634be8c31d9ab9fde4db/analysis/1456501119/ bash.zip Malwarebytes Anti-Ransomware.zip MBAMSERVICE - Kopie.zip

Hello, I found another false positive: c:\cygwin64\bin\bash.exe TIA floogy