Jump to content

wdolson

Members
  • Posts

    19
  • Joined

  • Last visited

Everything posted by wdolson

  1. In the latest scan the uninstall exe for UbitMenu and a registry key are both flagged as Malware.Sandbox4. I've used UbitMenu for a few years. It's freeware, but I don't think it contains any malware. unins000.zipMalwarebytesFalsePositive_230402.txt
  2. If it's already been whitelisted, I guess uploading a copy is moot at this point, but here it is anyway. EE2.zip
  3. I forgot to add, I bought the game from gog.com, which from everything I can find is a legitimate site legally selling older games.
  4. I bought a game, downloaded it, and installed it. I ran a scan of the downloaded offline installer before installing. It installed fine, but as soon as I tried to start it, Malwarebyte heuristic detection mechanism quarantined the EXE. Could this be a false positive, or is there something dodgy about the game file? I attached the log for this incident. MalwareBytesFlag.txt
  5. Sorry, I spaced this. Too many things going on at once... Here is the VB6.exe file VB6.zip
  6. I saw that, but I didn't want to do that for 59 detections. Exporting one it looks like it exports all detections from the most recent scan. VB6Detection.txt
  7. Took some effort to zip up the logs. The OS wouldn't allow me to zip them up in the logs directory even as Administrator. Logs.zip
  8. I'm running 4.5.2.157 with the virus signatures updated today (Jan 27, 2022). On the daily scan it found a ton of what it thinks is malware in programs that have been on the computer for years. Something might be off in the current signatures. The first thing flagged was the EXE for VB6 (I need to support some old VB programs). This was flagged as Malware.Heuristic.1006. VB6 is a pain to work with, but it isn't malware. Then there are another 58 items which all seem connected to a program called Fixgo, which is for repairing problems in iOS. I had a problem with my iPhone some time ago and used it to correct the problem (I don't remember the details anymore, that's how long ago it was). These are all flagged as PUP.Optional.ChinAd. These is also one flag for dpint64.exe which is also flagged as the same type of PUP. Maybe this is a newly identified adware? It doesn't look like it's going to hurt anything to allow the PUP.Optional.ChinAd to be quarantined (not anything I use very often), but I think the VB6 flag is a false positive.
  9. It's been a couple of days. I did have a crash two days ago with MS Store. It took a while to get it fixed, but since then the system has been stable. MalwareBytes hasn't crashed since the 5th. Hopefully it will continue to be stable now.
  10. I use PIA and another VPN. Each has features that are useful for different things. Malwarebytes goes through phases of false positives on PIA servers about once a month. It lasts a couple of days and then goes away. I traced the IP it flags once and it I think it was in some developing country, I forget which. It appears that when PIA is running it pings all the servers on their network to see if they are active and that's when Malwarebytes has a problem, if it's going to. Most of the time when PIA is loaded there are no IP blocks. Having two firewalls on is redundant. The system is behind a hardware firewall. I've run several tests on the hardware firewall and it passes all of them. I retest from time to time. I've been having hell with Windows updates lately. For work I need to maintain a Windows 7 machine on the network. I develop software for industrial applications and there is still an installed base of Windows 7 machines. A Windows update a month ago caused this computer (my development computer) to stop seeing the Windows 7 machine. I could ping the IP address, but it was otherwise invisible on the network. I removed the update and Windows had a lot of instability for a while. I finally tracked down the last thing that was causing problems two days ago. I've had a number of programs crash over the last month and blue screens about 4 times a week. Yesterday was the first day in a month without any programs crashing. I've been searching for solutions to the Windows 7 becoming invisible problem, but I haven't found anything useful. There are lots of common reasons network browsing may fail and there is lots of advice out there on that, but very little on Windows updates causing browsing of old OS's to fail. But I have verified this is happening. I've tested it three times, install the update, Windows 7 machine is no longer visible (but other Win 10 machines and the servers are), remove the update and Windows 7 machine is fully accessible again.
  11. I rebooted because Visual Studio was behaving oddly. Now after reboot the behavior is back. The grab you requested yesterday is attached. mbst-grab-results.zip
  12. What was being blocked appears to be Classic Menu (for Office 2007 V8.05). I discovered it after a Malwarebytes program update. Someone else on the forum had the same problem and I started out replying to that thread, but I guess the administrators broke my post out into a separate thread. Excel would begin to start and then quit just as the main window begins to draw. I selected an exception for Excel and it worked. Then the next day I tried using Word 2007 and got the same behavior. I put in an exception for Word too and it worked after going through an install procedure. I just turned off the exceptions to try and capture the problem went away, though Word wants to go through a reinstall step every time I try to run Word, but it works. Maybe this problem was addressed in a database update in the last few days?
  13. A bit more information. I went through the settings and found I could disable protection for Excel. I did that and when I did the following message popped up three times: I answered "no" and after the third time Excel loaded and the add in that adds menus to Excel came up and worked. At least I was able to open the file I needed to look at.
  14. I'm getting the same problem. Here is the report Malwarebytes_ExploitBlockedExcel.txt I tried putting in an exception to the Office directory, but that didn't work. I suspect it may be some component installed elsewhere like a DLL, but the report is very vague.
  15. Thanks for the quick analysis and hopefully quick turn around. For now I have the PhotoShop directory in the exceptions list as a work around.
  16. As requested MalwareBytesFalsePositve.txt BIBUtils.zip
  17. I have two installations of an old version of PhotoShop installed on two different computers. Suddenly today MalwareBytes decided that the BIBUtils.dll in PhotoShop was Malware and wouldn't allow PhotoShop to run until I set an exemption. I also was unable to post this topic in Firefox. It just hung after clicking Submit Topic...
  18. Logs attached. I did try running the repair process with no improvement. The first attempt at repair failed when the network connection was slow to reconnect after reboot. Repair completed when I restarted it. mbst-grab-results.zip
  19. I use MWB to manually scan files on different computers around here. On one system running Windows 7 Ultimate x64 the Ore-Scan check can take a minute or two, and then when it's done, it can take 30 seconds for the application window to dismiss. The UI of the computer can freeze up during the Pre-Scan and dismissal process too. If I wait a few minutes before dismissing the MWB window, it dismisses quickly. The computer is fairly new with a Ryzen 7 8 core. On another computer with a Ryzen 5 and the same OS and same version of MWB, the entire process from beginning to end happens in less than 10 seconds with no hangs of the UI. It appears something is going on the one computer that is causing MWB to run very slow. I've seen people complain about MWB hanging while doing the Pre-Scan. It does get past that step, it just takes much longer than on other systems.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.