Jump to content

Aldewacs

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Because MWB erases the file when it finds it 'problematic' and reports the problem, I recompiled the DateTime.exe every time malware was reported on it. So subsequent detections and copies sent to you were on a 'different' (recompiled) file. The fact still remains: that file had not been re-compiled for literally years. Suddenly MWB started objecting to it when I scanned with the new MWB version. Strange. To be sure: are you suggesting that I should UN-whitelist the folder that holds the latest compiled file, and then try to use the file, and/or do a PC_wide scan?
  2. It was OFF. (PS I have to go out for about 1.5 hours now)
  3. Rich I'm not aware of ANY firewall or other gadget that is blocking anything. The attached shows the MWB app settings. AL
  4. Rich I'm not sure what "whitelisted at our end" means. Anyway, I whitelisted the folder for the offending DateTime.exe file. It can now run again. I also whitelisted the TEMP file where the PureBasic sends its compiled 'work in progress', and that works as well, now. I will monitor this and see if this becomes problematic with MalwareBytes. I'm still wondering why this SUDDENLY has become a problem... I'm gonna have to suggest something changed in MWB because nothing changed in this PC. Furthermore, what will happen if I share my file DateTime.exe with another user who has MWB installed? And and other files created on this PC? AL
  5. OK I followed those instructions... Shut down MWB, erased Hubble file, restarted MWB. Ran the DateTime program - it was killed by MWB. Recreated the file, Shut down MWB, erased Hubble file, restarted MWB. It found the file(s) and alerted Malware Shutdown anyway. Shut down MWB, erased Hubble file, and rebooted the PC. Repeated the process - it still disabled the file and claimed Malware found. I moved the 'offending' file to the desktop and tried to run it from there - MWB found it, shut it down, and now I HAVE TO reboot the PC to quarantine the file. After reboot, I'll white-list the folder the file is in, to bypass MWB scanning. But this has me concerned - WHAT FILE IS NEXT?? This seems error prone and annoying. I'll let you know if that fails.
  6. Here is that log. AL mbst-grab-results.zip
  7. I ran a full scan again AFTER re-compiling/ re-creating the DateTime.exe It found 2 issues related to that file (the EXE and the desktop link to it) I noticed your version is 4.5.23 (mine is 4.5.25) but maybe that doesn't matter. See attached screen dump which includes the requested screen, plus MALWARE BLOCKED message after re-running the compiled EXE. PS I pressed the "Check for Updates" and it returns "Malwarebytes is up to date". ALSO, I run a scan every morning early, before I get to my PC. It has not reported an error till now, but now it suddenly reports the 2 scan results related to the DateTime.exe file as shown in the attached picture. SOMETHING is setting MWB off...?? AL
  8. Rich I have attached the newly compiled (but not yet scanned) VB6 program. It's ZIPPED. (DateTime.zip) As to the PureBasic file, I have no such file to send since the Malware Block happens WHILE the file is in the process of being compiled. And the SCAN was done right after the program was re-installed, following un-install . using the MWB support tool. See attached PNG with version info shown. I just re-scanned with that version to be sure, and the VB6 internal program is still blocked. DateTime.zip
  9. This is the second MWB report in 2 days. Looks like false positives, but it's concerning because this appears to be due to the latest MWB version (4.5.25) being installed. Yesterday I downloaded the latest version of PureBasic 6.01 and ran a test compile of a sample program that comes with PureBasic. I got a MWB error in the middle of the compile, and MWB reported that its "Tamper Protection" was activated. I reported that to the Forum, and received instructions to re-install MWB. I did that this morning and ran a SCAN afterwards. The scan gave me ONE "Malware blocked" on a program that was internally developed 15+ years ago, compiled in VB6, and has been in use since. Never a problem. I recompiled that program and ran SCAN again, and got the same 'Malware blocked'. I then re-compiled the PureBasic test program, and again got the "Malware Blocked" issue. Screen shots attached. It appears that MWB is suddenly getting very touchy…? This is very concerning. I contacted PureBasic and they suggested we contact MWB because it's their/ your bug. Al De Wachter
  10. I have the Premium version. I just downloaded a new version of PureBasic and ran (compiled) a sample program. A dialog popped up with "Tamper Protection Enabled", and asks for a password. The password I used to install MWB does not work. It says I can reinstall MWB or reset the password using my license key. I put in "Reset" and my license key, and it seems to lead me to UNINSTALL which I'm not really wanting to do. (I've canceled out) I'm not even sure what this "protection" actually does. WHAT NOW? AM I STILL PROTECTED? Al.
  11. Pardon me but ... what do I do now? Is my 2022b file safe to use?
  12. (First my whining...) OK I've been trying to send or report a file that triggers a "MachineLearning/Anomalous.93%". I registered on the Forum, and haven't been able to figure out the magic to send the information. So I assume attaching the file here is sufficient. (Background) The file it's reporting is a self-created/ compiled EXE file, compiled from VB6. It's in essence the same file that has been used for a dozen year, just edited with a few different variable numbers (i.e. change a 1.5 to 1.6 etc). The old files compile and report as OK, even if re-compiled today. The same VB6 source code files RENAMED, and compiled, report the MachineLearning stuff. I *suspect* this is a false positive, but I am reluctant top send this to a co-worker for obvious reasons: is this some sort of virus etc. The attached ZIP file contains 2 EXE files. The '2022' File seems OK in MalwareBytes. The 2022b file reports the MachineLearning error, although the "2022b" was created from the same source code, after having a few values edited. I am thoroughly confused. Is this 2022b file indeed infected with something? _testcompile.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.