Fred232

Thanks for the speedy reply.

Webglsamples is blocked by Malwarebytes as either a Trojan (windows) or Phishing (Android). Is this an FP? The report seems consistent on an Android phone but for me only occasional in Windows, which is odd? url for test - http://webglsamples.org/aquarium/aquarium.html The URL when submitted to VirusTotal passes ok - https://www.virustotal.com/gui/url/ef3b2bf9a13b740254f0e619155d9a7ade34c1550bf461fb330bcf8da3f563fa Android 14 - updated Windows 10 - 22H2 updated MWB - 5.8.0+310 on Android, 5.1.4.112 on Windows (update checks ran on both first)

Porthos & Blender, thanks for the quick replies and response. Just ran a scan and its not longer detected. Version: MWB - 4.6.13.324 Update Package - 1.0.83633 Component Package - 1.0.2319 Thanks

Can I ask how its done? I'm hoping I've missed something. I tried to put it into the allow list under the settings cog. Click 'Add', click 'Allow a file or folder', click 'select a file'. Navigate to the link (in startup) select it and click 'open'. However the actual Taskmanager (C:\windows\system32\Taskmgr.exe') and NOT the actual link (C:\USERS\My-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\TASKMGR.EXE.LNK) gets allowed, and when I run a scan the link still gets detected. I don't want to exclude the entire 'startup' folder in case I was unlucky and some malware got into it. But also, as it appears to know that link is the real taskmanager, as its followed the link to its source, why is it failing in the first place? So how do I exempt the link and only that link? Thanks

Any thoughts?

Thanks for the reply. Log as requested. Theres nothing wrong with the file regard detections when its placed in other folders, just when its in 'startup'. I would be nice if MWB could scan a bit deeper, ie, maybe follow the link and actually scan the file its a shortcut of. After all Taskmgr at that location (windows\system32) is a signed Microsoft file that I assume you would scan and pass in a full scan of the system. Just not the link to it when its in startup? If not then I guess its 'exceptions time'. Thanks log.txt

I'm not sure if this is a false positive or not but it does not seem right to me. I wanted a method to start Task Manager automatically when I logged in. I created a shortcut to Task manager (shortcut to C:\Windows\System32\Taskmgr.exe) and placed it in C:\Users\<My-User>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup. It works and Task Manager opens when I log into this account. However, a Malwarebytes scan reports the link/shortcut file as RiskWare.AgentE If I scan the actual C:\Windows\System32\Taskmgr.exe file directly neither Defender or Malwarebytes report it as malware. But if I scan the link in the startup folder Defender still says it OK but Malwarebytes reports the problem. If I cut the shortcut out of the startup folder and put it on the desktop Malwarebytes also now says its OK. Is this correct or a False Positive or is Malwarebytes just playing it safe and reporting this type of link when its in startup?

Thanks for the replies, the reinstall via the tool seems to have fixed it. I will check and let you know if it fails again. It was only that I specifically did a right-click scan that I noticed the problem. I wonder if it was actually scanning at all? Still it seems to be back to normal now, so thanks again.

Thanks, I'll give it a try and let you know later. The odd thing is regarding the sub-folders, If I scan something that has say four files and three subfolders (7 items in all), it reports that four things have been scanned even if the subfolders have say 5 items in them each. But if I open the subfolder and scan it it reports that 5 items have been scanned. The problem is most noticeable for Steam games and steam game folders where it sometimes reports no items have been scanned on the main game folder. Hence the question re sub-folders. But it seems to work on other folders?

I have version 4.5.23 updated as far as I can tell. If I run a scan via the menu scanner it seems to run fine. But if I right-click a folder and try to run a MWB scan it usually does not start, occasionally it will though. The scanner screen pops up with 'Checking for Updates' and 'Scanning file system' listed but neither get ticked and in the monitor graphic the bar does not move. It just sits there, no results are given. But if I cancel the scan and look in Reports it looks like the scan was run (date and time wise) and no detections found. The advanced report usually claims items were scanned and no detection found. Details from advanced file: Ver - 4.5.23.241 Component package - 1.0.1927 Update package version - 1.0.67078 I have tried restarting the PC I have tried turning the four MWB scanning options off (Web, Malware, Ransom and exploit) and turning them back on. I have tried turning the windows explorer context option off then on. None of the above helped. So two questions really: 1 How do I correct this so it always scans by right-click on a folder? 2 When it scans a folder should it scan sub-folders of that folder or not?

Many thanks for all the replies and info. I'll definitely put MWB on the phone when the trial expires. All I was thinking re 2 is that the audit as it is, is useful for overall information. But if it could have an advanced setting to only show the apps that can and do have permissions, it may help people tighten down on the security a little quicker, or at least concentrate on looking at the most important apps first (the Apps with the permissions granted) rather than to-ing and fro-ing between long lists of Apps. Just a final suggestion, how about adding a search function to some of the longer lists like the lists in 'your apps' esp the System Apps list, as one example. Just in case you needed to look for something. But again, thanks for your helpful and quick replies.

Sorry there was one more as well. 4 I've read of reports that some Chinese and even Samsung phones in the past have had Malware installed somehow from new. Is this really true? But more importantly if it is, would MWB detect and remove this IF there was any malware or spyware on the phone installed from new? Thanks again.

I've just started a Premium trial of MWB on a new Android (Oppo) phone and have a few questions please to clarify some things for me. Its a new phone that I'm just playing around with at the moment getting used to it and Android, so I'm putting apps on it but no file data ( my photos, Music etc ). All scans pass OK, which clearly should be the case on a new phone. 1 When I run a scan it says something like 'scanned: 264 apps and 159 files'. But the 159 files seems to be increasing. Is it possible to see what is being scanned in a report somewhere, ie exactly what apps and what files are scanned? If I look in the phones File Manager it shows no files, yet MWB is scanning 159. 2 If I look in Privacy Audit it lists "X apps can do this or that". So for example 'Can install apps from an unknown source' it shows 14 apps, but when you press 'Configure in settings' it actually has 16 listed ( Phone Manager and Theme Store are the extra two ) and they are all set to off anyway and the phone itself reports none are turned on. Similarly, when you go to 'Can make calls' MWB says 25 apps can, but when you look in System>App Permissions, it says only 3 apps can make a call and they are all set to ask not allow. So I assume 'Can' means what it says i.e. its possible for the app to make a call. But wouldn't it be a better privacy report if it dug a little further and actually reported the apps that have the ability and the permission to make a call? And secondly, isn't there a discrepancy in the numbers being reported and the permissions the phone actually lets you set? Or have I misread it? And as a follow on to 2, obviously 22 Apps that MWB says can make a call are not listed in the phones call permission settings to do anything about even if I wanted to. Is that something to worry about? For example 'EngineerMode' or 'Shell' can make calls according to MWB, but they are not listed by the phone in the 'make a call' section to alter their permissions. 3 And finally, Is MWB for Android a stand alone AV package for the phone, or can/should it be used with other scanners like Avira or Kaspersky? Should it be on its own or can it run with other AV Apps for (hopefully) better protection. I know on a PC you should not have two full AV products, but I'm new to Android and not sure. Thanks

I don't know if this is a FP or not, but, World Of Warships did an auto update today and Malwarebytes reported it twice. After the update a full AV program scan and a MWB scan of the reported folder finds nothing, and an MWB threat scan of the PC found nothing. This is one of the reports: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/26/18 Protection Event Time: 9:42 AM Log File: d1008eda-492d-11e8-8532-d05099846381.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.4874 License: Trial -System Information- OS: Windows 10 (Build 16299.402) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Unspecified Domain: IP Address: 194.44.234.6 Port: [6881] Type: Outbound File: D:\Games\World_of_Warships\WoWSLauncher.exe (end) Is this a false Positive or has my WOW updater gone to a bad site? Thanks.

Buttons, Cheers, no worries. Thanks