Jump to content

Recommended Posts

I am getting false-positives on cmake-gui for code processing. Stange enough, it worked until yesterday...

the software originates here : https://cmake.org/download/

I tried removal / reinstallation

please advise

 

==============================================

Malwarebytes
www.malwarebytes.com

-Logboekdetails-
Datum beveiligingsgebeurtenis: 25-12-18
Tijd beveiligingsgebeurtenis: 11:44
Logbestand: 05e31de8-0832-11e9-962c-206a8aa1feff.json

-Software-informatie-
Versie: 3.6.1.2711
Versie componenten: 1.0.508
Update pakketversie: 1.0.8483
Licentie: Premium

-Systeeminformatie-
Besturingssysteem: Windows 10 (Build 16299.431)
Processor: x64
Bestandssysteem: NTFS
Gebruiker: System

-Details ransomware-
Bestand: 1
Malware.Ransom.Agent.Generic, C:\Program Files (x86)\CMake\bin\cmake-gui.exe, Geblokkeerd, [0], [392685],0.0.0


(end)

Link to post
Share on other sites

  • Staff

Hi,

Can you zip and attach the exact file C:\Program Files (x86)\CMake\bin\cmake-gui.exe

This since, when I download and install it from the link, I can't reproduce detection, so I want to make sure about the exact file.

Please temporary create an exclusion for this folder/file: 

* To add the exclusion, open Malwarebytes > Settings > Exclusions tab
* Below, click the button: "Add Exclusion"
* Then, select "Exclude a File or Folder" (this should be prechecked already by default)
* Click Next
* You'll see a field that says: "Specify a File or Folder" - there, click the button "Select Files..." and browse to the file you want to exclude.
* For "How to Exclude", select: "Exclude from detection as malware, ransomware or potentially unwanted item" (this is normally also selected by default already)
* Then click the OK button below.

Link to post
Share on other sites

  • Staff

Thanks.

This should no longer be detected anymore.

In case it is, Quit malwarebytes from the systemtray.
Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.