Jump to content

Recommended Posts

A few days ago I installed Honeywell's Enterprise Provisioner, which is used to generate barcodes that are used to configure wireless barcode scanner terminals. I used the program several times with no problems. Today I launched the program, loaded in three saved XML files that store the terminal configuration and the program started to render the data from the XML files. About that time, the program vanished, Malwarebytes popped up and said it had blocked ransomware and wanted to reboot to finish the job. I rebooted and looked at the log, which showed the executable for the program quarantined. I find it hard to believe that there is any ransomware program that targets this particular program, since it is a very uncommon program for anyone to be running on their PC. The file is C:\Honeywell\EnterpriseProvisioner\provisioner.exe

The ransomware name is Malware.Ransom.Agent.Generic

I should mention that my computer also has the Carbon Black endpoint sensor, required by my company, and it detected nothing.

 

Link to post
Share on other sites

2 minutes ago, Hounded said:

Do you mean a fix will be put into the next Malwarebytes update so this doesn't get flagged again?

It means it should be not detected now.

If it is detected for you,

Please clear your hubble cache by doing the following:

  1. Click on the Malwarebytes icon in the system tray
  2. Select "Quit Malwarebytes"
  3. Navigate to %PROGRAMDATA%\Malwarebytes\MBAMService
  4. Delete the file HubbleCache
  5. Open Malwarebytes

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.