Jump to content

WindowsMovieMaker sudden malware warning

clemenzina

By clemenzina
in Resolved Malware Removal Logs

 Share
Go to solution Solved by kevinf80,

Recommended Posts

clemenzina

clemenzina

Posted
Posted

I've been using the same MovieMaker installation for years but for about the past week Malwarebytes has been wanting to quarantine a file in it.  (The 94kb jpg won't upload, here's a link.)

https://i.imgur.com/IZYGU1L.jpg

I scanned the exe file on VirusTotal and some AVs are reporting it, mainly as a PUP or Adware, others are not.  If I allow it to be quarantined and it cripples the program, can I reinstate it, or do I need to fear it?

I use MovieMaker umpteen times a day and would find it very hard to replace.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted (edited)

mmm, the file being flagged by Malwarebytes (MOVIEMAKEREX.EXE) does not show in my installation, in mine I see MOVIEMAKER.EXE.

Can you post the URL to VirusTotal scan please..

Have just had the version I installed on VM checked at VirusTotal, comes back as clean...

https://www.virustotal.com/gui/file/8bdcc9ac2ba891a2ef962a714982dd5fb8b75e4fef850cff2c2e219b71456030

Edited by kevinf80
Link to post
Share on other sites
clemenzina

clemenzina

Posted
  • Author
Posted

I gave VirusTotal MOVIEMAKEREX.EXE to scan - it's only in (x86) WindowsLive/PhotoGallery.

https://www.virustotal.com/gui/file/d89fe08aaa70055d6df0cdbeb59545c387da40ab739aff087a72519d6fd03150

====================

As you probably know, Microsoft discontinued MovieMaker some years ago and I had to get the installation files by hook or by crook as part of WindowsLiveEssentials, only installing the WMM exe file.  I think the one I've had installed for the past year or two was from MajorGeeks.  However, I have scanned with MBAM all the installation files I have and they all come back clean.

If possible I would like to tell MBAM to ignore the offending file.  Do I even need PhotoGallery? I ask myself, not knowing how connected it is to other features of WMM - I do not, to my knowledge, use WindowsLive anything.

Or shall I uninstall WMM and reinstall with the exe file that you found?  But I'm thinking that the "malware" is not in WMM, it's in something else related to WindowsLive PhotoGallery.

Sorry to ramble, I'm a bit doddery and very confused.

Link to post
Share on other sites
  • Solution
kevinf80

kevinf80

Posted
  • Solution
Posted

Wow that VT log is showing major problems, I would uninstall/remove that version of moviemaker asap. MS have discontinued windows live, I would not d/l from any 3rd party sites, that is not recommended and really asking for trouble...

The executible you have for movie maker is definitely infected, i`d highly recommend you remove everything that you installed related to windows live... If you require further help let me know....

 

Link to post
Share on other sites
clemenzina

clemenzina

Posted
  • Author
Posted

But VirusTotal gave the OK to the both of the executables I have for MovieMaker - it was only the MOVIEMAKEREX.EXE in WindowsLive in a different folder that showed a problem.

In view of that, I've quarantined the flagged file - MovieMaker is still working and I'll see how it goes.  It's very strange that it's only now being picked up after nothing for years - unless something happened in the recent Windows Update.

Thank you for looking at this for me, Kevin, I hope I won't have to come crawling back 🥴

(PS - I intend to try out Shotcut to see if it will substitute, but it's finding the time!)

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.