clemenzina Posted September 30, 2021 ID:1482192 Share Posted September 30, 2021 I've been using the same MovieMaker installation for years but for about the past week Malwarebytes has been wanting to quarantine a file in it. (The 94kb jpg won't upload, here's a link.) https://i.imgur.com/IZYGU1L.jpg I scanned the exe file on VirusTotal and some AVs are reporting it, mainly as a PUP or Adware, others are not. If I allow it to be quarantined and it cripples the program, can I reinstate it, or do I need to fear it? I use MovieMaker umpteen times a day and would find it very hard to replace. Link to post Share on other sites More sharing options...
kevinf80 Posted September 30, 2021 ID:1482195 Share Posted September 30, 2021 Hello clemenzina and welcome to Malwarebytes, Can you post the log from Malwarebytes showing the detection.. Thank you, Kevin Link to post Share on other sites More sharing options...
clemenzina Posted September 30, 2021 Author ID:1482204 Share Posted September 30, 2021 Is this a log? LogDetails 30Sept2021..txt Link to post Share on other sites More sharing options...
kevinf80 Posted September 30, 2021 ID:1482205 Share Posted September 30, 2021 Yes thanks, i`m just installing windows essentials on a vm to have a look at movie maker, back in a bit.. Link to post Share on other sites More sharing options...
kevinf80 Posted September 30, 2021 ID:1482209 Share Posted September 30, 2021 (edited) mmm, the file being flagged by Malwarebytes (MOVIEMAKEREX.EXE) does not show in my installation, in mine I see MOVIEMAKER.EXE. Can you post the URL to VirusTotal scan please.. Have just had the version I installed on VM checked at VirusTotal, comes back as clean... https://www.virustotal.com/gui/file/8bdcc9ac2ba891a2ef962a714982dd5fb8b75e4fef850cff2c2e219b71456030 Edited September 30, 2021 by kevinf80 Link to post Share on other sites More sharing options...
clemenzina Posted September 30, 2021 Author ID:1482228 Share Posted September 30, 2021 I gave VirusTotal MOVIEMAKEREX.EXE to scan - it's only in (x86) WindowsLive/PhotoGallery. https://www.virustotal.com/gui/file/d89fe08aaa70055d6df0cdbeb59545c387da40ab739aff087a72519d6fd03150 ==================== As you probably know, Microsoft discontinued MovieMaker some years ago and I had to get the installation files by hook or by crook as part of WindowsLiveEssentials, only installing the WMM exe file. I think the one I've had installed for the past year or two was from MajorGeeks. However, I have scanned with MBAM all the installation files I have and they all come back clean. If possible I would like to tell MBAM to ignore the offending file. Do I even need PhotoGallery? I ask myself, not knowing how connected it is to other features of WMM - I do not, to my knowledge, use WindowsLive anything. Or shall I uninstall WMM and reinstall with the exe file that you found? But I'm thinking that the "malware" is not in WMM, it's in something else related to WindowsLive PhotoGallery. Sorry to ramble, I'm a bit doddery and very confused. Link to post Share on other sites More sharing options...
Solution kevinf80 Posted September 30, 2021 Solution ID:1482229 Share Posted September 30, 2021 Wow that VT log is showing major problems, I would uninstall/remove that version of moviemaker asap. MS have discontinued windows live, I would not d/l from any 3rd party sites, that is not recommended and really asking for trouble... The executible you have for movie maker is definitely infected, i`d highly recommend you remove everything that you installed related to windows live... If you require further help let me know.... Link to post Share on other sites More sharing options...
clemenzina Posted September 30, 2021 Author ID:1482273 Share Posted September 30, 2021 But VirusTotal gave the OK to the both of the executables I have for MovieMaker - it was only the MOVIEMAKEREX.EXE in WindowsLive in a different folder that showed a problem. In view of that, I've quarantined the flagged file - MovieMaker is still working and I'll see how it goes. It's very strange that it's only now being picked up after nothing for years - unless something happened in the recent Windows Update. Thank you for looking at this for me, Kevin, I hope I won't have to come crawling back 🥴 (PS - I intend to try out Shotcut to see if it will substitute, but it's finding the time!) Link to post Share on other sites More sharing options...
kevinf80 Posted October 1, 2021 ID:1482290 Share Posted October 1, 2021 Hello clemenzina, MOVIEMAKEREX.EXE is definitely flagged as malicious, if you have removed that executible and new scans are clean you should be good to go. If you require any further help please let me know... Regards, Kevin. 1 Link to post Share on other sites More sharing options...
kevinf80 Posted October 4, 2021 ID:1482546 Share Posted October 4, 2021 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts