Ember Media Manager.exe detected as ransomware by MalwareBytes

  Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Post Reply
madmax2 Offline
Fan
Posts: 430
Joined: Jun 2011
Reputation: 0
Post: #1
Okay after ember has crashed,
I tried to open Ember Media Manager.exe but the malwarebytes is saying it is ransomware and will now not let me open it.

I also cannot delete the exe or install ember again in same folder cos the exe is locked.
find quote
DanCooper Offline
Moderator
Posts: 3,250
Joined: Apr 2012
Reputation: 155
Location: Switzerland
Post: #2
False positive alarm.
find quote
madmax2 Offline
Fan
Posts: 430
Joined: Jun 2011
Reputation: 0
Post: #3
(2017-04-02 14:28)DanCooper Wrote:  False positive alarm.

Problem is
it just occur again after I reinstall to a new folder..


After ember crashed again...
It has locked that exe and now I can't launch it again, other than reinstalling to another new folder

[Image: sLe7B6d.png]

It seems to trigger the false alarm after ember crashes.

I scanned it prior to ember crashing and it never triggered the alarm and did not detect any problem with the exe.

Maybe this something you need to look into..
since it might occur for anyone that uses malwarebytes
(This post was last modified: 2017-04-02 14:45 by madmax2.)
find quote
DanCooper Offline
Moderator
Posts: 3,250
Joined: Apr 2012
Reputation: 155
Location: Switzerland
Post: #4
Do you can't ignore the file from quarantine?
find quote
madmax2 Offline
Fan
Posts: 430
Joined: Jun 2011
Reputation: 0
Post: #5
(2017-04-02 15:10)DanCooper Wrote:  Do you can't ignore the file from quarantine?

No, once it crashed it has detected it as ransomware and locked the exe.

I am going to try something else
by adding the file to the exclusion list in malwarebytes.

The only downside is if malware/virus does attack this file, it will not alert me anymore..

All I know is, immediately after ember crashes, it triggers the alert after I try to relaunch ember..
find quote
iainkenan Offline
Junior Member
Posts: 1
Joined: Apr 2017
Reputation: 0
Post: #6
That's a false positive. I'd like to know the exact URL you downloaded, and you should report the false positive to MalwareBytes. Out of safety I think you may also want to delete and reinstall, on the off chance that other malware already on your system may have simply infected the files. And try to run 3-4 programs or tools scans with different programsBig Grin
find quote
Paka Offline
Junior Member
Posts: 1
Joined: Apr 2017
Reputation: 0
Post: #7
Don’t worry it is 100% false positive alert! Malwarebytes Antimalware unable to detect ransomware. In order to protect your computer from various ransomwares use Malwarebytes Anti-Ransomware or Bitdefender Crypto-Vaccine. But the best way to protect your data is to make regular backups to offline harddrive/usb/sd/cloud.
P.S. Real ransomware looks like this
find quote