|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
I currently have Malwarebytes Anti-exploit 1.13.1.494. It is set to auto-update which it has done many times without problems. I think it just tried to update itself and I got this notification from AVG Free.
Is this to be taken seriously?
Check the file on virustotal.
VirusTotal wants me to send it the file. I don’t have the file, it’s in quarantine.
Check the AVG procedures for restoring the file from quarantine and “ignoring” it as a possible threat.
Don’t run it, just note the file’s location. If the original file was in a temp folder, that’s likely where it will be restored to.
Windows 10 Pro 22H2
Is this to be taken seriously?
If that file is still in quarantine, I would submit it to VirusTotal to see what the consensus of many AV engines are: https://www.virustotal.com/gui/home/upload
Malwarebytes MBAE latest release posted online is 1.13.1.494. It’s possible that a new release was pushed out but has not been announced yet.
Windows 10 Pro 22H2
Hi Charlie:
You might want to post about this in the Malwarebytes Anti-Exploit BETA board at https://forums.malwarebytes.com/forum/126-anti-exploit-beta/. I just checked employee Arthi’s Malwarebytes Anti-Exploit 1.13 Build 494 Released – June 28, 2022 pinned the top of that forum and the standalone MBAE v1.13.1.494 (NOT v1.13.1.516) is still listed as the current version.
EDIT:
Sorry, didn’t realize John W addressed this in post # 2498984 while I was composing my reply.
I googled “IDP.ALEXA.53” and it looks like it could be a false positive common to Avast, AVG, and Avira anti virus programs.
Edit: I think I’ll wait and see. If I restore the MBAE setup program to Windows/Temp it may install itself or get detected by AVG again. This is very weird.
I took MBAE out of auto-update mode and then restored the setup file in question. Sent it to VirusTotal and this is what I got:
Only one of 71 indicated a malicious program.
Only one of 71 indicated a malicious program.
If it’s only one, that is most likely a false positive.
MBAE is beta software, so it’s possible Malwarebytes released an auto-update with the latest version, before the blog is updated.
If you want to be 100% cautious, leave MBAE out of auto-update mode for a few days/weeks and stick with what you have…
Windows 10 Pro 22H2
Just checked and it appears MBAE 1.13.1.516 beta is now being reported as a valid update. I, however, have MBAE 1.13.1.494 Premium. Is it okay to let it update?
Edit: I put MBAE back into auto-update mode, and not too long after it updated to 516. Program still calls itself Premium so, at this point I guess I’m okay.
MBAE free is a beta program. They call it Premium now because it is the full featured version of MBAE. The original MBAE free was “feature limited”.
A stable version is incorporated into the real-time function of the full Malwarebytes Premium program. MBAE is not sold separately.
Windows 10 Pro 22H2
MBAE build 516 release notes: https://forums.malwarebytes.com/topic/205865-malwarebytes-anti-exploit-113-build-516-released-nov-17-2022/
Windows 10 Pro 22H2
So it seems that this was a false positive reported by AVG Free’s overzealous behavior shield. Three days have passed and nothing is wrong so it seems things are okay. I put the MBAE setup program into AVG’s “Menu – Settings – Exceptions” and it doesn’t detect it anymore.
Thank you all for your help.
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
