MisterWeather

Greetings Find attached 2 .log files related to the reboot Also the mbst zip file The smaller file is from the failed reboot, the larger file from the successful loading of Win 10 2004 after uninstalling MalwareBytes mbst-grab-results.zip setupapi.dev.log setupapi.dev.log

Greetings In updating my 4 PC's - 3 laptops one Desktop - all failed loading the Windows 10 2004 update at 91% and reverted back to the 1909 feature enhancement. Two laptops are Lenovo, 1 laptop and the desktop HP. Has this been observed by other users? Removing Malwarebytes 4.1 allowed the 2004 Update to load without a hitch. I am now hesitant to install MBAB 4.1 back on any box until the issue is resolved. Sorry, but I have no log files to indicate the failure and was not thinking fast enough to even get a screenshot of the error. I see in other forums the "resolving host" error that I also had with the 1909 Feature Update Thanks in advance for any assistance. MisterWeather

I am sure that the Malwarebytes Research team is up on the "latest" threat titled "Mylobot". Based on several 3rd party malware researchers I follow, this particular threat displays "... a never-before-seen level of complexity in terms of the sheer breadth of its various tools, especially evasion techniques." I searched the forum and did not see any posts - yet - on this threat. Nor did I get a hit on the Malwarebytes Lab Blog. My questions are 1) Is this threat as serious as some vendors are claiming? Or is it hype. 2) Since this threat seems so new and to be so potent, what other Malwarebytes tools or tips may be employed to detect & protect. Just trying to separate the chaff from the real threats. Thank you. Misterweather

Huh & Wowser! That would suggest the .apk / system file has been infected at the source (AT&T) I guess I'll be changing some passwords early. Thanks for the input MollyE

This is a repost from a similar thread elsewhere on this Forum. Add my name to the list of users with the same Malware alert on the same AT&T file; Samsung S7. Did a hard reset of the phone and it still shows up on the native app. I too have disabled the app as it cannot be removed without rooting the phone. Since I don't want a bricked phone, I'll wait to see if this is a FP or if removal instructions are forthcoming.

Add my name to the list of users with the same Malware alert on the same AT&T file; Samsung S7. Did a hard reset of the phone and it still shows up on the native app. I too have disabled the app as it cannot be removed without rooting the phone. Since I don't want a bricked phone, I'll wait to see if this is a FP or if removal instructions are forthcoming.

thokr & dsanchez Thanks for the clarifications. I usually do not get that concerned regarding the CERT messages, but there was something in this particular notice that grabbed my attention. Perhaps I'm hypersensitive following the OPM, Equifax etc. Both of those impacted me PII so I've gotten really strict about PC / LAN security. I guess we can consider this tread closed! MisterWeather

Greetings I searched the Forum on this and did not find anything, so forgive me if I'm double dipping. On November 20th the US-CERT issued an advisory regarding a new vulnerability in Windows 8.x and Win 10. This vulnerability is in the manner that Windows Address Space Layout Randomization (ASLR) is implemented. A remote attacker could exploit this vulnerability to take control of an affected system. CERT Vulnerability Note #817544 describes a reg hack to turn Bottom Up ASLR on. I see that Malwarebytes includes an option to turn that "Bottom Up" functionality on, in theory protecting against this vulnerability. My questions is What are the potential drawbacks / Impacts of enabling this enforcement? Should it be employed? TIA for insights http://www.kb.cert.org/vuls/id/817544 MisterWeather

Yes, Malwarebytes is flagging a PUP.Optional.Conduit in the last Laptop I'd synced. Google Chrome is gone and so if the PUP. I'm using Firefox now. MisterWeather

It looks Like I'd sent the file after the scan & quarantine. I do have a file (attached) the Web Data from the laptop that keeps showing positive, this one for PUP.Optional.Conduit I'll see if the .Softonic infection shows back up with the scan that is set to run soon. Web Data.zip

Aura So far so good, yes. There is one box that, even after following your instructions tested positive for PUP.Optional.Softonic A little research on my end shows Softonic is the author of, or clearing house for, some popular software; one I had installed - VLC which is available as a Desktop or Win10 app I've uninstalled VLC and will see if the next cleaning is good. Will keep you posted.. MisterWeather

Aura Already on it. Will let you know; thanks for the help.

Aura I'd already deleted the files, folders etc. I only have the Malwarebytes logfile. I've looked at your suggested fix and will try it as soon as practical, and report back. I still have a Win10 Insider Box that has Chrome and is exhibiting this issue as well. MisterWeather

DigiBandit All my PC's with Chrome have had the issue you've described. I did a full uninstall of Chrome, manually removed all references from the registry, hidden folders, etc. Ran Malwarebytes Threat and viola - no more PUP.Optional.Softsonic Rebooted & reinstalled Chrome and the error immediately came back. Personally, I think it's something being included in the new versions of Chrome meant to be an advert bar or hook. Just my opinion... For the time being I'm using Firefox or Edge as hardware dictates. Unless this is a False Positive I'm thinking it's an advert hook MisterWeather

Same - sounds like a known bug that will *hopefully* be addressed soon