shadowwar

Moderators
  • Content count

    7,608
  • Joined

  • Last visited

About shadowwar

  • Rank
    Forum Deity

Recent Profile Visitors

57,657 profile views
  1. This will be fixed next update. Thanks for reporting.
  2. This will be fixed next update. Thanks for reporting.
  3. This is nothing to worry about. The tempstate folder is just a temporary storage folder for cortana. No vital files are there. When mbam went to quarantine the file it no longer existed so it couldnt quarantine it. This detection is saying a gif file which is normally not executable had executable properties. Malware is known to use this. Legit programs sometimes use this though it is not really a good practice to do so. Without the file its hard to say exactly what it was but if it didnt get detected on scans after this one i wouldnt worry about it any longer.
  4. I had intell investigate this. Its not necessarily a scam but may not be the most robust av either. Seems to be an attempt at creating an AV. It has been bundled with malware in the past from what we ran across.
  5. This will be fixed next update. Thanks for reporting.
  6. Also one thing to add. As later versions of mbam's engine were improved we dont necessarily need the swissarmy/rootkit database for some of these like we used too. They were just entered into the normal database.
  7. Its updated as needed. The tech in swissarmy is needed less and less now with the ransomware movement. No point in using a rootkit if they are holding the files ransom.
  8. This will be fixed shortly.
  9. Thanks. Will add this to our fp prevention system.
  10. Its possible as we use it in this case to clean the rest of the infection. Being terraclicks doesnt leave any infected files behind.
  11. This will be fixed in about 30 mins. Any chance you can zip and attach the file detected here? Thanks.
  12. Do you have the log showing the system32 detection? These are just tasks above. Strange that remote desktop software would have tasks scheduled. Also include this file zipped if possible. tswbprxy.exe
  13. If it comes back let us know. No need to upload it if mbam isnt detecting it now.
  14. Hard to say without a copy of this file. If its no longer detected then though it probably wont show anything. This is the google preferences file and it could of been a visit to a site that may have triggered it,
  15. This is fixed in database 06.19.04