CraigS
Honorary Members-
Posts
156 -
Joined
-
Last visited
-
My 4.5.4 Update was via Chk for Updates and I think it requd a Re-Start. Don't recall status of Sys Tray M right after that. Computer slept all night (not Off) and M Sys Tray Icon was missing this a.m. when I looked. Opened Mbam and it appeared AND I confirmed my (Security) Win Startup button was -- Off -- , also. Everyone should at least take a look at yours post-update.
-
Thanks for the Reply. Changed my Admin Acct Name to \Me Admin\ but that's irrelevant. -Log Details- Protection Event Date: 12/4/21 Protection Event Time: 6:39 AM Log File: 35742594-54ff-11ec-ba20-f439093e970f.json -Software Information- Version: 4.4.11.149 Components Version: 1.0.1513 Update Package Version: 1.0.48132 License: Premium -System Information- OS: Windows 10 (Build 19044.1348) CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 MachineLearning/Anomalous.94%, C:\Users\Me Admin \AppData\Local\Temp\7zS42563964\x64\SetupDownloader\SetupDownloader.exe, Quarantined, 0, 392687, 1.0.48132, , shuriken, , 3A0BF05779D80FEF25B48A199BDA4A54, AADC042604D29660E5C48E73381717D4799920C72B420F5FFDE04F3C76481EF8 (end)
-
During a Paint.Net Update to v4.3.4 I got this Mbam Popup about -- SetupDownloader.exe -- and Quarantined it based on amateur guessing from a Search. I SAW the 7zS42563964 File in the Explorer Path, which isn't there after Quarantine. HOW do you investigate this in the middle of an Update -- and CAN you determine NOW IF its a real Threat or False Positive? The Updated App minus Quarantined File was used to make this Imgur Image = OK. Many Thanks!
-
https://robointern.tech/ This App (used over a year) automates Repetitive Tasks and Today for the first time ever Mbam Prem gave me a "Ransomware has been removed" and showed Robointern.exe and Two desktop shtcuts for it Quarantined. Wanted a Re-Start to Delete the 3 Files - which I didn't and exempted RI Folder from future scans. I'm Not Sure IF RI was the Ransomeware. FYI
-
A new Scan was Malware FREE. Fast fix if so, but Thanks. I'll wait and run a new scan before posting in the future should this occur again.
-
Preferred Method for Malware.AI Results
CraigS replied to CraigS's topic in Malwarebytes for Windows Support Forum
Thanks & Done. -
CraigS started following Malware.AI via 7-12-20 Daily Scan
-
Per Scan Results .TXT File included AI group ending ...558 had 3 members with different Paths to the Same EXE file; I only include One as I'd have to zip the other two ref: duplicate copy-pasting popup and believed they couldn't be different EXE's with same Name. # ending ....755 had 2 members with different Paths to same EXE. Presumed to be False Positives............ AI DETECTIONS 7-12-20.zip
-
Prem 4.1.2.73 -- Got my first instances (3) of "AI detected" Malware via daily scan and they involve Realtek and BigFile app (BFHandler.exe) which appear to be known, OK items. Now & future AI results: Send to Sppt for False Pos confirmation or go thru the Sppt Tool, etc. here in Forum?? Thanks. File: 5 Malware.AI.431850558, C:\PROGRAM FILES (X86)\REALTEK\PCIE WIRELESS LAN\RTKMODULEVERSION.EXE, No Action By User, 1000000, 0, 1.0.26731, 1FA45A0726C4708019BD843E, dds, 00804007 Malware.AI.431850558, C:\SWSETUP\DRV\NETWORK\REALTEK\REALTEKRT_QQ6PB2\2023.66.1222.2017\SRC\VERSION\RTKMODULEVERSION.EXE, No Action By User, 1000000, 0, 1.0.26731, 1FA45A0726C4708019BD843E, dds, 00804007 Malware.AI.431850558, C:\SWSETUP\DRV\NETWORK\REALTEK\REALTEKRT_QQ6PB2\2023.66.1222.2017\SRC\WIFI_SCRIPT_WIN10S\RTWLANE_DRIVER\VERSION\RTKMODULEVERSION.EXE, No Action By User, 1000000, 0, 1.0.26731, 1FA45A0726C4708019BD843E, dds, 00804007 Malware.AI.2748241755, C:\SYSTEM.SAV\UTIL\BF64\BFHANDLER64.EXE, No Action By User, 1000000, 0, 1.0.26731, 75A0BDD62085BCACA3CED75B, dds, 00804007 Malware.AI.2748241755, C:\SYSTEM.SAV\UTIL\BFHANDLER.EXE, No Action By User, 1000000, 0, 1.0.26731, 75A0BDD62085BCACA3CED75B, dds, 00804007
-
Premium User. Do I need ...
CraigS replied to riskybusiness's topic in Malwarebytes for Windows Support Forum
Not disputing this at all but just know you "may" occasionally have to play with Settings via the Toolbar icon Top Rt Cog Wheel (ie) I found I got Gibberish page characters when Clk'ing on the TaxAct (Preview) App Dnload link BUT did Not IF I temp Pause/Disabled Mbam B Guard .... netted the Save File offering correctly. Search some and digest comments here. -
A few Thread below this one is a long discussion. See Post # 19, which should be ............................ https://forums.malwarebytes.com/topic/253174-kaspersky-total-security-2020-hangs-with-mbam/?do=findComment&comment=1343421
-
Kaspersky Total Security 2020
CraigS replied to jimsarles's topic in Malwarebytes for Windows Support Forum
Since "V3 Exclusions Tab" becomes in V4 ... Settings Cog Wheel at top/ Security/ Exploit Protection/ Manage Protected Applications / Add-Edit-Del "Protected Apps" ..... Will V3 Exclusion akaTrusted Settings like here be SAVED in the V4 Upgrade as "Protected" Settings - OR Re-enter Same in V4? Better to know now to keep the lists handy. -
I couldn't Open Mbam from Sys Tray and the Repair Tool fixed that just now. Another Thread did the same but symptom returned later and he's setup for log capture after next failure. Will monitor and post as relevant.
-
A question about Web protection.
CraigS replied to Nazareno's topic in Malwarebytes for Windows Support Forum