Jump to content

CraigS

Honorary Members
  • Posts

    156
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

2,966 profile views
  1. Eset Internet Security Prem 15.0.23.0 .... is active....... M IS in Sys Tray this a.m. after all night sleep again ..... Missing M / Win Startup Button turned OFF yesterday was apparently per Update Only .... Assume 2 Dnloads showing in box is Anonymous Use Data as #2 mbst-grab-results.zip
  2. My 4.5.4 Update was via Chk for Updates and I think it requd a Re-Start. Don't recall status of Sys Tray M right after that. Computer slept all night (not Off) and M Sys Tray Icon was missing this a.m. when I looked. Opened Mbam and it appeared AND I confirmed my (Security) Win Startup button was -- Off -- , also. Everyone should at least take a look at yours post-update.
  3. Thanks for the Reply. Changed my Admin Acct Name to \Me Admin\ but that's irrelevant. -Log Details- Protection Event Date: 12/4/21 Protection Event Time: 6:39 AM Log File: 35742594-54ff-11ec-ba20-f439093e970f.json -Software Information- Version: 4.4.11.149 Components Version: 1.0.1513 Update Package Version: 1.0.48132 License: Premium -System Information- OS: Windows 10 (Build 19044.1348) CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 MachineLearning/Anomalous.94%, C:\Users\Me Admin \AppData\Local\Temp\7zS42563964\x64\SetupDownloader\SetupDownloader.exe, Quarantined, 0, 392687, 1.0.48132, , shuriken, , 3A0BF05779D80FEF25B48A199BDA4A54, AADC042604D29660E5C48E73381717D4799920C72B420F5FFDE04F3C76481EF8 (end)
  4. During a Paint.Net Update to v4.3.4 I got this Mbam Popup about -- SetupDownloader.exe -- and Quarantined it based on amateur guessing from a Search. I SAW the 7zS42563964 File in the Explorer Path, which isn't there after Quarantine. HOW do you investigate this in the middle of an Update -- and CAN you determine NOW IF its a real Threat or False Positive? The Updated App minus Quarantined File was used to make this Imgur Image = OK. Many Thanks!
  5. https://robointern.tech/ This App (used over a year) automates Repetitive Tasks and Today for the first time ever Mbam Prem gave me a "Ransomware has been removed" and showed Robointern.exe and Two desktop shtcuts for it Quarantined. Wanted a Re-Start to Delete the 3 Files - which I didn't and exempted RI Folder from future scans. I'm Not Sure IF RI was the Ransomeware. FYI
  6. A new Scan was Malware FREE. Fast fix if so, but Thanks. I'll wait and run a new scan before posting in the future should this occur again.
  7. Per Scan Results .TXT File included AI group ending ...558 had 3 members with different Paths to the Same EXE file; I only include One as I'd have to zip the other two ref: duplicate copy-pasting popup and believed they couldn't be different EXE's with same Name. # ending ....755 had 2 members with different Paths to same EXE. Presumed to be False Positives............ AI DETECTIONS 7-12-20.zip
  8. Prem 4.1.2.73 -- Got my first instances (3) of "AI detected" Malware via daily scan and they involve Realtek and BigFile app (BFHandler.exe) which appear to be known, OK items. Now & future AI results: Send to Sppt for False Pos confirmation or go thru the Sppt Tool, etc. here in Forum?? Thanks. File: 5 Malware.AI.431850558, C:\PROGRAM FILES (X86)\REALTEK\PCIE WIRELESS LAN\RTKMODULEVERSION.EXE, No Action By User, 1000000, 0, 1.0.26731, 1FA45A0726C4708019BD843E, dds, 00804007 Malware.AI.431850558, C:\SWSETUP\DRV\NETWORK\REALTEK\REALTEKRT_QQ6PB2\2023.66.1222.2017\SRC\VERSION\RTKMODULEVERSION.EXE, No Action By User, 1000000, 0, 1.0.26731, 1FA45A0726C4708019BD843E, dds, 00804007 Malware.AI.431850558, C:\SWSETUP\DRV\NETWORK\REALTEK\REALTEKRT_QQ6PB2\2023.66.1222.2017\SRC\WIFI_SCRIPT_WIN10S\RTWLANE_DRIVER\VERSION\RTKMODULEVERSION.EXE, No Action By User, 1000000, 0, 1.0.26731, 1FA45A0726C4708019BD843E, dds, 00804007 Malware.AI.2748241755, C:\SYSTEM.SAV\UTIL\BF64\BFHANDLER64.EXE, No Action By User, 1000000, 0, 1.0.26731, 75A0BDD62085BCACA3CED75B, dds, 00804007 Malware.AI.2748241755, C:\SYSTEM.SAV\UTIL\BFHANDLER.EXE, No Action By User, 1000000, 0, 1.0.26731, 75A0BDD62085BCACA3CED75B, dds, 00804007
  9. Not disputing this at all but just know you "may" occasionally have to play with Settings via the Toolbar icon Top Rt Cog Wheel (ie) I found I got Gibberish page characters when Clk'ing on the TaxAct (Preview) App Dnload link BUT did Not IF I temp Pause/Disabled Mbam B Guard .... netted the Save File offering correctly. Search some and digest comments here.
  10. A few Thread below this one is a long discussion. See Post # 19, which should be ............................ https://forums.malwarebytes.com/topic/253174-kaspersky-total-security-2020-hangs-with-mbam/?do=findComment&comment=1343421
  11. Since "V3 Exclusions Tab" becomes in V4 ... Settings Cog Wheel at top/ Security/ Exploit Protection/ Manage Protected Applications / Add-Edit-Del "Protected Apps" ..... Will V3 Exclusion akaTrusted Settings like here be SAVED in the V4 Upgrade as "Protected" Settings - OR Re-enter Same in V4? Better to know now to keep the lists handy.
  12. I couldn't Open Mbam from Sys Tray and the Repair Tool fixed that just now. Another Thread did the same but symptom returned later and he's setup for log capture after next failure. Will monitor and post as relevant.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.