Staff shadowwar Posted August 21, 2016 Staff ID:1057523 Share Posted August 21, 2016 (edited) This is nothing to worry about. The tempstate folder is just a temporary storage folder for cortana. No vital files are there. When mbam went to quarantine the file it no longer existed so it couldnt quarantine it. This detection is saying a gif file which is normally not executable had executable properties. Malware is known to use this. Legit programs sometimes use this though it is not really a good practice to do so. Without the file its hard to say exactly what it was but if it didnt get detected on scans after this one i wouldnt worry about it any longer. Edited August 21, 2016 by shadowwar Link to post Share on other sites More sharing options...
thisisu Posted August 21, 2016 ID:1057526 Share Posted August 21, 2016 2 hours ago, daledoc1 said: Yes, I have asked a Malwarebytes staff member to review your logs. Please try to be patient until they can respond. FRST logs are clean. Link to post Share on other sites More sharing options...
bobz Posted August 21, 2016 Author ID:1057599 Share Posted August 21, 2016 15 hours ago, shadowwar said: This is nothing to worry about. The tempstate folder is just a temporary storage folder for cortana. No vital files are there. When mbam went to quarantine the file it no longer existed so it couldnt quarantine it. This detection is saying a gif file which is normally not executable had executable properties. Malware is known to use this. Legit programs sometimes use this though it is not really a good practice to do so. Without the file its hard to say exactly what it was but if it didnt get detected on scans after this one i wouldnt worry about it any longer. #1- What do I do now? Do I have to uninstall and reinstall MB? #2- If this " tempstate folder" is a temporary folder for cortan, will this " tempstate folder" keep showing up every time I run a scan? And if so, what do I do about it? (Everyone using Win10 and MB would get this same "threat?") Link to post Share on other sites More sharing options...
bobz Posted August 21, 2016 Author ID:1057601 Share Posted August 21, 2016 12 minutes ago, bobz said: Forgot to mention in my question #1 above that "Porthos" told me to uninstall and reinstall MB. Do I have to do that? Link to post Share on other sites More sharing options...
daledoc1 Posted August 21, 2016 ID:1057608 Share Posted August 21, 2016 Hi: #1: No, there is no need to reinstall MBAM at this time. #2: Yes, that file/folder *might* show up again if that temporary folder were to be recreated by Windows. But it's perhaps less likely to show up again in your scan log if you run the recommended Threat scan, rather than the "Custom" or "Full" scan that you originally reported. If everyone on Windows10 were seeing that file turn up in their Threat scan logs, there would be a flood of reports here in the forum. As of now, you are the only user to report it. It may be a "one-off" thing on your system, or just an oddity that is detected when one runs a full scan, rather than a Threat scan. (For the record, I do not have that detection on my own Win10 system when I run a Threat scan.) There is no need to worry about the detection, as @shadowwar explained here. It is not malicious. MBAM is flagging the behavior/file because it looks like something malware would do. MBAM is being careful. That is all. No need to worry about it. Cheers, P.S. Your logs show that you are only running Windows Defender for real-time protection. You might want to consider adding the layered protection of paid, MBAM Premium. It provides complementary, live protection against a different range of malware threats that can be missed by your anti-virus. It will run just fine alongside Windows Defender. Link to post Share on other sites More sharing options...
bobz Posted August 21, 2016 Author ID:1057636 Share Posted August 21, 2016 Thank you for your kind help. I thought i had to uninstall MB and reinstall MB because Porthos said: " Also It looks like you installed Malwarebytes on 7-23 and on 8-3 you upgraded your Windows from the one that came with your new computer to the new anniversary update 1607. Sometimes this can break MBAM. I suggest you do a clean install to rule that out.." Should I just disregard that and let everything stay "as is," and make no changes and do not do a uninstall/reinstall of MB? Link to post Share on other sites More sharing options...
daledoc1 Posted August 21, 2016 ID:1057638 Share Posted August 21, 2016 Hi, again: From the information provided thus far in this thread, it appears that MBAM is working correctly on your computer. I do not see a reason to reinstall the program at this time. But if you wish to perform a clean reinstall, by carefully following ALL of the steps in this tutorial, that's entirely up to you: MBAM Clean Removal Process 2x Thanks again, Link to post Share on other sites More sharing options...
bobz Posted August 21, 2016 Author ID:1057650 Share Posted August 21, 2016 Thank you so much. I did decided to do a clean reinstall. When I clicked on the mbam-clean.exe, it took about two seconds (very fast) and then it said to restart the computer. Does it just take 2 seconds to delete the MB? I thought it would take several minutes with many pop-ups, etc. When it restarted it still had the MB icon on the desktop and when I clicked on that it said program had changed or was no longer on the computer. I deleted the icon and then installed MB agaion. Hope I did it correctly. Link to post Share on other sites More sharing options...
daledoc1 Posted August 22, 2016 ID:1057728 Share Posted August 22, 2016 Hi: We are not in front of your computer, but your description sounds OK. I'm not sure why the desktop shortcut icon was left behind. But if you manually deleted it and then reinstalled MBAM, it ought to be fine. Thanks, Link to post Share on other sites More sharing options...
bobz Posted August 22, 2016 Author ID:1057760 Share Posted August 22, 2016 Thank you so much. I just thought that the mbam-clean.exe program taking only 1 or 2 seconds to complete and then the pop-up saying to restart computer would not be enough time to delete the entire (old) MB that I had on the Win10. Then I thought the 'full' uninstalling would take place when the computer rebooted. Is that when the uninstall would take place (after the reboot) and not during the 1 or 2 seconds before the pop-up saying "restart your computer?" We couldn't understand how the entire MB program could be usinstalled in 1 or 2 seconds (before the reboot). (Sorry for all the questions but I am trying to explain this to my wife.) Link to post Share on other sites More sharing options...
daledoc1 Posted August 22, 2016 ID:1057765 Share Posted August 22, 2016 Hi: The MBAM-clean tool works very quickly. The full cleanup is completed when the computer is rebooted (restarted). Everything sounds fine. We are not in front of your computer, but as far as we can tell, there is nothing to worry about. If MBAM Free is now reinstalled and working correctly, then you should be all set. >Please remember: a Threat scan (no more than once a day) should be all that's needed under normal conditions. Routine or frequent "custom" or "full" scans are neither necessary nor recommended. >MBAM Free can only remove malware that made it past your anti-virus onto the computer. You might wish to bolster your real-time protection to help PREVENT infection. To do so, you might consider MBAM Premium. (There is a discount for multiple licenses purchased at the same transaction. So, if you have more than one computer to protect, you might want to buy a license for each one.) Thank you again, Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now