siliconman01

As of today, https;//www.macecraft.com is being blocked. Unless something has changed to the bad, this is a FP.

Fix confirmed...thanks

The extension is blocking downloading the C++ software for 2015, 2017, and 2019 https://aka.ms/vs/16/release/vc_redist.x86.exe https://aka.ms/vs/16/release/vc_redist.x64.exe

https://www.malwarebytes.com/support/releasehistory/ The above webpage needs to be updated to reflect the latest release 3.7.1.2839 v1.0.586

This issue does appear to be fixed with the release of 1.0.586. Thanks for bug fix.

MachineLearning/Anomalous.94%, C:\PROGRAM FILES\COMMON FILES\LOGISHRD\SP6_UNINSTALL\TOOLS\RUNBROWSER.EXE, No Action By User, [0], [392687],1.0.10346 MachineLearning/Anomalous.94%, C:\PROGRAM FILES\COMMON FILES\LOGISHRD\SP6_UNINSTALL\TOOLS\64\RUNBROWSER.EXE, No Action By User, [0], [392687],1.0.10346 This is from the latest Logitech software update released on 25-April-2019. Windows 10x64 Pro. MBAM Log.txt RunBrowser.zip RunBrowser64.zip

You could build a special cleaning rule in CCleaner to keep that are cleaned out.

You could download/install TreeSize Free and quickly isolate which folders are hogging your AppData folder. Sounds like something storing a lot of stuff that you don't want to keep on Windows 10x64. In addition, do you use the Winapp2.ini add-in with CCleaner? If not, you should use it because it cleans gigabytes more than the standard cleaning built into CCleaner. Refer to the forum thread at the link below. (Be sure to use the tool winapp2ool.bat to TRIM your CCleaner to match your installed software and to speed up CCleaner.) https://forum.piriform.com/topic/32310-winapp2ini-additions/

Fix confirmed. Thanks again for prompt resolution.

okay, will do. Thanks much for your efforts on this. 😉

Here is the requested log. Are you running the newly released component version of MBAM? The reason I ask is that yesterday I was not getting this false detection. Today after the component update, I am getting the detection. MBAMSERVICE.zip

I don't have 7zip on my system...I use WinRar v7.0. If I extract Support.Cab using WinRar and scan the extracted folder files, no detection is found. If I scan Support.cab with heuristics on, I get the detection. If I scan Support.cab with heuristics OFF, I do not get the detection.

It's also detected via a right click scan of the file.

It is still detected even after deleting HubbleCache per your recommendation. This is on a Custom scan with "Scan rootkits" selected and also with "Scan rootkits" not selected. It is not detected on a standard routine scan. MBAMLogCustomNORootkitScan.txt MBAMLogCustomRootkitScan.txt MBAMLOGStandardScan.txt

The latest MBAM is detecting the InstallShield info for my Creative SoundBlaster Z drivers as an infection. {9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}.zip MBAMScanLog.txt