Jump to content


Honorary Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by siliconman01

  1. Attached is the UserBenchmark.exe file and the MBAM scan results/log. I'm pretty confident that this is a false positive. NOTE: The forum will not upload these two zipped files for some reason. Below is the log. You can download UserBenchmark at the following URL: Home - UserBenchmark Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/23/21 Scan Time: 4:06 PM Log File: 7aaa19ec-ebf1-11eb-9baf-305a3a05c7ae.json -Software Information- Version: Components Version: 1.0.1404 Update Package Version: 1.0.43436 License: Premium -System Information- OS: Windows 10 (Build 19043.1147) CPU: x64 File System: NTFS User: ASUSHomeBuilt\Tom -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 322779 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 1 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Spyware.Exploit, C:\PROGRAM FILES\USER BENCHMARK\USERBENCHMARK.EXE, No Action By User, 13848, 961181, 1.0.43436, , ame, , D35F8246F25DC9C303B09D35E8563500, 77C3771475C31F79A4FE4B7BBEE7FD37D5516D9FD794CB4D8322F3CFEA3A106A Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  2. Internet Download Manager file IDMan.exe is being detected as Malware.AI.1415499812. I ran it through Virus Total and it is clean. False Positive? IDMan.zip Scan Results.txt
  3. The attached two files are being detected as malware. I ran them through Virus Total and they scanned cleaned. Are these false positives ? False Positves.zip MBAMScanResults.txt
  5. Malware.Heuristic.1003, C:\USERS\TOM\APPDATA\ROAMING\FUTURE SYSTEMS SOLUTIONS\CASPER 11\INSTALL\7214666\COMMONFILESFOLDER\FUTURE SYSTEMS SOLUTIONS\SERVICES\CASPERSVCS.EXE, No Action By User, 1000001, 0, 1.0.39491, 0000000000000000000003EB, dds, 01205305, F1C464F8DC128A72CCD03B130E5CC635, 937C17D7BB51239EEE16B38569A6B102E0AECCD87BDCC62FC4B2BA2175EA8B54 The above False Positive is occurring for Casper 11. CASPERSVCS.zip False Positive.txt
  6. The latest definitions are flagging the HOSTS file as infected. HOSTS.zip
  7. Does Browser Guard check a website's favicon to determine if it is being used as a supercookie-type tracker? https://gizmodo.com/favicons-could-be-the-supercookie-that-tracks-you-every-1846229089 https://arstechnica.com/information-technology/2021/02/new-browser-tracking-hack-works-even-when-you-flush-caches-or-go-incognito/
  8. This applies to Windows 10x64 Pro Version 20H2 (OS Build 19042.546 and MBAM Version, Update Package 1.0.30876, Component Package 1.0.1061, Support Tool I performed a Clean Install of MBAM using the Support Tool which downloaded FRSTEnglish.exe. Following the installation of the latest version of MBAM, a scan detects FRSTEnglish.exe as a trojan. See attached logs and also FRSTEnglish.exe. False Positive.zip
  9. Is the Mb Support Tool download link posted on the forum anywhere?
  10. Thanks for fixing the "Resolving Host" issue for Windows 10x64 Pro V2004 and MS Edge Chromium default browser. 😇
  11. Am on 2.2.7 and no longer seeing any blocks on the URL. Thanks for your attention to this issue and please stay safe.
  12. As of 11-july-2020, hxxps://www.macecraft.com is being blocked for Phishing. Is this a False Positive ??
  13. It's still being blocked. I disabled the MBAM extension in MS Edge Chromium (my default browser) and initiated the download. The download URL showed as: hxxps://cdn1.ashampoo.net/ashampoo/5710/ashampoo_burning_studio_21_21.6.1_sm.exe which is different from what I initially provided. Sorry.
  14. The download for Ashampoo Burning Studio 21 is blocked as a suspicious download hxxps://www.ashampoo.com/en/usd/dld/5710/Ashampoo-Burning-Studio-21/
  15. hxxps://www.wagnardsoft.com started getting blocked as of today. I've accessed the website daily for years. False Positive ?
  16. The applies to Windows 10x64 Pro Build 19041.329 V2004. and Beta (fresh installed). When I click on "Use expert system algorithms to identify malicious files" on/off button to change its status, the GUI does not change. If I restart MBAM, it then shows the new status of this option.
  17. I found this URL that describes dumpstack.log.tmp and how to get rid of it. The file is attached. DumpStack.log.zip
  18. The Dumpstack.log.tmp file is locked tighter than drum and cannot be copied, opened, deleted (even after "take ownership" is executed) or with the system in safe mode. Cannot even send it up to VirusTotal. It is on all my Windows 10x64 Pro systems with the latest v2004. Also here is a Custom Scan Results 1 report with this feature activated and it shows 273 detections. I run KIS 2020 on 1 of systems and Bitdefender Internet Security 2020 on my other systems. I scan my systems daily and these security suites show no infections. Both of these suites scan for rootkits as well. The Custom Scan Results 2 report is the same scan with this new option turned off. Advanced Scan Results 1.txt Advanced Scan Results 2.txt
  19. This morning it was detecting 7 items. This afternoon it is only detecting one item. Here is the scan log from this afternoon. I don't have the log from this morning. Scanlog.txt
  20. What is this new feature in 961 Beta "Use expert system algorithms to identify malicious files" ? When I activate it, the results are several false positive detections.
  21. The download link for Collectorz download is being blocked as a suspicious download. This is a program update download and the block is most likely a False Positive. hxxps://installers.collectorz.com/movie-win/moviecollectorsetup2031.exe
  22. Still blocked as of 01-Jun-2020, 2:00 a.m. EDT USA.
  23. The following financial website is blocked because of "TLD". I've used it monthly for at least 12 months. hxxps://www.secured-server.biz/CityOfStAlbansMUC/HP/
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.