tetonbob

Moderators
  • Content count

    813
  • Joined

  • Last visited

1 Follower

About tetonbob

  • Rank
    Staff

Recent Profile Visitors

15,547 profile views
  1. @Gamboleer - Are you running our latest program version 3.1.2.1733? @gregnedel - Can you please update to our latest program version 3.1.2.1733? That should resolve these FP detections.
  2. @Fastflys - Malwarebytes 3.1.2.1733 is now final and available for download.
  3. @Fastflys - thanks for letting me know. Stay tuned to the forum for the release announcement, and I'll post here as well when the new MB3 version is final and available for download from our main site links.
  4. Hi @Fastflys - we believe this issue is resolved in our upcoming product release. This is why miekemoes pointed steveb_online to our latest Beta release, which he said resolved the detection issue. Please do not attempt to restore these quarantined drivers. Would you be willing to install the Beta and let us know your results?
  5. Hi @miguelgrado - thanks for your report. I've been able to reproduce this issue and reported it to the team.
  6. Hi @randykates - I'm not seeing any issues when attempting to use the Add File button to add a batch file (.bat) to Exclusions.
  7. Hi @cchilderhose - It appears you've received a reply to your support request. Since you do have an open ticket with Support, I'll close this forum topic. Thank you!
  8. Hi Paul. Thanks for letting us know that the issue is resolved. Typically when this inability to delete the mbar folder takes place, the mbamchameleon self-protection driver that is part of MBAR is still running for some reason. It is supposed to unload when MBAR exits. Sometimes a reboot or two will resolve that.
  9. Hi PaulAllen. Do you also have Malwarebytes Anti-Malware or Malwarebytes 3.0 installed? If so, is self-protection enabled?
  10. Hi @ceez - thanks for confirming that the Component Update 1.1.19 fixed this issue for you!
  11. Hi @bluenotemk- I'm glad to hear that the solution in Component Update 1.1.19 worked for you as well. Thanks for posting!
  12. @ron_hk - thanks for the logs. I can see in the MBAMService.log that indeed this detection was discarded as whitelisted. We'll forward this information to our Developers for review. We would consider this a false positive in that there was a detection, but no quarantine attempt took place. There should be nothing further for you to do.
  13. @royaljackv - If you see in the Report "No action by user" like in ron_hk's image, with the Anti-Ransomware component this means the detection was discarded. It's most likely been internally whitelisted. That being said, we'd like to know more about why there was a detection at all of this particular csrss.exe since that is a legit location for this file.. For that, we'd like the MBAMService.log which Dave mentioned in his previous post. Additionally, we'd like the .arw files located here: C:\ProgramData\Malwarebytes\MBAMService\ARW < copy this folder to desktop and zip it if there are multiple .arw files. Thank you.
  14. Hi @DFLO. Thank you for confirming!
  15. Great, thanks for letting us know that part of your report is resolved.