Jump to content

frozen

Honorary Members
  • Posts

    265
  • Joined

  • Last visited

Everything posted by frozen

  1. So you are saying the above block and this one is a valid block and it is not a false positive? If so I will try to contact 1Password regarding this as I do not think it is something they want showing up when one is using a Password Manager. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 10/6/21 Protection Event Time: 8:45 AM Log File: b7d5c844-26ab-11ec-8d4b-90e6ba57cdd5.json -Software Information- Version: 4.4.7.134 Components Version: 1.0.1464 Update Package Version: 1.0.45602 License: Premium -System Information- OS: Windows 10 (Build 19043.1237) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: IP Address: 207.148.0.169 Port: 443 Type: Outbound File: C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe (end)
  2. 1Password Community being flagged https://1password.community/discussion/121163/1password-for-windows-early-access Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 10/3/21 Protection Event Time: 7:52 PM Log File: 6a4339f4-24ad-11ec-b3ef-90e6ba57cdd5.json -Software Information- Version: 4.4.7.134 Components Version: 1.0.1464 Update Package Version: 1.0.45556 License: Premium -System Information- OS: Windows 10 (Build 19043.1237) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: dsc.cloud IP Address: 207.148.0.169 Port: 443 Type: Outbound File: C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe (end)
  3. prism-1.0b4.en-US.win32.zip fpreport.txt
  4. False positive in PIDChecker app fpreport.txt pidchecker.zip
  5. This file has been on my hard drive for 3 years no scan marked. usbit.zip fpreport.txt
  6. Well one of those files is still triggering. This time I quarantined it just to MBAM from complaining. ScanFalsePositives.txt
  7. Two false positive of files on my hard drive for years. FalsePositives.zip _FalsePositives.txt
  8. This website which has tools for people repairing computer to save password etc is being blocked.
  9. Two more apparent false positives MbamFlasePositives.zip MBamFalsePositives.txt
  10. Yet more false positives on old files on my hard drive. I think in the future I will just delete these files from my drive and stop reporting these false positives. Its a never ending battle with MBam these days. WinToUSB39-db38su.zip reatogo-25-6a.rar FPReport.txt FPReport2.txt
  11. Updated to Start up scan still reports the zip file in this report as: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/5/21 Scan Time: 10:43 AM Log File: a0603eae-9625-11eb-ad29-90e6ba57cdd5.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1249 Update Package Version: 1.0.39111 License: Premium -System Information- OS: Windows 10 (Build 19042.867) CPU: x64 File System: NTFS User: greg_i5\gregg -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 33 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4241058096, E:\DOWNLOADS\_FALSEPOSITIVES.ZIP, No Action By User, 1000000, 0, 1.0.39111, C297C251D95AD7BBFCC96930, dds, 01188013, 0E8F6CA654A8F29C48B9F476151D427A, 036CB10E7C708B861D60F8E312DB9EA3A4199022E2A527C9DDE1E2DBD8F0DC23 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  12. POssible false positives in 3 old files that have been on my hard drive for years that have not been used and without any detections until now. FPReport.txt _FalsePositives.zip
  13. It was just a file sitting in my downloads folder. I probably downloaded years ago and there it sat all these years and which I could of just deleted/quarantined instead.
  14. FalsePostivie Report.txtWinsockxpFix.zip Have had this file on my hard drive since 2009
  15. Yet again another false positive Malware.AI https://www.virustotal.com/gui/file/14e67c39fc99c315480f3e916c17fde6df5952bde763ef0c9f44cdc0bdabfec3/detection ipscan25.zip
  16. Another day another false positive of a file I have had on my hard drive since 2008 Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/11/21 Scan Time: 2:36 AM Log File: 3a8d9690-6c44-11eb-a771-90e6ba57cdd5.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1157 Update Package Version: 1.0.36957 License: Premium -System Information- OS: Windows 10 (Build 19041.804) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 357718 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 18 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.3984573189, E:\DOWNLOADS\KEYTWEAK_INSTALL.EXE, No Action By User, 1000000, 0, 1.0.36957, 2421A61D6C2095BAED7FC305, dds, 01112063, F8E9C59C14B7CF77983A4B54D5349088, 6BDC99E7B954CE14B968185497780866CEBD7D5E73C9E15ED22E9E17DC696DF9 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) This is the 2nd file in as many day that this AI portion of MBAM has flagged. Its getting really tiring.
  17. Over the past several months Malwarebytes has been flagging decades old files as malware during its scheduled scans. Rather than report the issue I simply told MBAM to quarantine or delete the file and get on with my day. Today I downloaded an update to a piece of software I used regularly QuickAccess Popup https://www.quickaccesspopup.com/ and the download was fine. I unzipped the file and ran the EXE. No problem. Then the scheduled scan popped up the following detection. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/8/21 Scan Time: 8:04 AM Log File: 985282ac-6a16-11eb-996e-90e6ba57cdd5.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1157 Update Package Version: 1.0.36831 License: Premium -System Information- OS: Windows 10 (Build 19041.746) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 371238 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 18 min, 32 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.933796859, E:\DOWNLOADS\QUICKACCESSPOPUP.ZIP, No Action By User, 1000000, 0, 1.0.36831, EA4245633188130637A89BFB, dds, 01106420, 0237442D8B2AB8DE518B8FE0EABF0A69, 5F0C0DBC1256352D4DFF49E16476C745C696C16D7324A0991C3834A17D0CE221 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) Why is there so many false positives coming up with the scheduled scans?
  18. It is still flagging putty.exe here today. I has not done so in the past with me. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/1/20 Scan Time: 8:11 AM Log File: 95487764-ec54-11ea-8acc-90e6ba57cdd5.json -Software Information- Version: 4.2.0.82 Components Version: 1.0.1025 Update Package Version: 1.0.29307 License: Premium -System Information- OS: Windows 10 (Build 18362.1016) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 331590 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 20 min, 38 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.359489261, E:\DOWNLOADS\PUTTY.EXE, No Action By User, 1000000, 0, 1.0.29307, 8D5EDF36737506D5156D5EED, dds, 00877706, 7E13B2D92D7490B8B3A1F10EDFE2F410, 4156606E2E003B2A3B3A4998B26C218AF8EF30731EE4F5390419BC5B3B0E8ACF Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  19. Adding "C:\Program Files\Mozilla Firefox\firefox.exe" as an exclusion to Ransomware and re-enabling Ransomware detection in MBAM allows me to run FIreofox even from the profile on D Drive. That is probably until the the next firefox update I guess.
  20. I just noticed that MBAM is still blocking FIrefox.exe from running. The EXE is still there on the hard drive. I had to close MBAM to run the program. There is s of course nothing inin quarantine. THis is because MBAM did a RTP detection on it. I guess I will have to disable Ransomware altogether in MBAM. If I do then Firefox is allowed to run, Same thing happens if MBAM is closed altogether.
  21. Same thing here. I have been updating FIrefox without issues until April this year and was always using the profile on D drive. Only since then have I had to use the C profile to do the update I bet if I leave FIrefox alone for a day or so I will again be able to use the profile on D drive again without any repercussions from MBAM. At least that was what I experienced earlier this month.
  22. What is weird is that if I perform the update while using the D drive profile MBAM first flags Updater.exe when FIrefox is restartred after the update. Then MBAM simply terminates FIrefox upon restarting Firefox. None of this behavoir occurs when I use the C drive profile.
  23. The problem occurs in my case when I use my normal profile which is stored over on D drive. If I use the profile that is over on C drive (which is a copy of the files I made from the D drive profile) the problem does NOT occur.
  24. I am just glad I am not the only one seeing this behaviour. It was lonely here for the first 3 months
  25. Another Firefox update today. I started FIrefox using the profile that is stored on D: rather than the normal C: partition update came down via Help | About clicked on the restart Firefox after the update was applied and whamo Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/29/20 Protection Event Time: 9:52 AM Log File: 20da2f3a-d1ab-11ea-bcb0-90e6ba57cdd5.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.990 Update Package Version: 1.0.27635 License: Premium -System Information- OS: Windows 10 (Build 18362.959) CPU: x64 File System: NTFS User: System -Ransomware Details- File: 0 (No malicious items detected) (end) The popup message said that it had blocked updater.exe. Started Firefox backup but this time using the Profile stored on C: drive and FIrefox was not blocked and showed that it was properly updated to version to version 79.0 I closed down FIrefox and started it up with the profile stored on D: drive and just let Firefox stay open there on the screen. Whamo: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/29/20 Protection Event Time: 10:04 AM Log File: cf88a218-d1ac-11ea-906f-90e6ba57cdd5.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.990 Update Package Version: 1.0.27637 License: Premium -System Information- OS: Windows 10 (Build 18362.959) CPU: x64 File System: NTFS User: System -Ransomware Details- File: 0 (No malicious items detected) (end) I bet in a couple of days if I leave Firefox alone or at least not use it with the profile stored on D: that I will be able to start Firefox up and use the D: profile without any issues.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.