shadowwar

Staff
 View Profile  See their activity

  • Content count

    7,922

  • Joined

  • Last visited

2 Followers

About shadowwar

  • Rank
    Forum Deity

Recent Profile Visitors

59,452 profile views

  1. False ransomware positive

    shadowwar replied to lamperti2's topic in File Detections

    if you update the alpha we may have to white this again.

  2. False ransomware positive

    shadowwar replied to lamperti2's topic in File Detections

    This should no longer be detected. If it is i would need a log showing our detection. Thanks for reporting. Just a tip this could help being prevented by digitially signing your exes.

  3. Police program FP

    shadowwar replied to Cleatus's topic in File Detections

    This may be fixed now but would still appreciate the log to verify. Without the detection name or log its just a guess.

  4. WINASO blocked

    shadowwar replied to jccol's topic in File Detections

    You added this to exclusions? C:\Program Files\WinASO\Registry Optimizer\RegOpt.exe You may also want to see this article. https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/

  5. WINASO blocked

    shadowwar replied to jccol's topic in File Detections

    This is a pup detection and correct. If you would like to continue using it you can add this to your exclusions in malwarebytes. Thanks.
  6. shadowwar started following i need help whit powershell, PUP.Optional.MindSpark and MalewareBytes AdwCleaner FRST download do not start

  7. PUP.Optional.MindSpark

    shadowwar replied to IT_Guy's topic in Malwarebytes Endpoint Protection

    Unfortunately the screenshots are cutting off the important part i need. Its abbreviating out the chrome extension id. Can you post a log here from the detection so i can see the full path? Also check to see if chrome sync is enabled on these particular endpoints. If it is is may be pulling the extension back down again after we remove it.

  8. False positive

    shadowwar replied to Yoummuu's topic in File Detections

    Is just a trace so its not active malware so there shouldnt be anything else to do. If you want you can visit the malware removal subforum and have someone check your machine.

  9. False positive

    shadowwar replied to Yoummuu's topic in File Detections

    There was malware there at sometime. Represented by the svchost.exe.config This wasnt a fp but something delete the file and left the runkey behind. Svchost.exe should not be located in that folder. Usually the fake svchost.exe are located alongside a config file. Its ok to let mbam delete the runkey trace.

  10. MalewareBytes AdwCleaner FRST download do not start

    shadowwar replied to BigOldArt's topic in Malwarebytes 3

    Can you post another frst and addition log please?

  11. NVIDIA Trojan.Crypt?

    shadowwar replied to LinkinForcer's topic in File Detections

    If it was a ransomware it would have Ransom. As a prefix and not trojan.
  12. You should be able to add this file to exclusions list as the bug porthos mentions should of been fixed already.
  13. i passed this on to the anti exploit team. They will look at it within a couple days. You can temporarily remove the the shield proection from steam for now.

  14. Latest update infected?

    shadowwar replied to DudleyFuddpucker's topic in File Detections

    MBAM caches suspect files like this. This is not part of our install but part of our analysis of what is already on your system. So norton detecting there isnt a big deal as we suspected the file first and copied it there.
  15. I really need the full mbamservice.log or the files themselves attached here. Thanks.
  16. Hmm im not sure but i think on the initiall install on client before its updated with current defs its triggering the detection. I would contact your business support rep for further assistance.