shadowwar

Staff
  • Content count

    7,922
  • Joined

  • Last visited

2 Followers

About shadowwar

  • Rank
    Forum Deity

Recent Profile Visitors

59,452 profile views
  1. False ransomware positive

    if you update the alpha we may have to white this again.
  2. False ransomware positive

    This should no longer be detected. If it is i would need a log showing our detection. Thanks for reporting. Just a tip this could help being prevented by digitially signing your exes.
  3. Police program FP

    This may be fixed now but would still appreciate the log to verify. Without the detection name or log its just a guess.
  4. WINASO blocked

    You added this to exclusions? C:\Program Files\WinASO\Registry Optimizer\RegOpt.exe You may also want to see this article. https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/
  5. WINASO blocked

    This is a pup detection and correct. If you would like to continue using it you can add this to your exclusions in malwarebytes. Thanks.
  6. PUP.Optional.MindSpark

    Unfortunately the screenshots are cutting off the important part i need. Its abbreviating out the chrome extension id. Can you post a log here from the detection so i can see the full path? Also check to see if chrome sync is enabled on these particular endpoints. If it is is may be pulling the extension back down again after we remove it.
  7. False positive

    Is just a trace so its not active malware so there shouldnt be anything else to do. If you want you can visit the malware removal subforum and have someone check your machine.
  8. False positive

    There was malware there at sometime. Represented by the svchost.exe.config This wasnt a fp but something delete the file and left the runkey behind. Svchost.exe should not be located in that folder. Usually the fake svchost.exe are located alongside a config file. Its ok to let mbam delete the runkey trace.
  9. MalewareBytes AdwCleaner FRST download do not start

    Can you post another frst and addition log please?
  10. NVIDIA Trojan.Crypt?

    If it was a ransomware it would have Ransom. As a prefix and not trojan.
  11. You should be able to add this file to exclusions list as the bug porthos mentions should of been fixed already.
  12. i passed this on to the anti exploit team. They will look at it within a couple days. You can temporarily remove the the shield proection from steam for now.
  13. Latest update infected?

    MBAM caches suspect files like this. This is not part of our install but part of our analysis of what is already on your system. So norton detecting there isnt a big deal as we suspected the file first and copied it there.
  14. I really need the full mbamservice.log or the files themselves attached here. Thanks.
  15. Hmm im not sure but i think on the initiall install on client before its updated with current defs its triggering the detection. I would contact your business support rep for further assistance.