baedric
Honorary Members-
Posts
23 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by baedric
-
-
As to the screenshot, I have not been able to capture the text in the gui issue, nor have I seen it again.
-
That is strange, I know that I sent one. I will send another email. Thanks and sorry for that!
-
Thanks again for your assistance!
-
I am still awaiting support... I realize there was a weekend in there.
-
Support contacted. Thanks for your assistance!
-
I wouldn't think that viber would or should inject code into mbam, although I have no idea if that is what happened or not. Does my machine appear to be clean?
-
I have to wonder if this is not something to do with viber. I noticed that viber has a "video call" option, which I don't use, but is available. I wish that I had taken a screenshot...
-
Hello, Thanks for the help! I did not get a screenshot, and I have not seen it since it showed up earlier. The files you requested are included. FRST.txt Addition.txt CheckResults.txt
-
I noticed a "video call" notification in Mbam to the left of My Account in the gui. It just flashed up for a couple of seconds. I have not seen it before and wonder what it means? I did a bit of searching and did not find any additional info. Thanks in advance! Mbam Pro 2.2.0.1024
-
Ok, That is what I will do. I booted into a DrWeb boot usb just to get another opinion from a linux environment and it did not detect anything either fyi. I think this machine is probably clean as I am experiencing 0 symptoms other than the one detection by mbam. The machine in question is pretty well locked down, but I know malware writers are getting better all the time. I will continue to monitor. Thanks again!
-
Ok, I understand what you are saying. What do you recommend as my next step? Continued monitoring? Submit a support ticket to Webroot? I am at a loss as to what I do next.
-
Thank you for the link. If I continue to have the problem I will issue a support ticket. I think MBAM was flagging the WR driver because it was a beta driver? I have since reverted to the release version.
-
Thanks, I already have Webroot whitelisted in MBAM but can't find a way to exclude MBAM in Webroot.
-
The driver in question seems to be a signed Webroot driver. I will continue to monitor this and I will let you know if it happens again.
-
I use Webroot AV and Sandboxie.
-
This morning I upgraded MBAM to version 2.1.4.108. After a reboot I ran a scan which detected a Rootkit in my System32 drivers folder. The file is Wrkrn.sys. This was I believe a false positive, so I re-ran a new scan from developer mode and it came back with no detection. I scanned the file on Virustotal and it came back clean. The strange thing is that the second scan was using the same signatures as the original scan. I then ran MBAR, and TDSSKiller and they both detected nothing... I think that all is well, but I wanted to notify you of a possible false positive. mbam log.txt mbam log II.txt
-
MBAM Scheduler is not working properly
baedric replied to baedric's topic in Malwarebytes for Windows Support Forum
Ok, I will switch off the "check for updates before scanning" and see what happens. Thanks! -
Thanks for all your assistance! I updated the db and it is no longer detected. Thanks again!
-
I could not find a file in that location. I have included a couple of screens for you to view. Screenshot.zip
-
Sorry, forgot to attack scan logs... Zipped up two from each account. Original findings and two from developer mode...MBAM Scan Log.zip
-
Last night MBAM found Trojan.Agent while my son (E) was on his limited account. Strangely, it was on his brother (A) account. I let MBAM try and get rid of it but upon reboot it was found again. I exited out of his account and ran MBAM and Emsisoft Anti-Malware on my administrator account and nothing was found. I logged into his brothers (A) account this am and it found 2 Trojan.Agent in (E) account. I let it try and get rid of them and it did get rid of one of them but upon reboot, one Trojan.Agent remains in Each boys account. I have to wonder if this is not a fp associated with family safety or something? The computer is Windows 8.1 x64 with very little other software installed. I just reinstalled windows recently and upgraded to 8.1. It "should" be clean... Thanks in advance, Ben