Jump to content

Samoreen

Honorary Members
  • Posts

    35
  • Joined

  • Last visited

Reputation

0 Neutral

About Samoreen

  • Birthday 04/26/1948

Profile Information

  • Location
    Samoreau, France
  • Interests
    Photography
  1. OK, I see that these files are copies of the user registry hives and I guess they can't be deleted while they are loaded. But if MB was able to load them, it should be able to unload them as well before deleting the corresponding files. Maybe it's related to UAC ? UAC is disabled on my system.
  2. The log excerpt that you are showing is related to files, not to registry keys. What is the relationship between both ? As explained above, I am former system engineer and software developer. So, you can get technical.
  3. I'm also running ESET NOD32. Could this be a problem ?
  4. Thanks. However, I'm a former system engineer and I can differentiate legitimate entries in HKU. Anyway, I used the MB cleanup tool to uninstall it and these ghost entries had disappeared after the reboot. Everything is OK. I'm not sure I will reinstall. Should I be confident in a protection software that is able to do such things in the system registry ?
  5. I guess I should delete all the keys in the form of S-1-5xx-{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}-xxxxxxxxxxxxxxxxx ?
  6. By the way, I'm not sure I like the idea of uploading to a public forum a file containing a lot of information about my system. Could you please delete after downloading it ?
  7. Hi, Is MB using a cache ? It seems that is is able to detect problems with registry values that do not exist. It just reported this "threat" : Registry Value: 1 PUM.Optional.LowRiskFileTypes, HKU\S-1-5-21-xxxxxxxxxx-xxxxxxxxx-xxxxxxxx-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, No Action By User, 6665, 251589, 1.0.14826, , ame, But this registry value just does not exist. I had deleted it before the scan. I'm using 2 different registry editors and none of them is even able to find a LowRiskFileTypes value in my registry. I have deleted all of them. Even after exiting MB, relaunching it and re scanning, it continues to detect this "threat". If I quarantine this item, it no longer detects it but what did it quarantine since the value doesn't exist ? A true false positive, so to say.
  8. Hi, Please look at the screen capture below. This is the MB3 window after a scan. There are 2 threats detected, related to the registry. The registry path is too long to be read. There's no tooltip showing when hovering the location column. The registry value in question is not displayed (why no column for the registry value ? - or did I miss something ?). Right-clicking one of these two lines doesn't make any command available that could give more information about the threat. So complicated manipulations are necessary in order to decide whether these threats should be quarantined. This is an old problem and I think that the fix is easy. Thanks in advance.
  9. I'm sorry if I have been a little rough but lock's answer was rather provocative and demonstrated that he had not read my initial post.
  10. OMG! Do we need an advanced member to explain this ? I was probably using Windows before you knew what a computer is. You didn’t read my message. Of course I know how to increase the size of a window. I have explained that sometimes, the text in the “location” column is so long that in order to read it, the window width would have to be greater than the display width. Anyway, in such dialog boxes, the basic UI design rules explain that the user should have a way to display or extract the full text of a column (tooltip, copy command, etc.). The current design of this dialog in MB3 is flawed.
  11. Up ! We now have version 3.3 and the problem is still there. Could someone wake up the developer responsible for the MalwareBytes UI please ?
  12. Hi, I have a question, though. I have 4 browsers installed on my system (Firefox, Chrome, Edge and IE) and this morning, all were getting these blocks when accessing certain sites. I'm wondering why these browsers need to connect to *.symcb.com , a Symantec site. Is MalwareBytes doing this ? Why ? Is MalwareBytes using information stored at the Symantec site ? Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.