1PW

Hello @tepitts: Malwarebytes official stance on such products are summed up rather nicely in the Malwarebytes Labs Blog: Registry Cleaners: Digital Snake Oil Hence, similar products would be rightly regarded as a PUP and would be flagged and quarantined by the Malwarebytes for Windows product. Thank you for your understanding.

Hello @AlbertM and Sharing your MB4.Beta2 experiences is highly appreciated. Would you please document your observations with screenshots and logs? The Malwarebytes' staff/devs need hard data to resolve this issue. Thank you.

Hello @Enkopa: You need not Quote my entire post to you. Just begin typing in the Reply to this topic... box. Per my request, could you please send an example .kvag encrypted file to the Sample Encrypted File section of Uploaded Files at ID Ransomware and then post the complete report in your next reply to this topic? Please do not send the file to me. Your patience and understanding are greatly appreciated. Thank you.

Hello @Enkopa and A request to forum management has been made to move your topic to the more appropriate Windows Malware Removal Help & Support sub-forum. In the meantime, please satisfy all the information requests by uploading the following: Ransom Note - The file that displays the ransom and payment information. Sample Encrypted File - A file which has been encrypted, and cannot be opened. Addresses - Optionally, you may enter any email addresses or hyperlinks the ransomware gives you for contact (if there is no ransom note). Upload the appropriate effected files to the "Upload Files" section of the ID Ransomware site and then post all three (3) complete results in a reply to this topic. Please do not summarize what the ID Ransomware site reports. Instead, please provide the entire reports. Thank you.

Hello @Nicolas7: You are most welcome!

Hello @Nicolas7: I would recommend that Windows Defender Exploit Protection be enabled. Thank you.

Hello @Nicolas7: If you are referring to Malwarebytes' Exploit protection (AE module), I would council against disabling the AE module on a long-term basis. The AE module was developed, and has succeeded, as one of the finest defense tools within Malwarebytes for Windows. As to disabling the AE module for testing purposes on a short-term basis - okay. Congratulations on solving your system's issues. Unless you are advised differently by Malwarebytes' AE staff, you may select "Other" for the Program type. Thank you.

Hello @Nicolas7: This can be pursued after a Malwarebytes Support Tool - Repair (below) is performed. For now please disable both of them temporarily. Note: Please avoid using the Microsoft Edge browser due to errors noted in the data you have posted. Please use Internet Explorer 11 instead. Please delete any/all previous copies of mb-support-x.x.x.xxx.exe Please download and sequentially follow the steps within the Troubleshoot issues with Malwarebytes for Windows document. This will attempt to correct a MB3 anti-exploit module error also noted. At the conclusion of the MBST-Repair, please sequentially follow steps 1 through 8 in the Upload Malwarebytes Support Tool logs manually document. Then, attach the fresh mbst-grab-results.zip archive file in your next reply to this topic. Thank you.

Hello @Nicolas7: Based on your statement that "problems are gone", if permitted, please run Malwarebytes, update the databases followed by a Malwarebytes' Threat Scan and direct all that is found to be quarantined but do not delete the quarantine content until requested. Then, please ATTACH the Threat Scan output text report file in your next reply to this topic. Thank you.

Hello @Nicolas7 and As an acceptable alternative, please try downloading/running Farbar's FRST64.exe from: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html If successful, please only ATTACH the FRST.txt and Additional.txt output report files in your next reply to this topic. Thank you.

Hello @MAM: Since the following applications already seem to be installed on this W7 system, please ATTACH scan reports from as many as is possible: Malwarebytes 3 for Windows TDSSKiller Zemana G Data Internet Security Please consider running these, and others, in Windows Safe Mode if failing in Windows Normal Mode. As previously requested, can you please add any other related infection observations to the narrative in your next reply. Thank you.

Hello @MAM: It would be best if forum management is requested to move your topic to the Windows Malware Removal Help & Support sub-forum for expert analysis and remediation. In the meantime, please carefully study the locked/pinned topic I'm infected - What do I do now? To the three (3) files requested, it would be helpful to also ATTACH a Scan Report from Malwarebytes AdwCleaner as the fourth (4) report in a reply to this topic. Also, please provide a good narrative of the symptoms of the infection experienced. Thank you.

Hello @Pramod2209 and I am sorry to read that your computer has been attacked. This may be a recent variant of a previous ransomware scheme. You and your thread would be best served by our requesting forum management move your topic to the Windows Malware Removal Help & Support sub-forum for expert & qualified assistance. In the meantime, please satisfy one or more information requests by uploading an appropriate effected file(s) to the "Upload Files" section of the ID Ransomware site and then post the complete result(s) in a reply to this topic. Hopefully your topic will have been moved by then. Thank you.

Hello @celtics and I am sorry to read that your computer has been attacked. This may be a recent variant of a previous ransomware scheme. You and your thread would be best served by our requesting forum management move your topic to the Windows Malware Removal Help & Support sub-forum for expert & qualified assistance. In the meantime, please satisfy one or more information requests by uploading an appropriate effected file(s) to the "Upload Files" section of the ID Ransomware site and then post the complete result(s) in a reply to this topic. Hopefully your topic will have been moved by then. Thank you.

Hello @Ashley100 and Please use the Submitting False Positives utility which will properly document, validate and greatly streamline the reporting of false positives. Trying the MB4 public beta is greatly appreciated. Thank you for your patience and understanding.