amicone

Hello, Two items: I was wondering if Malwarebytes has been updated to detect WARMCOOKIE. How do we find if Malwarebytes has a specific rule in place for a specific exploit?

Sure here's that as well. The upgrade seems to 22H2 seems to work normally now as well. SecurityCheck.txt

Thanks! Here are the results. Looks pretty clean. Fixlog.txt

Not a lot to write home about from the full-scan, what we already saw. I think these may just be MSI's Killer Optimizer turning off useful things in the name of performance because nothing else was detected but the registry key override. Other thoughts for next actions? msert.log

Attached FSS.txtFSS.txt

Yep, the absence of system restore was a little weird. That's the first thing I noted when looking at it. Some tips for cleanup would be most welcome.

The logs file attached mbst-grab-results.zip

Hello, when I installed the last feature update for Windows 11, it quickly became unusable; everything slowed to a crawl. Getting into process explorer reveled that Malwarebytes was quickly eating up all available memory, causing the system memory to page. Removing the windows feature update fixed the problem. Do we have any idea what might have caused this and if there's a fix? Should I disable Windows update for a while or take some other action?

Running latest office 365 PowerPoint update, this is 100% repeatable: Open a "slide with content" and choose a graph as the content. Use the edit data item on the graph. When the chromeless excel window opens with some sample data, attempt to edit a line. Malwarebytes kills Powerpoint for Office WMI abuse. I know I can just turn off Office WMI support or turn off malware protection temporarily, but turning off security to perform routine computing tasks is something I try to avoid.

Thank you.

Got this after a scan this morning, but these look like OS components, most likely from the windows customer experience program and/or the P2P file sharing feature for updating windows patches from local machines. After update still listed as RiskWare.Injector.Generic. I'm thinking false Heuristic match? There's 47 of these. 20210519Report.txt

Thanks, Appreciate it.

This is strange, the Evernote uninstaller was just flagged as malware by the AI, so I've quarantined it, but I have no idea how one might determine if this is just a false positive or an actual exploit (or why it flagged it now, after I've been running it for years). Evernote Malware.txt

Turning off rootkit scan might work, but considering MB seems to automatically turn off its rootkit scan when it is on the same machine as Kaspersky, I'm thinking that would leave me without rootkit protection. Is the idea to turn it off in Kaspersky and then on in MB? I think I'll start with the exclusions, but there doesn't seem to be enough information there, as exclusions require a few parameters to work correctly: So that gives me the name of the files to put in as the exclusion, but not the object name, mask, or which protection components should be excluded for each component. I also looked through the mb-check.zip and determined there was a program component in Kaspersky that cannot auto-update and required a new download. I installed that and rebooted. We'll see how long it holds, a reboot usually corrects the problem, but MB seems to switch off randomly, especially if you are logged in as a limited user.

Yup this again. I have latest version of MB and Kaspersky on win10. I haven't seen this error in a long time, but it seems to have reappeared again. Current fix? I'm not too keen on turning on beta updates, as beta updates usually reward me with lost productivity, in opposition to stable builds. mb-check-results.zip