Jump to content

amicone

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Everything posted by amicone

  1. Sure here's that as well. The upgrade seems to 22H2 seems to work normally now as well. SecurityCheck.txt
  2. Thanks! Here are the results. Looks pretty clean. Fixlog.txt
  3. Not a lot to write home about from the full-scan, what we already saw. I think these may just be MSI's Killer Optimizer turning off useful things in the name of performance because nothing else was detected but the registry key override. Other thoughts for next actions? msert.log
  4. Yep, the absence of system restore was a little weird. That's the first thing I noted when looking at it. Some tips for cleanup would be most welcome.
  5. Hello, when I installed the last feature update for Windows 11, it quickly became unusable; everything slowed to a crawl. Getting into process explorer reveled that Malwarebytes was quickly eating up all available memory, causing the system memory to page. Removing the windows feature update fixed the problem. Do we have any idea what might have caused this and if there's a fix? Should I disable Windows update for a while or take some other action?
  6. Running latest office 365 PowerPoint update, this is 100% repeatable: Open a "slide with content" and choose a graph as the content. Use the edit data item on the graph. When the chromeless excel window opens with some sample data, attempt to edit a line. Malwarebytes kills Powerpoint for Office WMI abuse. I know I can just turn off Office WMI support or turn off malware protection temporarily, but turning off security to perform routine computing tasks is something I try to avoid.
  7. Got this after a scan this morning, but these look like OS components, most likely from the windows customer experience program and/or the P2P file sharing feature for updating windows patches from local machines. After update still listed as RiskWare.Injector.Generic. I'm thinking false Heuristic match? There's 47 of these. 20210519Report.txt
  8. This is strange, the Evernote uninstaller was just flagged as malware by the AI, so I've quarantined it, but I have no idea how one might determine if this is just a false positive or an actual exploit (or why it flagged it now, after I've been running it for years). Evernote Malware.txt
  9. Turning off rootkit scan might work, but considering MB seems to automatically turn off its rootkit scan when it is on the same machine as Kaspersky, I'm thinking that would leave me without rootkit protection. Is the idea to turn it off in Kaspersky and then on in MB? I think I'll start with the exclusions, but there doesn't seem to be enough information there, as exclusions require a few parameters to work correctly: So that gives me the name of the files to put in as the exclusion, but not the object name, mask, or which protection components should be excluded for each component. I also looked through the mb-check.zip and determined there was a program component in Kaspersky that cannot auto-update and required a new download. I installed that and rebooted. We'll see how long it holds, a reboot usually corrects the problem, but MB seems to switch off randomly, especially if you are logged in as a limited user.
  10. Yup this again. I have latest version of MB and Kaspersky on win10. I haven't seen this error in a long time, but it seems to have reappeared again. Current fix? I'm not too keen on turning on beta updates, as beta updates usually reward me with lost productivity, in opposition to stable builds. mb-check-results.zip
  11. Ahh, I see I got merged, two questions then: How stable is 1.08? I don't generally run beta software because there isn't enough hours in a day, plus I figure I'm not losing anything and it will get fixed eventually. I know the marketing folks at Kaspersky consider me one of their product evangelists, and I was noticing part of the issue was a lack of response from Kaspersky.I might have some influence with them, so I am going to write them to basically say "you are infosec guys, so you know layering is a good thing, malware gets more sophisticated, so I'm advocating for desktop layering as well, why don't you support these people better and help me help you." Anything specific that I might add that would make their marketing folks say "maybe I should talk to the tech manager."
  12. Also, mbae-test works as expected. Renaming mbae-test to chrome and turning the shield back on works as expected.
  13. MBAE Premium on Windows 10. Also running Kaspersky 2016 and MBAM. Problem: Chrome will not launch, MBAE says "I am protecting chrome" and that's it, chrome exits silently at that point. It does not show up in the task scheduler. Nothing. No error dialogues. Things I Tried: Uninstall MBAE/MBAM, reboot, download latest, turn off all applications, turn off protection, reinstall MBAE. Uninstall Chrome, download latest, MBAE, MBAM, reboot, reinstall all. Starting chrome in incognito mode. Starting chrome with extensions disabled.No Joy. This is what I do notice: Turn on MBAE protection, everything works but chrome. Turn off MBAE protection, everything works including chrome. Turn on MBAE, explicitly deactivate chrome shield, chrome works.So obviously this is sub-optimal because my main browser is chrome. The event viewer is similarly unhelpful, indicating that chrome failed in an unknown module: Log Name: ApplicationSource: Application ErrorDate: 10/6/2015 7:59:03 PMEvent ID: 1000Task Category: (100)Level: ErrorKeywords: ClassicUser: N/AComputer: Andy-DesktopDescription:Faulting application name: chrome.exe, version: 45.0.2454.101, time stamp: 0x56034380Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000Exception code: 0xc0000005Fault offset: 0x017f6074Faulting process id: 0xab0Faulting application start time: 0x01d100a3bdc6f88dFaulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exeFaulting module path: unknownReport Id: d31dd8e1-bb0a-435d-a5fe-c6e9b75d2aa2Faulting package full name: Faulting package-relative application ID:
  14. Re-scan with updated database with no flags on Kaspersky installer. Seems to be fixed now, thanks.
  15. I think this might be a false positive. I was installing Kaspersky on a new machine, followed by MBAM. MBAM immediately flagged the Kaspersky installer as containing the zbot trojan. I followed the suggested procedure that I read here: 1) remove old MBAM. 2) Install Kaspersky. 3) Turn off protection on Kaspersky. 4) Install MBAM. The file comes from Kaspersky labs, so unless I've got a case of DNS cache poisoning, this should be the real deal. The file is signed and the signature on the file seems to check out. I checked the Kaspersky forum, I'm not the first to notice this, but the response from their staff is always a curt "Please report MBAM's false positives to MalwareBytes." Files generated and attached as requested in the sticky note at the top of the forum. kasperskyZbot.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.