Jump to content

BrandonIT

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Just adding my report here as well. Having the same issue, tons of website blocking from all kinds of apps: 1/27/2018 10:19:14 AM Blocked web site Type: outgoing, Port: 59480, Process: chrome.exe 172.217.11.142 1/27/2018 8:19:24 PM Blocked web site Type: outgoing, Port: 57917, Process: dropbox.exe 162.125.34.6 1/27/2018 4:33:07 PM Blocked web site Type: outgoing, Port: 64993, Process: spoolsv.exe 172.16.12.202 We're using an on-premise server for Malwarebytes for Business.
  2. After updating to 2016.04.24-01 on my machines, the passive scans and two full scans have shown no recurrence of the Trojan.Crokow detections. Thanks for your time and prompt attention in this matter! It appears I can now stand down our response team.
  3. Thank you Filipos! I am logged into the Management Console and pushing the updated definition file to my clients. I will let you know what happens from a machine with active detections. Brandon Paulk Senior Systems Engineer
  4. We began detecting "Trojan.Corkow" on a file "KMSVC.DLL" on many machines. The detections are continuing over the last 3 hours. I am checking update times on the definitions on the individual clients.
  5. I am also seeing this false detection on multiple machines this morning: - Managed Client Version - 1.5.0.2701 - AntiMalware Engine - 1.75.0.1300 - Database Version - v2015.07.23.02 And yes, if you reboot after the detection the machine will blue-screen. We are attempting a Windows Repair install using a Windows CD to prevent loss of data. Will post our results.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.