Jump to content

scoutt

Honorary Members
  • Posts

    121
  • Joined

  • Last visited

Reputation

4 Neutral

Recent Profile Visitors

1,750 profile views
  1. Thanks Shadowwar WSU.zip
  2. Logs are way to big to send in the forum.
  3. Hi Porthos, we are on Nebula, we don't have a scanning window. These are scheduled hyper scans.
  4. Which log file sUBs, there are a few of them lol
  5. We are getting hammered with the following Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E71CA55D-3A3F-4662-BA87-0B21C5ED5DE3} Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E71CA55D-3A3F-4662-BA87-0B21C5ED5DE3} Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\AppWin\User_Setting_WSUL Malware.AI.3704461979 File Malware Quarantined C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\AppWin\User_Setting_WSUL Malware.AI.3704461979 File Malware Quarantined C:\WINDOWS\SYSTEM32\WSU.EXE Please allow, these are legit Malware.AI is not very smart as these have not changed in years
  6. Thanks guys, just waiting to her back from my service team. It didn't detect on my sample so it might be good.
  7. Can I have this white listed so Malware.AI.4279627738 doesn't hit it anymore? Also for the Business side of things Thanks in advanced Valerus Player.zip
  8. cool thanks for checking.
  9. Does that cover all that I posted or jus the small sample?
  10. We just got hammered on this weeks full scan. A list of what appears to be legit Microsoft Scheduled tasks, here is a small sample. All task that got hit are in the text file. Appears some to be part of the customer experience program, but can't be positive, and some about cleanup on the PC itself. RiskWare.Injector.Generic Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{86158314-60CF-4F3F-85B5-2399327EA496} RiskWare.Injector.Generic Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{86158314-60CF-4F3F-85B5-2399327EA496} RiskWare.Injector.Generic Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange RiskWare.Injector.Generic File Malware Quarantined C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange scheduled tasks.txt
  11. Thank you, haven't see anymore since yesterday
  12. Now it seems that AI is detecting false positives on own software? One would think that you guys would have all your stuff whitelisted already. Malware.AI.3379829119 File Malware Quarantined C:\PROGRAMDATA\MALWAREBYTES DISCOVERY AND DEPLOYMENT\REMOTEPUSH\MBREMOTEEXEC.EXE Malware.AI.3379829119 File Malware Quarantined C:\WINDOWS\MBREMOTEEXEC-4544-{SERIAL}.EXE
  13. lol, I'm not going to do that on 300+ machines. We are on Business Malwarebytes
  14. Hey Shadowwar, its been an hour and we are still getting these as detections
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.