Jump to content

scoutt

Honorary Members
  • Posts

    127
  • Joined

  • Last visited

Posts posted by scoutt

  1. We are getting hammered with the following

    Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E71CA55D-3A3F-4662-BA87-0B21C5ED5DE3}
    Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E71CA55D-3A3F-4662-BA87-0B21C5ED5DE3}
    Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\AppWin\User_Setting_WSUL
    Malware.AI.3704461979 File Malware Quarantined C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\AppWin\User_Setting_WSUL
    Malware.AI.3704461979 File Malware Quarantined

    C:\WINDOWS\SYSTEM32\WSU.EXE

    Please allow, these are legit

     

    Malware.AI is not very smart as these have not changed in years

     

  2. We just got hammered on this weeks full scan. A list of what appears to be legit Microsoft Scheduled tasks, here is a small sample. All task that got hit are in the text file. Appears some to be part of the customer experience program, but can't be positive, and some about cleanup on the PC itself.

     

    RiskWare.Injector.Generic

    Reg, Key

    Malware

    Quarantined

    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{86158314-60CF-4F3F-85B5-2399327EA496}

    RiskWare.Injector.Generic

    Reg, Key

    Malware

    Quarantined

    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{86158314-60CF-4F3F-85B5-2399327EA496}

    RiskWare.Injector.Generic

    Reg, Key

    Malware

    Quarantined

    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange

    RiskWare.Injector.Generic

    File

    Malware

    Quarantined

    C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange

    scheduled tasks.txt

  3. Now it seems that AI is detecting false positives on own software? One would think that you guys would have all your stuff whitelisted already.

    Malware.AI.3379829119 File Malware Quarantined C:\PROGRAMDATA\MALWAREBYTES DISCOVERY AND DEPLOYMENT\REMOTEPUSH\MBREMOTEEXEC.EXE

    Malware.AI.3379829119 

    File 

    Malware 

    Quarantined 

    C:\WINDOWS\MBREMOTEEXEC-4544-{SERIAL}.EXE

     

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.