Jump to content

AlexSmith

Administrators
  • Content Count

    1,116
  • Joined

  • Last visited

  • Days Won

    14

6 Followers

About AlexSmith

  • Rank
    Staff
  • Birthday 08/11/1981

Contact Methods

  • Website URL
    https://www.malwarebytes.com/techbench

Profile Information

  • Location
    Minnesota
  • Interests
    Windows, malware, technicians, and video games

Recent Profile Visitors

4,452 profile views
  1. Pretty much this. For example, what you can do from an offline environment is manually provide the WU package file (generally a *.cab file) and apply to the offline OS installation using DISM.
  2. Thanks!! We are working on something, but can't share any details yet. As @exile360 mentioned, there are several challenges to overcome to make something happen in this space. Linux and WINE just can't suffice in fully remediating and repairing an Offline Windows OS, especially more recent versions of Windows. It would require putting together something custom that just doesn't make a lot of development sense since you can get a lot of this with using Windows PE. But as @exile360 mentioned, Windows PE is a bear to work with from a legal standpoint. No matter what, you'll likely see something from this front within the next year. Interesting find and thanks for sharing!! A couple of us on the Malwarebytes Toolset team have in-depth knowledge on Windows Update and development experience with using the Windows Update API specifically for obtaining, caching, and installing Windows Updates. Looks like this is simply redoing the work of the Windows Update Mini-Tool but open source and in .NET. So it does have some positives and could be useful in developing something. From a Rescue Disc or Offline standpoint though, this application or anything similar built off the default Windows Update API would not work. From a high level, It doesn't understand how to interact with an offline install of Windows which means you can not use it to identify or apply the updates to a Windows installation that isn't currently running. With that being said, managing of Windows Updates on an offline install of Windows is a capability of the greater Windows Component Based Servicing (CBS) architecture and the Deployment and Image Servicing Management (DISM) API. You can install, uninstall, and get a list of installed packages (updates and drivers) using the DISM API, but it cannot do a detect for missing or new updates to download and install. Plus, Microsoft provides DISM.exe (Command Prompt - included in Windows PE by default) and DISM cmdlets (PowerShell - optional Windows PE component) with Windows itself.
  3. AlexSmith

    Thanks Malwarebytes team!

    @Piriyah we are humbled by your experience and appreciate your kind words. And echoing @LDTate, thank you for choosing Malwarebytes!!
  4. AlexSmith

    Standalone Issue Scanner

    Glad to hear you like what you have read about the Malwarebytes Issues Scanner. It's a powerful tool in the right hands and can make the life of a technician easier. Right now, it's an exclusive component of the Malwarebytes Toolset which is available as part of the Malwarebytes Techbench Advanced program for Technicians. Honestly, it is designed to be used by a technical user that is used to diagnosing and repairing PCs. With that being said, in the future you may see the Malwarebytes Toolset or components of it like the Malwarebytes Issue Scanner become accessible in other products and/or channels of ours that cater towards a more technical user.
  5. I have removed them per your request. In the future, I recommend you directly message a moderator or admin for help like this. Locking thread as request has been fulfilled.
  6. Hi @Fixer!! You now have access to that forum as a Techbench member.
  7. @mahonr this was a false positive from a database update earlier today. All you need to do is update to the latest database to fix this. Open Malwarebytes and on the right hand side of the Dashboard select the link next to Updates (link may say Current). That will force a database update to resolve this issue.
  8. Topic has been reopened per request. Thanks
  9. @andis59 thank you for the details!! That really helps a lot. Anyways, those are files processed by our heuristic machine learning engine.
  10. @andis59 can you post a log file or scan report from Avira? This looks like it's a false positive of some of our files that use a GUID for the filename, but seeing their logs/reports would help to be sure on that.
  11. That's really strange. I will take a look at the logs and try to see what happened. In the meantime, I have placed the image in your post that you had issues with.
  12. AlexSmith

    Forum Slow and Errors

    Thanks for posting this. We saw it too but It seems to have fixed itself already.
  13. @OutOfMyDepth I am sorry to hear you had issues getting support. I have messaged our team of helpers to get you some assistance.
  14. AlexSmith

    'invisible image' viruses

    Okay, we can look in to them when you get back. I know last time we asked for logs in June your PC was not available for a few days too. Odd coincidence I am sure, so please make sure to follow up so we can help you. So can you see their PC? Do you think you know who the attacker is?
  15. AlexSmith

    'invisible image' viruses

    Wow. That doesn't sound good at all. So are you watching this happen in real time when they do this? Where are they copying the files to? What kinds of files are being stolen? Any chance you can get me some logs on the PC this is happening on? Gather Logs with the Malwarebytes Support Tool Download the Malwarebytes Support Tool from here: https://downloads.malwarebytes.com/file/mbst Locate the executable file "mb-support-x.x.x.xxx.exe" and double-click to launch the application. Place a check mark next to Accept License Agreement by clicking the box then click Next. Click Advanced Options then click Gather Logs Wait for the gathering process to complete (which will place mbst-grab-results.zip on your Desktop) then click OK to close Attach the mbst-grab-results.zip on your desktop to your reply.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.