SimonKravis

I have Malwarebytes 3.5.1 (Premium) installed on Win 10. Often after startup the disk usage goes to 100% and freezes. I can't use Task Manager to determine what is causing the usage but after reboot freeze and thaw I notice that MBAMService has clocked a large number of I/O reads and writes. Sometimes the freezes occur some time after startup.

Requested files attached Malwarebytes Anti-Ransomware.zip LaunchFindAlike.zip logs.zip

This not a false positive - the file has been added as an exclusion, but is still treated as malware by stopping execution but no file is placed in quarantine

Problem 1 : MB Anti Ransomware stops a locally developed executable as ransomware even though it has been added to the exclusion list. Problem 2: No file is placed in quarantine after the executable has been stopped.

The decrypting program TeslaDecoder.exe ( see http://www.bleepingcomputer.com/forums/t/576600/tesladecoder-released-to-decrypt-exx-ezz-ecc-files-encrypted-by-teslacrypt/) is detected as ransomware when it is run to decrypt TeslaCrypt files.After I added the executable to exceptions (after rebooting) it was still detected as ransomware and deleted. Zips attached as requested. TeslaDecoder.zip Malwarebytes Anti-Ransomware.zip logs.zip

Having discovered that TeslaCrypt has made its master decode key available 6 days ago and decrypting using this key has been wrapped into a free application called TeslaDecoder.exe ( see http://www.bleepingcomputer.com/news/security/teslacrypt-shuts-down-and-releases-master-decryption-key/) I ran this on the infected computer with MBARW installed and saw that it was detected as malware and had supposedly been moved to quarantine, but the quarantine display did not show it and the TeslaDecoder.exe remained in the directory to which it had been copied.