didero
Members-
Posts
13 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Since a few days I get sometimes a popup from Malwarebytes that an exploit has been blocked. I am just using Outlook and no suspicious e-mails are there. Any idea? -Logboekdetails- Datum beveiligingsgebeurtenis: 20-10-2020 Tijd beveiligingsgebeurtenis: 15:39 Logbestand: a0240800-12d9-11eb-8faa-54ee750b3b05.json -Software-informatie- Versie: 4.2.1.89 Versie componenten: 1.0.1070 Update pakketversie: 1.0.31676 Licentie: Premium -Systeeminformatie- Besturingssysteem: Windows 10 (Build 18362.1139) Processor: x64 Bestandssysteem: NTFS Gebruiker: System -Details van exploit- Bestand: 0 (Geen kwaadaardige items gedetecteerd) Exploit: 1 Malware.Exploit.Agent.Generic, C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\FLTLDR.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT, Geblokkeerd, 0, 392684, 0.0.0, , -Exploit-gegevens- Getroffen toepassing: Microsoft Outlook Beveiligingslaag: Application Behavior Protection Beveiligingstechniek: Exploit payload process blocked Bestandsnaam: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\FLTLDR.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT URL:
-
Ok thanks. Unfortunately doesn't work. Windows Defender, although not active, is blocking Farbar Recovery Scan Tool. New Improved Smart Screen of the Windows Fall Creators Update? Can't go beyond that so I stopped the Windows Defender Service. Started again and the results are in the zip.file mb-check-results.zip
-
Just did the Windows 10 Fall Creators Update. Some programs don't work anymore and need to be activated or installed again as Microsoft created an extra Recovery partition next to the existing one . In case of Malwarebytes Premium the Context Menu "Scan with Malwarebytes" doesn't work anymore. Removing and re-installing Malwarbytes doesn't solve the problem.
-
False Positive in UserData64.dat - Office Tabs Enterprise 11.00
didero replied to didero's topic in File Detections
You should install version 13.10 instead of 13 and get the file from official resources: https://www.extendoffice.com/downloads/SetupOfficeTab.exe I have no problems with Office Tab in conjunction with Malwarebytes Premium (just did an extra scan). Most people use the 32-bit version of MS Office (Office 365). So it is safe to delete version UserData64.dat or Zip/Rar it and then delete it: >> C:\Program Files\Office Tab\UserData64.zip <<- 5 replies
-
- false positive
- office tabs
-
(and 1 more)
Tagged with:
-
Web Protection won't turn on
didero replied to langshipley's topic in Malwarebytes for Windows Support Forum
Same here, not even with new version 3.1.2.1733 (Premium). -
New nice program but layout "Scanning" not optimized for Dutch language (Nederlands) see screenprint.
-
Ok thank you. It's fixed
-
Hello, Out of the blue I get a message that the Trojan.Startpage.E is found in registry item: Trojan.StartPage.E, HKU\S-1-5-21-3272883411-1201957109-1333608562-1000_Classes\WOW6432NODE\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}, , [05b7284e7624ce68d570f00a47bd659b], Did a full system Virusscan (Eset), and a full scan with two other Anti Malware packages (McAfee Stinger and AdwCleaner). Nothing is found. When I remove/quarantaine the item some of my icons in the System Bar are hidden after system restart. Did the scan with Malwarebytes again just now with the same resultst: Versie: 2.2.1.1043 Malware-database: v2016.09.27.08 Rootkit-database: v2016.09.26.02 Licentie: Premium Malware-bescherming: Ingeschakeld Bescherming tegen kwaadaardige websites: Ingeschakeld Zelfbescherming: Ingeschakeld Besturingssysteem: Windows 10 Processor: x64 Bestandssysteem: NTFS Gebruiker: ASRock i3770K The only thing I can find when searching the registry for {871C5380-42A0-1069-A2EA-08002B30309D} is a reference to Classic Shell which is still working after removal of that registry entry. Could this be a false positive since the Trojan.Startpage.E dates from 2003/2004?
-
False Positive in UserData64.dat - Office Tabs Enterprise 11.00
didero replied to didero's topic in File Detections
Indeed. Just restored the file from Quarantaine and did a new scan with the latest database. Thank you!- 5 replies
-
- false positive
- office tabs
-
(and 1 more)
Tagged with:
-
Since the latest detection update of Malwarebytes Anti Malware the UserData64.dat file is recognized as infected with the Malpack trojan. Probably a false positive since that file is used to store preferences from the Office Tab Enterprise - a tabbed interface for MS Office -https://www.extendoffice.com I can safely remove the file because it's for the 64-bit version and I use the 32-bit version of Office Tabs. The file is attached in the zip file. UserData64.zip
- 5 replies
-
- false positive
- office tabs
-
(and 1 more)
Tagged with: