Jump to content

didero

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Since a few days I get sometimes a popup from Malwarebytes that an exploit has been blocked. I am just using Outlook and no suspicious e-mails are there. Any idea? -Logboekdetails- Datum beveiligingsgebeurtenis: 20-10-2020 Tijd beveiligingsgebeurtenis: 15:39 Logbestand: a0240800-12d9-11eb-8faa-54ee750b3b05.json -Software-informatie- Versie: 4.2.1.89 Versie componenten: 1.0.1070 Update pakketversie: 1.0.31676 Licentie: Premium -Systeeminformatie- Besturingssysteem: Windows 10 (Build 18362.1139) Processor: x64 Bestandssysteem: NTFS Gebruiker: System -Details van exploit- Bestand: 0 (Geen kwaadaardige items gedetecteerd) Exploit: 1 Malware.Exploit.Agent.Generic, C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\FLTLDR.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT, Geblokkeerd, 0, 392684, 0.0.0, , -Exploit-gegevens- Getroffen toepassing: Microsoft Outlook Beveiligingslaag: Application Behavior Protection Beveiligingstechniek: Exploit payload process blocked Bestandsnaam: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\FLTLDR.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT URL:
  2. No news? In the meantime I have gone back to the prevoius version of Windows 10 Everything works now as before. Quality Updates prosponed for enough days. Fed up with Windows 10 now.
  3. Sorry does not work. By the way the context menu entry is in Dutch even so I have set the language to English. Probably a remains of version 2? Language is set to English because the Dutch translation messes up the layout.
  4. Ok thanks. Unfortunately doesn't work. Windows Defender, although not active, is blocking Farbar Recovery Scan Tool. New Improved Smart Screen of the Windows Fall Creators Update? Can't go beyond that so I stopped the Windows Defender Service. Started again and the results are in the zip.file mb-check-results.zip
  5. Just did the Windows 10 Fall Creators Update. Some programs don't work anymore and need to be activated or installed again as Microsoft created an extra Recovery partition next to the existing one . In case of Malwarebytes Premium the Context Menu "Scan with Malwarebytes" doesn't work anymore. Removing and re-installing Malwarbytes doesn't solve the problem.
  6. You should install version 13.10 instead of 13 and get the file from official resources: https://www.extendoffice.com/downloads/SetupOfficeTab.exe I have no problems with Office Tab in conjunction with Malwarebytes Premium (just did an extra scan). Most people use the 32-bit version of MS Office (Office 365). So it is safe to delete version UserData64.dat or Zip/Rar it and then delete it: >> C:\Program Files\Office Tab\UserData64.zip <<
  7. Same here, not even with new version 3.1.2.1733 (Premium).
  8. New nice program but layout "Scanning" not optimized for Dutch language (Nederlands) see screenprint.
  9. Hello, Out of the blue I get a message that the Trojan.Startpage.E is found in registry item: Trojan.StartPage.E, HKU\S-1-5-21-3272883411-1201957109-1333608562-1000_Classes\WOW6432NODE\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}, , [05b7284e7624ce68d570f00a47bd659b], Did a full system Virusscan (Eset), and a full scan with two other Anti Malware packages (McAfee Stinger and AdwCleaner). Nothing is found. When I remove/quarantaine the item some of my icons in the System Bar are hidden after system restart. Did the scan with Malwarebytes again just now with the same resultst: Versie: 2.2.1.1043 Malware-database: v2016.09.27.08 Rootkit-database: v2016.09.26.02 Licentie: Premium Malware-bescherming: Ingeschakeld Bescherming tegen kwaadaardige websites: Ingeschakeld Zelfbescherming: Ingeschakeld Besturingssysteem: Windows 10 Processor: x64 Bestandssysteem: NTFS Gebruiker: ASRock i3770K The only thing I can find when searching the registry for {871C5380-42A0-1069-A2EA-08002B30309D} is a reference to Classic Shell which is still working after removal of that registry entry. Could this be a false positive since the Trojan.Startpage.E dates from 2003/2004?
  10. Indeed. Just restored the file from Quarantaine and did a new scan with the latest database. Thank you!
  11. Since the latest detection update of Malwarebytes Anti Malware the UserData64.dat file is recognized as infected with the Malpack trojan. Probably a false positive since that file is used to store preferences from the Office Tab Enterprise - a tabbed interface for MS Office -https://www.extendoffice.com I can safely remove the file because it's for the 64-bit version and I use the 32-bit version of Office Tabs. The file is attached in the zip file. UserData64.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.