False positive report. We use a product called Copitrak for managing printer usage, and routing of scans to a local folder. One of the files is a process monitor (lrprocmon.exe) which is attached. Ran it through a few other scans, all seems fine.
It quarantined the file and asked me to reboot. I rebooted and then it came up again because apparently we have a script running that pushes those files to a folder on the local drive every time you boot. Asked me to reboot again. After that I was going to perform an exclusion but then I noticed the protection was disabled and I couldn't enable it any further, much like the previous 3 or 4 posts from yesterday. Tried starting the program, rebooting the computer, nothing. Tried adding the exclusion anyway and it allowed me to pick the file but it never showed up in the list.
I come in today and boot up the machine and all is well. The app is enabled and protected. I was then able to add the file to the exclusion list.
Malwarebytes Anti-Ransomware.zip
logs.zip
LtProcMon.zip