Jump to content

BillH99999

Honorary Members
  • Posts

    837
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by BillH99999

  1. A question on tamper protection.  I just used the Malwarebytes Support tool to uninstall and re-install Malwarebytes.  It was able to uninstall Malwarebytes without asking for the password even though I have Malwarebytes tamper protection set to require a password for uninstallation.

    Should this be possible?  I thought the tamper protection setting should require a password before the uninstall took place.

    Bill

  2. I am getting a false positive on SPFLite 2 again.  This was reported and fixed back in July, but has returned.

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 9/10/21
    Scan Time: 12:01 AM
    Log File: dab5073c-1204-11ec-a832-b88584a6ed27.json

    -Software Information-
    Version: 4.4.6.132
    Components Version: 1.0.1453
    Update Package Version: 1.0.44787
    License: Premium

    -System Information-
    OS: Windows 10 (Build 19043.1165)
    CPU: x64
    File System: NTFS
    User: System

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Scheduler
    Result: Completed
    Objects Scanned: 359703
    Threats Detected: 1
    Threats Quarantined: 0
    Time Elapsed: 4 min, 39 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Warn

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 1
    MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\SPFLITE2\CFGMAINT.EXE, No Action By User, 0, 392687, 1.0.44787, , shuriken, , C9051A8048FF21A1A03F4C3E4DB0E0C8, 1517315B1BDD72091CB41EFDD1603AD9CBFFE83D35A2CC50F6253639D0B2D5A6

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

  3. I agree.  The position of the toggle was confusing.  I also thought at first that it was enabling RDP rather than enabling BFP.  I did go ahead and enable it after watching the video about BFP.

    I think it would be a lot clearer if the toggle was next to BFP rather than next to RDP.

    Bill

     

    • Like 2
  4. I guess I still don't understand.  I thought it was only detected because I had "Use expert system algorithms to identify malicious files" enabled.  Why would the database version make any difference - or- does this option rely on the database for it's detections?

    Bill

  5. 2 hours ago, Porthos said:

    Malwarebytes is also designed to look in all the locations where malware is known to install itself/hide, so a full or custom scan shouldn't be necessary, especially on any sort of frequent basis (like daily), especially since the default Threat Scan/Quick Scan checks all loading points/startup locations, the registry, all running processes and threads in memory, along with all system folders, program folders and data folders as well as any installed browsers, caches and temp locations. 

    I guess that was my question.  If it is supposed to check all program folders, then why didn't the threat scan detect it?  If was in a subfolder of Program Files (x86).  The custom scan did detect it.

    Bill

  6. Thank for the info. 

    I have run the program that this is part of on numerous occasions without getting anything detected even though the custom scan detected it.  I guess this means the program didn't execute this particular .DLL.  I think I'll keep running my custom scan as it did detect it.

    Thanks,

    Bill

  7. I would have thought that C:\PROGRAM FILES (X86) and it's subdirectories would have been "malware related areas".  Is that not the case?  Is there a list somewhere of what areas the threat scan looks at?

    I have seen on these boards many times that custom scans are not needed and that threat scan are sufficient.  This would seem to refute that idea.

    Bill

  8. @Porthos

    That setting was turned on.  I don't remember ever turning it on, but maybe I did and just don't remember.  I turned it off.

    How about "Use artificial intelligence to detect threats"?  I don't remember turning that on either.  Is it on by default?  Should I leave it on?

    Another question.  Why was this detected in a scheduled custom scan, but not in a scheduled threat scan or a user initiated threat scan?

    Thanks,
    Bill

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.