Jump to content

Sitedrifter

Honorary Members
  • Posts

    46
  • Joined

  • Last visited

Posts posted by Sitedrifter

  1. I have tracked it down to Malwarebytes causing my brand new PC running Windows 10 Pro to freeze resuming from sleep mode.

    This only happened after upgrading to Windows 10 Pro build 2004 which is the latest.

    I disable all MB modules and sleep works fine. I turned on each module one at a time to determine where it would hang.

    Sure enough when I enabled Ransomware Protection is when sleep resuming caused my PC to freeze and had to hard reboot.

    I turn Ransomware Protection off and sleep works perfect but as soon as I turn it on it breaks sleep mode.

    I uninstalled MB and did a clean install but get the same results.

    Anyone of any ideas or seen this problem before with hopefully a fix?

     

    Thanks

  2. Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 7/30/19
    Protection Event Time: 7:26 PM
    Log File: 7f1e737a-b321-11e9-b2a6-0492263ec4e9.json

    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.613
    Update Package Version: 1.0.11788
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.267)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Website Details-
    Malicious Website: 1
    , , Blocked, [-1], [-1],0.0.0

    -Website Data-
    Category: Malware
    Domain: id.google.com
    IP Address: 216.58.221.195
    Port: [50420]
    Type: Outbound
    File: D:\Mozilla Firefox\firefox.exe

     

    (end)

  3. Another one

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 7/30/19
    Protection Event Time: 7:29 PM
    Log File: e4cbc100-b321-11e9-84b3-0492263ec4e9.json

    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.613
    Update Package Version: 1.0.11788
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.267)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Website Details-
    Malicious Website: 1
    , , Blocked, [-1], [-1],0.0.0

    -Website Data-
    Category: Malware
    Domain: settings-win.data.microsoft.com
    IP Address: 20.36.218.63
    Port: [64740]
    Type: Outbound
    File:

     

    (end)

  4. This seems to be built in windows program trying to access microsoft and I got three errors (see below)

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 7/30/19
    Protection Event Time: 7:28 PM
    Log File: c1ed70c0-b321-11e9-840d-0492263ec4e9.json

    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.613
    Update Package Version: 1.0.11788
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.267)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Website Details-
    Malicious Website: 1
    , , Blocked, [-1], [-1],0.0.0

    -Website Data-
    Category: Malware
    Domain: watson.telemetry.microsoft.com
    IP Address: 51.143.111.7
    Port: [64687]
    Type: Outbound
    File: C:\Windows\System32\wermgr.exe

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 7/30/19
    Protection Event Time: 7:28 PM
    Log File: c1ed70c0-b321-11e9-840d-0492263ec4e9.json

    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.613
    Update Package Version: 1.0.11788
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.267)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Website Details-
    Malicious Website: 1
    , , Blocked, [-1], [-1],0.0.0

    -Website Data-
    Category: Malware
    Domain: watson.telemetry.microsoft.com
    IP Address: 51.143.111.7
    Port: [64687]
    Type: Outbound
    File: C:\Windows\System32\wermgr.exe

     

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 7/30/19
    Protection Event Time: 7:28 PM
    Log File: c1ed70c0-b321-11e9-840d-0492263ec4e9.json

    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.613
    Update Package Version: 1.0.11788
    License: Premium

    -System Information-
    OS: Windows 10 (Build 18362.267)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Website Details-
    Malicious Website: 1
    , , Blocked, [-1], [-1],0.0.0

    -Website Data-
    Category: Malware
    Domain: watson.telemetry.microsoft.com
    IP Address: 51.143.111.7
    Port: [64687]
    Type: Outbound
    File: C:\Windows\System32\wermgr.exe

    I am not sure Malwarebytes has this correct. Please advise.

  5. Please help me determine if this is a false positive? Malwarebytes always has issues with this program (for years) but I need to be positive.

    Malwarebytes did something to the file as I cannot attach it, delete it, move it etc.

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 5/12/19
    Protection Event Time: 10:04 AM
    Log File: de2b0a82-74be-11e9-aee2-c07cd1fbefdf.json

    -Software Information-
    Version: 3.7.1.2839
    Components Version: 1.0.586
    Update Package Version: 1.0.10568
    License: Premium

    -System Information-
    OS: Windows 10 (Build 17763.475)
    CPU: x64
    File System: NTFS
    User: System

    -Ransomware Details-
    File: 3
    Malware.Ransom.Agent.Generic, C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Peace.lnk, Blocked, [0], [392685],0.0.0
    Malware.Ransom.Agent.Generic, C:\EQUALI~1\config\Peace.exe, Blocked, [0], [392685],0.0.0
    Malware.Ransom.Agent.Generic, C:\EqualizerAPO\config\Peace.exe, Blocked, [0], [392685],0.0.0


    (end)

  6. Same issue

     

    1. I removed the file from quarantine

    2. I quit malwarebytes

    3/. I deleted the Hubble file

    4. restarted Malwarebytes

    5. Executed the program PEACE and got the same thing (see below)

     

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 5/3/19
    Protection Event Time: 9:00 AM
    Log File: 7044efd2-6da3-11e9-bead-c07cd1fbefdf.json

    -Software Information-
    Version: 3.7.1.2839
    Components Version: 1.0.586
    Update Package Version: 1.0.10446
    License: Premium

    -System Information-
    OS: Windows 10 (Build 17763.437)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Malware Details-
    File: 1
    Generic.Malware/Suspicious, C:\EqualizerAPO\config\Peace.exe, Quarantined, [0], [392686],1.0.10446


    (end)

  7. The audio equalizer I use called PEACE was detected as malware today after upgrading to the latest version.

     

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 5/3/19
    Protection Event Time: 6:04 AM
    Log File: d5a12ea4-6d8a-11e9-8a05-c07cd1fbefdf.json

    -Software Information-
    Version: 3.7.1.2839
    Components Version: 1.0.563
    Update Package Version: 1.0.10442
    License: Premium

    -System Information-
    OS: Windows 10 (Build 17763.437)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Malware Details-
    File: 1
    Generic.Malware/Suspicious, C:\EqualizerAPO\config\Peace.exe, Quarantined, [0], [392686],1.0.10442


    (end)

     

    https://sourceforge.net/projects/peace-equalizer-apo-extension/

     

    I hope this is a false positive.

     

     

    Thanks

    PeaceSetup.zip

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.