Sitedrifter
-
Posts
46 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Sitedrifter
-
-
I added MWB today on my PC and immediately updated to the BETA which gave me the fixed version. The PC wakes up without issue now!!!
Thank you everyone!
-
Do I need to install MWB to get the report using the tool?
I would rather not install it until the fix is in.
-
Doing some hardcore searching on this problem there seems to be a multitude of PCs with different hardware (CPU, Ram, Video adapter, hard disk) that are affected.
Is there anything I can do such as providing logs to help MB figure this out?
-
Thanks for the information. Does anyone know if you install MalwareBytes AFTER upgrading to 2004 if the issue happens?
I did a clean install of Windows and have not installed MB yet. I may try it and post the results.
-
I have tracked it down to Malwarebytes causing my brand new PC running Windows 10 Pro to freeze resuming from sleep mode.
This only happened after upgrading to Windows 10 Pro build 2004 which is the latest.
I disable all MB modules and sleep works fine. I turned on each module one at a time to determine where it would hang.
Sure enough when I enabled Ransomware Protection is when sleep resuming caused my PC to freeze and had to hard reboot.
I turn Ransomware Protection off and sleep works perfect but as soon as I turn it on it breaks sleep mode.
I uninstalled MB and did a clean install but get the same results.
Anyone of any ideas or seen this problem before with hopefully a fix?
Thanks
-
My MWB just updated to version 3.8.3.2965 keeping fingers crossed
-
Is it really blocking? I keep getting warnings but I cannot find in MWB where to unblock the sites.
-
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 7/30/19
Protection Event Time: 7:26 PM
Log File: 7f1e737a-b321-11e9-b2a6-0492263ec4e9.json-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11788
License: Premium-System Information-
OS: Windows 10 (Build 18362.267)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Category: Malware
Domain: id.google.com
IP Address: 216.58.221.195
Port: [50420]
Type: Outbound
File: D:\Mozilla Firefox\firefox.exe(end)
-
Another one
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 7/30/19
Protection Event Time: 7:29 PM
Log File: e4cbc100-b321-11e9-84b3-0492263ec4e9.json-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11788
License: Premium-System Information-
OS: Windows 10 (Build 18362.267)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Category: Malware
Domain: settings-win.data.microsoft.com
IP Address: 20.36.218.63
Port: [64740]
Type: Outbound
File:(end)
-
This seems to be built in windows program trying to access microsoft and I got three errors (see below)
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 7/30/19
Protection Event Time: 7:28 PM
Log File: c1ed70c0-b321-11e9-840d-0492263ec4e9.json-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11788
License: Premium-System Information-
OS: Windows 10 (Build 18362.267)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Category: Malware
Domain: watson.telemetry.microsoft.com
IP Address: 51.143.111.7
Port: [64687]
Type: Outbound
File: C:\Windows\System32\wermgr.exeMalwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 7/30/19
Protection Event Time: 7:28 PM
Log File: c1ed70c0-b321-11e9-840d-0492263ec4e9.json-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11788
License: Premium-System Information-
OS: Windows 10 (Build 18362.267)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Category: Malware
Domain: watson.telemetry.microsoft.com
IP Address: 51.143.111.7
Port: [64687]
Type: Outbound
File: C:\Windows\System32\wermgr.exeMalwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 7/30/19
Protection Event Time: 7:28 PM
Log File: c1ed70c0-b321-11e9-840d-0492263ec4e9.json-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11788
License: Premium-System Information-
OS: Windows 10 (Build 18362.267)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Category: Malware
Domain: watson.telemetry.microsoft.com
IP Address: 51.143.111.7
Port: [64687]
Type: Outbound
File: C:\Windows\System32\wermgr.exeI am not sure Malwarebytes has this correct. Please advise.
-
Hi
If you can scan https://www.monmouthcountyspca.org/ and if it is a false positive, could you please unblock it?
I have attached my MB log. Also, VirusTotal says the site is clean.
-
Seems clean there? Can the website in question be checked and if possible, the false positive be fixed?
Thanks
Site
-
I tried going to https://www.blackstaramps.com/ and MB blocks it. I hope it is not compromised with malware and that it is a false positive. Please let me know.
Attached is the output of the report.
-
Please help me determine if this is a false positive? Malwarebytes always has issues with this program (for years) but I need to be positive.
Malwarebytes did something to the file as I cannot attach it, delete it, move it etc.
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 5/12/19
Protection Event Time: 10:04 AM
Log File: de2b0a82-74be-11e9-aee2-c07cd1fbefdf.json-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.10568
License: Premium-System Information-
OS: Windows 10 (Build 17763.475)
CPU: x64
File System: NTFS
User: System-Ransomware Details-
File: 3
Malware.Ransom.Agent.Generic, C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Peace.lnk, Blocked, [0], [392685],0.0.0
Malware.Ransom.Agent.Generic, C:\EQUALI~1\config\Peace.exe, Blocked, [0], [392685],0.0.0
Malware.Ransom.Agent.Generic, C:\EqualizerAPO\config\Peace.exe, Blocked, [0], [392685],0.0.0
(end) -
Things are looking up 😀
-
Just got a response from support. I have one new license now but they need to get me a second one so I am waiting on that.
-
This is starting to become a real annoyance. I know that is not helpful but it does reflect my dissatisfaction on how long this is taking to get revolved.
-
Looks good this time..
Thank you
-
here is the actual executable that I launch and get the quarantine issue..
-
Same issue
1. I removed the file from quarantine
2. I quit malwarebytes
3/. I deleted the Hubble file
4. restarted Malwarebytes
5. Executed the program PEACE and got the same thing (see below)
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 5/3/19
Protection Event Time: 9:00 AM
Log File: 7044efd2-6da3-11e9-bead-c07cd1fbefdf.json-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.10446
License: Premium-System Information-
OS: Windows 10 (Build 17763.437)
CPU: x64
File System: NTFS
User: System-Blocked Malware Details-
File: 1
Generic.Malware/Suspicious, C:\EqualizerAPO\config\Peace.exe, Quarantined, [0], [392686],1.0.10446
(end) -
I updated Malwarebytes and i am still getting the quarantine when i launch the program.
-
QuoteQuote
thank you very much!!
-
The audio equalizer I use called PEACE was detected as malware today after upgrading to the latest version.
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 5/3/19
Protection Event Time: 6:04 AM
Log File: d5a12ea4-6d8a-11e9-8a05-c07cd1fbefdf.json-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.10442
License: Premium-System Information-
OS: Windows 10 (Build 17763.437)
CPU: x64
File System: NTFS
User: System-Blocked Malware Details-
File: 1
Generic.Malware/Suspicious, C:\EqualizerAPO\config\Peace.exe, Quarantined, [0], [392686],1.0.10442
(end)https://sourceforge.net/projects/peace-equalizer-apo-extension/
I hope this is a false positive.
Thanks
-
OK, I am standing by!
Thanks
Note Pad ++ file flagged as a scam
in File Detections
Posted
MB is flagging the following file as a scam. Not sure why as it is a legit program that does not contain pups or scam content
https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v7.9.2/npp.7.9.2.Installer.x64.exe
Can this be double checked and if clear, please update MB to allow this website/file
Thanks
npp.7.9.2.Installer.x64.zip