advancedcompute

In update to the ScreenConnect update all our current effected windows 7 clients are using: ScreenConnect checked your version against the latest version to see if you are up to date. If you are not up to date, ScreenConnect checked to see whether your license permits you to upgrade. Your Version: 24.1.7.8892

Oddly enough we traced this out to the same end. As our own windows 7 pro system accesses Screen Connect host but does not run the client. However we also disabled Microsoft Windows defender years ago and use Malwarebytes exclusively. We were not effected. We have checked all effected systems and found that Microsoft had updated it's Microsoft Windows defender signatures just before this issue appeared. Is it possible the two are linked? See the attached excerpt from Connect Wise. We were unable to remove the Microsoft Windows defender signatures up to the fail date to test this. But if the Microsoft Windows defender signatures update wrongfully blocked the "Authentication package" then the two maybe linked to this problem. Windows server does run Microsoft Windows defender. We do not have any windows 2008r2 servers. It would be interesting to check and see if an defender update occurred on them.

Collected files from Our unaffected Windows 7 system attached. Addition.txt FRST.txt Shortcut.txt

This is a log grab from one of the affected systems attached. We have a system in our office with windows 7 and is running Malwarebytes Teams. It IS Not affected at this time and was just updated to the new yesterday to the newest teams version. We will send a log grab from that for you as well. We just got 3 more reports of the same issue. mbst-grab-results.zip

Need to report a possible bug between windows 7 and Malware bytes Premium. We are a tech Bench partner. We have encountered over 12 of our customers reporting. The following: All systems running Windows 7 as well as Malware bytes Premium latest version. Windows 7 updates are disabled but Microsoft defender was running either in background or fully enabled and sill updating. On or about 5/15/2024 either a Microsoft defender update (signature update) or a Malwerbytes update was installed. the result was upon shutdown or reboot command and consequent reboot. The following message is displayed: "LogonUI.exe- Entry Point Not Found The procedure point ProcessPrng could not be located in the dynamic link library bcryptprimitives.dll We have traced the issue and there are several entries: Please advise. Most of the systems are Critical process systems and that is why they are still using Widows 7.

All good case closed for now. Stay safe.

Connected to client they had uninstalled program. The update had been done reinstalled app. No malware was detected on install.

Malware.Sandbox.28 found in US IRS GOV EFTPS batch payment program. Malwarebytes detected and quarantined. Malware.sandbox.28 in 3 locations in the app. The program is now nonoperational. Therefore no IRS payments can be made. Log file attached. Possible false positive?? We maybe contacted at sales@advancedcompute.com. We are a reseller. The customer contacted us for help. eftps-batch-irs app dectect.txt

Possible false negative malwarebytes for teams detected Backdoor.Agent.EACGen in Apex Legends game under Origin. On a test bench machine on 7/28/2022 running Windows 10 pro malwarebytes for teams detected Backdoor.Agent.EACGen in Apex Legends game under Origin in EasyAntiCheap.exe. Quarantined. Ran repair apex legends. Removed EasyAntiCheap.exe. Reloaded EasyAntiCheap.exe. Restarted pc logged on to Origin then launched Apex Legends. Malwarebytes for teams detected Backdoor.Agent.EACGen in Apex Legends EasyAntiCheap.exe. Again. This is a test bench pc with very frequent hardware and software changes. It is not a activated windows 10 for this reason. A ticket was submitted to Origin. We are an Research test and Dev company as well as a Malwarebytes partner.