![](http://content.invisioncic.com/Mmalware/set_resources_28/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
shruiken15
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by shruiken15
-
-
-
32 minutes ago, Porthos said:
There are other layers of protection protecting users. This is just one layer being disabled.
Web protection, File exploit protection, malware, and ransomware protection. Also, if not already installed in Chrome, Browser Guard extension.
I have Browser Guard installed as well as the rest of Malwarebyte's features. I just wanted to be sure that Chrome was still safe to use.
-
So, if Exploit Protection for Chrome is currently turned off, does that mean that it is not secure to browse with Chrome at the moment? I am trying to understand the full scope of the issue, as my work is largely browser-dependent and I rely on being able to use Chrome securely.
-
My current scan is clean. When I first received the detection alert, I quarantined and deleted the files; I now since know better, but the files are gone. I made the posting here after noticing that, upon quarantining and deletion, Malwarebytes would scan clean; but after restarting, Malwarebytes would detect the four files I mentioned in the scan and would not scan clean. So I would quarantine, delete, scan, restart...and scan again, with the same results. Now I know my Malwarebytes database is up to date; it scans clean; and I expect it to scan clean the next time I restart.
-
My current version is 1.0.40660. The scan results in my previous response are from earlier today, before I first made my post. I have not restarted my computer since making this forum post, as I was waiting to hear back for a response. I don't think there is currently an issue.
-
I believe they are the False Positives and Malwarebytes says it is up to date. I was not trying to say that this was a separate event! Rather, that:
- I received the 47 FPs
- Quarantined and deleted them
- Re-scanned; Malwarebytes came up clean
- restarted my computer
- re-scanned; Malwarebytes listed the 4 FPs I mentioned in my initial post.
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 5/19/21
Scan Time: 10:40 AM
Log File: 1b0d3376-b8b0-11eb-9054-08626637055e.json-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1292
Update Package Version: 1.0.40646
License: Premium-System Information-
OS: Windows 10 (Build 19042.985)
CPU: x64
File System: NTFS
User: DESKTOP-ON8A8PN\Owner-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 273713
Threats Detected: 4
Threats Quarantined: 4
Time Elapsed: 0 min, 26 sec-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect-Scan Details-
Process: 0
(No malicious items detected)Module: 0
(No malicious items detected)Registry Key: 3
RiskWare.Injector.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Application Experience\PcaPatchDbTask, Quarantined, 11812, 941491, , , , , ,
RiskWare.Injector.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0DAB0DD-267D-4C7D-BD14-D879C849F76F}, Quarantined, 11812, 941491, , , , , ,
RiskWare.Injector.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A0DAB0DD-267D-4C7D-BD14-D879C849F76F}, Quarantined, 11812, 941491, , , , , ,Registry Value: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Data Stream: 0
(No malicious items detected)Folder: 0
(No malicious items detected)File: 1
RiskWare.Injector.Generic, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Application Experience\PcaPatchDbTask, Quarantined, 11812, 941491, 1.0.40646, , ame, , 9F0ACCD368DEBDA3AA6D8B29423CF3EE, 2E45B19A08F38A948D25B4F8A8459770531DF09A185633D61AE7B9DAC986A1A9Physical Sector: 0
(No malicious items detected)WMI: 0
(No malicious items detected)
(end) -
4 minutes ago, Porthos said:
Reappear as detection's? If so please post a new log.
I stated in my initial post that upon restarting, these four files appear as detections:
C:\Windows\system32\TASKS\microsoft\windows\application experience\pcapatchdbtask
hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\microsoft\windows\application experience\pcapatchdbtask
hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0dab0dd-267d-4c7d-bd14-d879c849f76f}
hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0dab0dd-267d-4c7d-bd14-d879c849f76f} -
So I have learned in following up this issue on the forums. I'm somewhat heartened by the fact that the files (some of them) seem to reappear on restart.
-
Yes - I'm seeing many posts all of a sudden with the same thing. It looks like this was a false positive and will be patched; many people are being chided for immediately deleting the files (like I have). Since I don't have an active system restore point, I hope I have not deleted anything critical.
-
My computer is suddenly reporting detections; as far as I am aware, I have not done anything out of the ordinary to cause it. I quarantine and delete what Malwarebytes finds and subsequent scans come up clean, but upon restarting my computer it finds the same files again. Upon the first detection I was informed by Windows Defender that my 'app and browser control' function was turned off, but upon reactivating it it has remained active through multiple restarts. The detections in question are:
C:\Windows\system32\TASKS\microsoft\windows\application experience\pcapatchdbtask
hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\microsoft\windows\application experience\pcapatchdbtask
hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0dab0dd-267d-4c7d-bd14-d879c849f76f}
hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0dab0dd-267d-4c7d-bd14-d879c849f76f}The heading on the detection is 'Riskware/Generic.' Can someone tell me what this is? Is this an infection, or a disagreeable Windows update?
June 2023 Update (KB5027231) prevents Google Chrome from displaying
in Malwarebytes for Windows Support Forum
Posted
Oh? I misunderstood, then, and will change that toggle. What does disabling Windows Defender registering Malwarebytes do, functionally?