DMorris

Aha! With rootkit scanning off, I don't get the detection. This is a new phenomenon as I have had MWB on many computers for years with rootkit scanning on with no such detection, which I assume to be an error. Thanks very much for your detective work. Do have a suggestion for going forward?

Thanks for the quick reply! Here is the zip file, just now created. mbst-grab-results.zip

I had a similar experience and resultant concern. The same "password stealer" was flagged at the same disk location (C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\TMP\VSIXAUTOUPDATE.EXE-U.MBAM). This was with an manual scan; it had not been picked up automatically. Then on quarantining the file, a reboot was required. After the reboot, a manual scan did not note the "password stealer." But on the next manual scan, the "password stealer" was back. I have done this a few times with no variation. Obviously, with a quarantine that causes a reboot, and subsequently still seeing the problem, there is little that I can do to remedy this. Do you have suggestions?