Jump to content

eliuri

Members
  • Content Count

    25
  • Joined

  • Last visited

About eliuri

  • Rank
    New Member
  1. Thank you Malwarebytes for the quick response and the fix
  2. Is it safe to now assume this is a false positive? Given how many are reporting it. I hadnt downloaded anything tonight. Yesterday's Malwarebytes scan was clean. I uploaded the Reader\ACE.dll file to VirusTotal. Malwarebytes was only engine that detected it (so far..) I get prompted to qurantine this "backdoor.remcos" by Malwarebytes. This happens whenever I try to open a .pdf file . Began about 1 am EDT. The installed Acrobat reader tries to reinstall Adobe Acrobat Reader, but then is blocked again by Malwarebytes. Location of the supposed infection is: Backdoor.Remcos, C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ACE.dll If its not safe to remove from Quarantine and make exception for this ACE.dll file, how would I go about downloading and installing a fresh copy of Acrobat reader? I'd hate to have to do all this if this is really a false alarm! So will someone kindly advise me? Eliuri Windows 10 Version 1809 Malwarebytes Premium 3.7.1 ======================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/15/19 Protection Event Time: 1:53 AM Log File: efecad6a-8f31-11e9-a462-782bcb979dbc.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.11060 License: Premium -System Information- OS: Windows 10 (Build 17763.557) CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 Backdoor.Remcos, C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ACE.dll, No Action By User, [3811], [696603],1.0.11060 (end)
  3. Thank you, exile 360 for your detailed explanation and reassurance. Yes, I do have a full scan scheduled daily, so your explanation above does makes sense ~eliuri
  4. I tried again and it downloaded porperly. Ran the tool. Attached find that zip file requested mbst-grab-results.zip
  5. This tool mb-support-1.3.1.553.exe is not downloading. It shows 0bytes in download folder. Kindly advise further eliuri
  6. Hello: I run nightly scan with Malwarebytes 3.6.1 Premium. Takes about 25 minutes. But when I observe the scan progress, I notice it spends only a second or so on Heuristics. although this parameter is enabled in my settings. Is it actually running Heuristics scan, or does it no longer do this? Thanks in advance: eliuri Windows 10
  7. Thank you, Exile for this explanation. It makes it easier to remember to disable that module and quit Malwarebytes before running System Restore, which unfortunately I do need to use on occasion. Now that I have some understanding as to why that is so...Two brief follow-ups to this: 1) Am I correct that Malwarebytes does not interfere with the creation of restore points for the system restore, only the actual running of the restore operation? 2) Would you happen to know if Windows Defender real time protection needs to be disabled as well before running System Restore? Thanks again: -eliuri Windows10 Version 1803 Malwarebytes 3.6.1
  8. https://support.malwarebytes.com/docs/DOC-2226 (Forgot to post this link earlier. My apologies..)
  9. Hello again: I just came across a Malwarebytes Support document which describes this issue. Sorry I hadnt seen that earlier. Though the reason this blocks System Restore remains much of a mystery..
  10. Here's that mbst zip file you requested. Let me know if theres other info needed Thank you -eliuri mbst-grab-results.zip
  11. Hello: I tried restoring my Windows 10 PC using a System Restore point to only about an hour prior. The restore operation failed. Unspecified Error (0x800700005) The windows pop-up said the restore operation probably failed on account of not being able to access a certain file and to try disabling AV. I disabled Windows Defender and Real Time Protections of Malwarebytes. It failed again, regardless of which RP I chose. However, when I disabled Malwarebytes self-protection module as well as load at start-up option, the restore operation completed successfully. I do find this a bit mysterious. Which file was being blocked that System Restore couldn't access in those earlier failed attempts? (There were at least 3 such failed attempts using different RP's) It would help to understand this better for future references. And if Windows Defender needs to be disabled as well as all those Malwarebytes settings for successful System Restore? Or perhaps just the Malwarebytes load at start-up? Thanks eliuri Windows 10 Version 1803 Malwarebytes Premium 3.6.1 No other AV other than Windows Defender
  12. Thanks for this, Exile. I was gonna ask about the CFA feature in the MS Windows Defender , but I saw reference to several articles there saying its overly protective as you put forth here. They do show way to allow certain programs (whitelist) but hard to do if the program isnt even yet installed. So it was said there that when its doing that to simply disable it. Another suggestion is "audit mode" where u monitor what its doing and get a sense of how it operates. But it seemed like way too much work--at first glance. I couldn't even get my printers software installed, until i disabled the Controlled Folder Access...as well as a bunch of other installations of benign programs I was quite familiar with Yes. I ticked in to "Never Register with Action Center" in the Malwarebytes settings. So that Defender remains my primary realtime protection and MBAM protects in background as fallback. And I'll see how that goes .. Thank you for taking time...It's been very vexing
  13. Other than the Controlled Folder Access issue: Am I right that yuore saying Windows Defender would maintain its level of real time protection and not lower it on account of RT Malwarebytes? The way it disabled itself when Mcafee was installed? Would it help accomplish this if I tick in the open of never registering Malwarebytes with Windows Action Center, or does that pertain merely to notifications I receive from them and not to actual protection? I will post there about that Controlled Folder Access issue after keeping an eye on it a while . Offhand, I dont get why its under Ransomware...but
  14. You were right about that!..I have now enabled all the 4 components of MBAM realtime protection. For now, I'm leaving "Controlled Folder Access" by Windows Defender: OFF..because it seems to prevent much needed activity. It's somehow under their Ransomware Protection. Seems Malwarebytes has its own such realtime protection. So maybe this will be ok... ======================= My goal here is to have Malwarebytes running without interefering with-or in any way disabling- with the RealTime protection of Windows Defender. Was told this might be a good combination. That way I can avoid installing a whole new security suite.. In terms of achieving this, would you advise starting a different thread in this forum on this, since its a different issue? Or continue on with this in this thread? Thanks again: eliuri Windows 10 64bit Version 1803
  15. Hi Exile: Heres that zipped file folder. I did disable Controlled Folder Access. BTW: I am finding that feature of Windows Defender very annoying...Seems it doesnt let me install most harmless programs mbst-grab-results.zip
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.