Jump to content
Sign in to follow this  
wrap2tyt

c:\users\sameer\desktop

Recommended Posts

I've asked this question once before and never received an answer, but why does EVERY scan conducted with MalwareBytes show a user account c:\users\sameer\desktop, there is nobody in my company with that userid and it shows on evryscan of any machine... clearly this is a false finding.

 

Thank you.

Share this post


Link to post
Share on other sites

Can u please post a scan log for this so we have something to go on?

 

Also is this the corporate client MBAM and are the desktops locked down?

 

 

Thanks!

Share this post


Link to post
Share on other sites

I am not posting the intire log, only the point where the issue is.

 

Folders: 1
Trojan.Agent.SM, c:\users\sameer\desktop, , [3e42ac8e25576accc604cec06b99e51b],

 

Also, we've scanned this particular system with TrendMicro, Symantec and Webroot and it keeps coming up clean.

Share this post


Link to post
Share on other sites

Its really tough to help you without the entire log. Database version etc. If you want to pm it to me thats fine.

 

 

Are the desktops restricted access wise (group policy or limited user accounts) also is this the corporate or Free version.

Share this post


Link to post
Share on other sites

So... you've never seen this before? I'm sorry, I cannot provide you this file, I guess I will just find another way to figure this out and in the mean time we'll just stop using MalwareBytes.

 

Thanks for your help.

Share this post


Link to post
Share on other sites

Well real common is to use the free client on a corporate environment with restricted access to profiles from policies. If mbam cant read the folders properly then this is what can happen. But this is a guess being you wont provide the requested information.

Share this post


Link to post
Share on other sites

Unfortunately what i mentioned is happening. This is do to access policies in your environment and mbam not being able to read the folders and paths properly.

 

We really dont support the free version in a corporate environment. There is a special Corporate client version to work with a corporate policy restricted environment.

 

I removed your attachment. Thanks for providing that.

Share this post


Link to post
Share on other sites

Thanks... I understand about the policies and access to folder locations, but to just out of no where create something such as "c:\users\sameer\desktop" and drop it in a report saying this is what I found, makes me wonder about your free version altogether, seeing that it's finding things that nothing else sees, but i I get it. Thanks for your help.

 

Share this post


Link to post
Share on other sites

Well this doesnt normally happen in a home situation which is what the product is designed around. The free version is not licensed to be used in a business environment.  We have a corporate version to deal with corporate access polices.

Share this post


Link to post
Share on other sites

Basically something is blocking the scans causing all the false positives you are seeing.  Could be your antivirus or policies. Unfortunately nothing that is under our control. You can disable your av temporarily to see if its that.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.