cstdlib Posted August 4, 2016 ID:1054596 Share Posted August 4, 2016 C:\ProgramData\Malwarebytes\Malwarebytes Anti-Ransomware\ mbarwind.zipC:\ProgramData\Malwarebytes\MBAMService\logs\ : MBAMSERVICE.zip Link to post Share on other sites More sharing options...
1PW Posted August 4, 2016 ID:1054605 Share Posted August 4, 2016 (edited) Hello cstdlib and Using the Windows built-in zip utility, please create the following zipped archive for MBARW developer team analysis: Create a .zip archive of the executable: C:\Users\MAINTE~1\AppData\Local\Temp\PH_160714to160726.exe Please attach the zipped archive to your next reply. Thank you for your beta testing contribution to the MBARW project and your valued feedback. https://translate.google.com/#en/ja/ Edited August 4, 2016 by 1PW Link to post Share on other sites More sharing options...
cstdlib Posted August 5, 2016 Author ID:1054681 Share Posted August 5, 2016 14 hours ago, 1PW said: Hello cstdlib and Using the Windows built-in zip utility, please create the following zipped archive for MBARW developer team analysis: Create a .zip archive of the executable: C:\Users\MAINTE~1\AppData\Local\Temp\PH_160714to160726.exe Please attach the zipped archive to your next reply. Thank you for your beta testing contribution to the MBARW project and your valued feedback. https://translate.google.com/#en/ja/ PH_160714to160726.exe : https://mega.nz/#!8oZxhaDb!NyX81OXfL6vNaU29RRt4RCLeLogeid-vA_B36ikydeA (208.9MB) Link to post Share on other sites More sharing options...
cstdlib Posted August 5, 2016 Author ID:1054682 Share Posted August 5, 2016 Anyway, how can i stop MBAMSERVICE uploading bunch of the sample (i uploaded to mega.co.nz)? It's using my upload speed max. can your software detect same md5/sha* of the same file so it will send only one sample to your server? Link to post Share on other sites More sharing options...
cstdlib Posted August 5, 2016 Author ID:1054686 Share Posted August 5, 2016 Link to post Share on other sites More sharing options...
1PW Posted August 7, 2016 ID:1054959 Share Posted August 7, 2016 Hello cstdlib: It is possible that if the executables that are being uploded have never undergone analysis as possible malware, little can probably be done till white listing has been established. However, let's see if a Clean Install makes a difference. Rather than a simple re-install of MBARW Beta7, please consider a clean install of MBARW Beta7: 1. Close all open user applications followed by a conventional Windows based uninstall of Malwarebytes Anti-Ransomware through the Windows system Control Panel. 2. If MBARW Beta7 was uninstalled successfully, the following sub-directories will have been deleted from a typical Windows 10 x64 system: C:\Program Files\Malwarebytes\ C:\ProgramData\Malwarebytes Anti-Ransomware\ C:\ProgramData\MBAMService\ 3. If any of the above directories remain, please delete them manually. If necessary, any remaining/uninstalled directory must be deleted in the Windows Safe mode. 4. Execute a conventional Windows restart to the Normal Windows boot mode and log-in through an Administrator's account. <===IMPORTANT! 5. Using an Administrator's account only, download a fresh MBARW_Setup.exe file and save to the Administrator's Desktop from the Malwarebytes Anti-Ransomware BETA 7 Now Available topic. 6. Right-click the saved MBARW_Setup.exe file and left-click Run as administrator from the context menu and continue. 7. Upon a successful installation, please restart the computer in a conventional manner to the Windows Normal boot mode. Please reply to your topic with the status of your reported issue. Thank you for beta testing MBARW and your valued feedback. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now