EricT Posted March 30, 2017 ID:1113728 Share Posted March 30, 2017 I'm not sure how to post a log on a Real-time detection, but I've noticed anytime libc has an update, MalwareBytes v3.0.6 reports it as an issue. Example from the apt update log: Get:1 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 linux-libc-dev amd64 4.4.0-71.92 [837 kB] Fetched 837 kB in 5s (162 kB/s) (Reading database ... 33598 files and directories currently installed.) Preparing to unpack .../linux-libc-dev_4.4.0-71.92_amd64.deb ... Unpacking linux-libc-dev:amd64 (4.4.0-71.92) over (4.4.0-70.91) ....................................................] dpkg: error processing archive /var/cache/apt/archives/linux-libc-dev_4.4.0-71.92_amd64.deb (--unpack): unable to make backup link of './usr/include/asm-generic/sockios.h' before installing new version: Permission denied dmesg: read kernel buffer failed: Function not implemented E: Sub-process /usr/bin/dpkg returned an error code (2) Link to post Share on other sites More sharing options...
Staff miekiemoes Posted March 30, 2017 Staff ID:1113731 Share Posted March 30, 2017 Hi, In order to get more info about this detection, can you open Malwarebytes > Reports > Select one of the recent reports when this was detected and choose View Report. Look if the detection is displayed in there. If so, then use the Export button and copy to a textfile (or to clipboard) in order to attach (or copy and paste) here. Thanks! Link to post Share on other sites More sharing options...
EricT Posted March 30, 2017 Author ID:1113768 Share Posted March 30, 2017 Reports are clean, it only shows up in the Real-Time detections, and nothing in quarantine. Attached is the pop-up from MalwareBytes. It's not that big of a deal, I just disable MalwareBytes if I see anything with libc on a apt upgrade. Link to post Share on other sites More sharing options...
Staff miekiemoes Posted March 30, 2017 Staff ID:1113771 Share Posted March 30, 2017 Hi, I see it's a detection from our Antiransomware component. We would love to have more info regarding this, so we can fix on our end as well. To get this info, Please browse to the following folder: C:\ProgramData\Malwarebytes\MBAMService\logs\ In there, find the MBAMSERVICE.LOG. That's the log we need, so we can have a better look and make some adjustments. You can always send this log to me via Private message here as well if you don't feel comfortable attaching it here. As an additional note, you can also always add an exclusion for this via the Settings > Exclusions option as well. Thanks for your help! Link to post Share on other sites More sharing options...
Staff miekiemoes Posted March 30, 2017 Staff ID:1113780 Share Posted March 30, 2017 This is being handled via Private Message, so closing this thread Link to post Share on other sites More sharing options...
Recommended Posts