Jump to content

Recommended Posts

Hi,

Is this a issue with MBAM Premium ?

After running FRST on my son's system, i noticed these entries. Anything to be concerned about ?

	CodeIntegrity:
===================================
  Date: 2017-05-15 18:10:51.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:07:55.864
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:07:54.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:05:12.303
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:05:11.071
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:03:04.063
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:02:09.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:02:07.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:01:50.039
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
	  Date: 2017-05-15 18:01:48.475
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

mb-check-results.zip

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello @ronald739 and :welcome:

Your attached logs show that installed copy of MB3's mbae64.dll file has the correct hash and that file has been correctly digitally signed/verified.

As a prudent check, an escalation will has been made to a knowledgeable Malwarebytes staffer for further action.

Thank you.

Edited by 1PW
Escalated
Link to post
Share on other sites

On 16/05/2017 at 0:18 AM, dcollins said:

There's nothing to worry about here. This can happen with apps from the Microsoft store get injected with DLL's like ours that aren't available on the Microsoft store. There should be no negative impacts here

Good to know. Thanks.

=========

Thanks for the welcome 1PW.

Regards.

Link to post
Share on other sites

Also, just in case you were wondering, that DLL is used by our exploit protection.  The reason it injects itself into certain processes is so that it may monitor them to protect them from exploits.  Web browsers, office applications, media players and other vulnerable/frequently targeted applications which are in our list of shielded programs (viewable under the "Manage Protected Applications" interface in Settings>Protection) generally will have our DLL injected into each instance of their processes that load into memory so that should an exploit attempt to execute through any such process, we can catch it and stop it in order to prevent the exploit from successfully exploiting any vulnerability which might exist and infecting the system with malware or allowing any hacker to infiltrate the system with it.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.