Jump to content

3.2 still has problems with exceptions

Recommended Posts

As I posted here with 3.1.2 I had a frustrating time with MBam automtically quarantining updates to Nirsoft package of utilities. These utilities are stored on a non C: drive. Well upgraded to 3.2 and the exclusion issue is still there





-Log Details-
Protection Event Date: 8/29/17
Protection Event Time: 10:28 AM
Log File: ada67b50-8cce-11e7-b3e3-00ff486c33ab.json
Administrator: Yes

-Software Information-
Components Version: 1.0.188
Update Package Version: 1.0.2682
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Malware Details-
File: 1
PUP.Optional.StartUpManager, E:\Downloads\Nasty Fixes\wscc\NirSoft Utils\strun.exe, Quarantined, [7060], [86117],1.0.2682


I have the following folder exclusions set for Exclusion from protection of Malware or PUPs:

E:\Downloads\Nasty Fixes\NirSoft 

E:\Downloads\Nasty Fixes\wscc

E:\Downloads\Nasty Fixes\wscc\NirSoft Utils

Why is it that 3.2 is behaving the exact same way with exclusions? I regularly update these utils using the wscc free util and every time I do it I have try to restore these items from quaratine. Sometimes this restoration is not possible since MBam insists on making me reboot the computer.


Link to post
Share on other sites

17 minutes ago, frozen said:

PUP.Optional.StartUpManager, E:\Downloads\Nasty Fixes\wscc\NirSoft Utils\strun.exe, Quarantined, [7060], [86117],1.0.2682

Is this the old StartupRun from Nirsoft?  That program is obsolete, and you should now be using WhatInStartup...  Does this detection happen with all Nirsoft tools?

Link to post
Share on other sites

6 minutes ago, Porthos said:

That is still an issue as far as I know.  @dcollins

So if I move this over to C: drive I will have no issue because even 3.1 had issues with the folder being on C: drive and i put up with it.


No its not just one Nirsoft app its a series of apps from Nirsoft. I update all of them. This round it was Strun.exe, IEHV.exe and WirelessNetView.exe if they are downloaded to a directory that is not on C: drive then the exclusions in MBam are useless. I moved the folder where I stored them over to C: drive and deleted these same utils and after excluding this new C: folder in MBam the update of these 3 utils downloaded file. 


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.