Jump to content

Google Updater File Marked As Ransomware


Recommended Posts

Can I please check what I should do for clarification?

My scan I did overnight has found this too and I immediately quarantined it

I am using Malwarebytes version 3.7.1 (attached is the screenshot)

Capture.JPG

Link to post
Share on other sites

You can select quarantined  option on left, they will display, check mark the one you want to restore. 

Myself, I had just run an image of complete system and just did a single file restore.   Maybe I shouldn't have done it that way, but I did,.  When I did the quarantined , it required a restart.  Not sure why Malwarebytes wants a person to do a restart just to move a file to  a folder called quarantined , perhaps they did more that my single file restore wouldn't have caught.   Using the restore from Malwarebytes would be easiest for you. 

Link to post
Share on other sites

At first I restored from within Malwarebytes, but when it restored it put file name in as all caps, and I wondered why.  It doesn't matter, but red flags went up that anything at all was changed while in quarantine.  I don't know the process of their  quarantine process as it also required a reboot.  My guess is they put it in a hidden directory and change the name, but display the name as it was when quarantine?  Then if you want it restored, they put it back with original name.  Since I didn't understand how it was handled and since the name was modified (even though it didn't hurt or affect anything), I went with my restore a file from an image only a few hours old. 

Link to post
Share on other sites

What I ended up doing was deleting the file and then restoring it with the link provided above with the same file name as before. I then re-scanned and no error was picked up this time by Malwarebytes either I also scanned the file itself with Malwarebytes just to be on the safe side and no issue was detected.

Thanks for your help.

Link to post
Share on other sites

Great thank you :)

I just put the file back just to be on the safe side as I was wary of deleting it. There are other language files in that folder that I don't use but just worried about deleting them and then worrying if something goes wrong.

Link to post
Share on other sites
  • 3 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.