kevinf80 Posted February 25, 2021 ID:1441393 Share Posted February 25, 2021 That might not happen as tmp folder is empty..? Link to post Share on other sites More sharing options...
rumptybum Posted February 25, 2021 Author ID:1441395 Share Posted February 25, 2021 It keeps getting detected when I do this kind of scan, though. So I imagine the tmp folder is generating files as the scan is going on. Link to post Share on other sites More sharing options...
kevinf80 Posted February 25, 2021 ID:1441396 Share Posted February 25, 2021 Ok, lets see what happens... Link to post Share on other sites More sharing options...
rumptybum Posted February 26, 2021 Author ID:1441479 Share Posted February 26, 2021 I can't get a hold of the file. As soon as I try quarantining it it doesn't appear in the Quarantine List, nor is it there when I reboot the system. The tmp folder never has any files shown throughout the scan and after, either. That said, I did find a forum thread that seems to document similar experiences. It is worth noting that this detection only occurs if I configured a scan (which is what I had been doing here) to have the entire C:\ drive scanned w/ all scanning options enabled, including rootkits. Link to post Share on other sites More sharing options...
Solution kevinf80 Posted February 26, 2021 Solution ID:1441510 Share Posted February 26, 2021 Hiya rumptybum, I have contacted Malwarebytes admin regarding this problem with tmp folder entries, it is as you first asked a false positive (FP). Can you run a scan with "Rootkits" disabled, does the issue still show... Thank you, Kevin... Link to post Share on other sites More sharing options...
kevinf80 Posted February 26, 2021 ID:1441659 Share Posted February 26, 2021 Hiya rumptybum, Just for piece of mind i`d like you to run a thorough AV scan, I gave the instructions for Sophos AV earlier, can you run that now please... Thank you, Kevin. Link to post Share on other sites More sharing options...
rumptybum Posted February 27, 2021 Author ID:1441685 Share Posted February 27, 2021 I already started a scan with Malwarebytes hours ago with rootkits disabled. It is still scanning. Link to post Share on other sites More sharing options...
rumptybum Posted February 27, 2021 Author ID:1441702 Share Posted February 27, 2021 The scan has finished. I did not get the Riskware detection. I did get three detections, however; they were all of Malware.Ai variety, and I feel like they too might be false positives. But it's not like I've been using the detected files at all as of late, so I still quarantined them. mbscanfull.txt Link to post Share on other sites More sharing options...
kevinf80 Posted February 27, 2021 ID:1441763 Share Posted February 27, 2021 Can you also run Sophos AV scan please... Link to post Share on other sites More sharing options...
rumptybum Posted February 27, 2021 Author ID:1441814 Share Posted February 27, 2021 I'm sorry, but I'm not sure why I should. The whole thread was about determining if that Riskware was a false positive, and it was. And I managed to complete a full MB scan otherwise. My computer works fine. I think having MB are Windows Defender are enough, though AdwCleaner and the Safety Scanner are nice. But that's too many programs on my plate. Even if I go to download Sophos, it's asking me for my info like I'm a potential customer. I'm not. I just wanted to have possible malware dealt with, and as far as I can tell when looking up details online, it isn't going to be as sufficient as the combination of MB and Defender anyway. Link to post Share on other sites More sharing options...
kevinf80 Posted February 27, 2021 ID:1441824 Share Posted February 27, 2021 Hiya rumptybum, Yes I totally agree with you regarding your security setup. Also yes a FP was suggested with the result of your custom scan with rootkits enabled. I`m not an Malwarebytes employee and work here on a voluntary basis. Problem for me is not being able to replicate your problem, i`ve tried running custom scans similar to what you`ve done with rootkit option enabled and nothing is found.. I just want to be totally sure with a Sophos scan that your system is definitely clean. Obviously the choice to run the scan or not is totally up to you. Any tools I recommend for you to use are only temporary and I always give clean up instructions when we are done... If you prefer not running a scan with Sophos then that is fine with me.... Regards, Kevin... Link to post Share on other sites More sharing options...
rumptybum Posted February 27, 2021 Author ID:1441833 Share Posted February 27, 2021 I will consider scanning with Sophos, but I think the topic is otherwise resolved. Link to post Share on other sites More sharing options...
kevinf80 Posted February 27, 2021 ID:1441840 Share Posted February 27, 2021 Hiya rumptybum, As you`re ok to close out we can remove FRST, continue: Right click on FRST here: C:\Users\RyanSil\Downloads\FRST.exe or FRST64.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator" If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST or FRST64 to uninstall That action will remove FRST and all created files and folders... Next, Condsider the following: Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/ Malwarebytes Browser Guard (Free) for Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee PatchMyPC, keep all your software upto date - https://patchmypc.com/home-updater#download From there you should be good to go... Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful....Answers to Common Security Questions and best PracticesDo I need a Registry Cleaner? Take care and surf safe Kevin... Link to post Share on other sites More sharing options...
rumptybum Posted February 27, 2021 Author ID:1441852 Share Posted February 27, 2021 Alright, uninstalled. I appreciate your help. Link to post Share on other sites More sharing options...
kevinf80 Posted February 28, 2021 ID:1441991 Share Posted February 28, 2021 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts