JP3SpinoFan Posted March 5 ID:1557481 Share Posted March 5 Hello, I decided to do a scan of my computer with Malwarebytes today. It detected a file as Ransom.Script.RTPScript. By the way, this file was a batch file renamed to .txt. What's weird is that Malwarebytes detects it when you do a full scan, but not when you scan the file itself. I will attach a screenshot below. Please get back to me as soon as possible. Thanks in advance, JP3SpinoFan SOMETHING.txt Link to post Share on other sites More sharing options...
1PW Posted March 5 ID:1557483 Share Posted March 5 Hello @JP3SpinoFan and : While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run the following Malwarebytes utility, or its subsets, please carefully follow these instructions: Download the Malwarebytes Support Tool. In your Downloads folder, open the mb-support-x.x.x.xxx.exe file. In the User Account Control (UAC) pop-up window, click Yes to continue the installation. Run the MBST Support Tool. In the left navigation pane of the Malwarebytes Support Tool, click Advanced. In the Advanced Options, click only Gather Logs. A status diagram displays the tool is Getting logs from your computer. A zip file named mbst-grab-results.zip will be saved to the Public desktop, please attach that file in your next reply to this topic. Please do NOT copy and paste. For the short time between when you post the diagnostic logs, and when your helper weighs in, please take no further self-directed remedial actions that will invalidate the diagnostic logs you will have sent. Thank you. Link to post Share on other sites More sharing options...
JP3SpinoFan Posted March 5 Author ID:1557484 Share Posted March 5 Ok, I have got the results.mbst-grab-results.zip 1 Link to post Share on other sites More sharing options...
Porthos Posted March 5 ID:1557494 Share Posted March 5 While you wait, The logs show the computer needs a restart. Quote Pending File Rename Operations ======================================== C:\Users\JP3SPI~1\AppData\Local\Temp\DELB21B.tmp C:\Config.Msi\3ae8f.rbf C:\Config.Msi\3ae90.rbf C:\Users\JP3SPI~1\AppData\Local\Temp\DELE001.tmp C:\Users\JP3SPI~1\AppData\Local\Temp\_iu14D2N.tmp C:\Windows\Temp\a376cd9d-4173-46d9-b089-275c2742f669.tmp C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir3212_82365968\old_msedge.exe C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir3212_82365968 C:\Program Files (x86)\Microsoft\Edge\Temp Pending Windows Update Reboot ======================================== A reboot is pending Windows Update: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending Windows Update: C:\Windows\WinSxS\pending.xml Link to post Share on other sites More sharing options...
Solution Porthos Posted March 5 Solution ID:1557496 Share Posted March 5 1 hour ago, JP3SpinoFan said: What's weird is that Malwarebytes detects it when you do a full scan, but not when you scan the file itself. I will attach a screenshot below. Are you looking for assistance cleaning your computer or are you just pointing out the difference with detection? Link to post Share on other sites More sharing options...
Maurice Naggar Posted March 6 ID:1557584 Share Posted March 6 Hello @JP3SpinoFan My name is Maurice. I will guide you. Do a new scan with Malwarebytes for Windows. Do a Check for Update using the Malwarebytes Settings >> General tab. See this Support Guide https://support.malwarebytes.com/hc/en-us/articles/360042187934-Check-for-updates-in-Malwarebytes-for-Windows When it shows a new version available, Accept it and let it proceed forward. Be sure it succeeds. If prompted to do a Restart, just please follow all directions. Let me know how that goes. Next, the Malwarebytes sca Next, click the small x on the Settings line to go to the main Malwarebytes Window. Next click the blue button marked Scan. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. >>>>>> 👉 You can actually click the topmost left check-box on the very top line to get ALL lines ticked ( all selected). <<<< 💢 Please double verify you have that TOP check-box tick marked. and that then, all lines have a tick-mark Then click on Quarantine button. Then, locate the Scan run report; export out a copy; & then attach in with your reply. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4 Link to post Share on other sites More sharing options...
JP3SpinoFan Posted March 10 Author ID:1558234 Share Posted March 10 Hi Malwarebytes team, I am not looking for malware removal. I am just saying that I think Malwarebytes detects these scripts. I am very happy. I think malwarebytes is the best! From JP3Spinofan Link to post Share on other sites More sharing options...
Porthos Posted March 10 ID:1558236 Share Posted March 10 20 minutes ago, JP3SpinoFan said: I am not looking for malware removal. You posted in a section dedicated to malware removal assistance only. Please pay attention to where you post in the future. The topic will be closed now. Link to post Share on other sites More sharing options...
Recommended Posts