Remote support utility causing false positives

[Gerr]

Our IT company recently purchased and deployed managed Malwarebytes to about 950 machines. We started getting calls of found infections and it was getting insane! I did research and found NOTHING on the issues. It kept generating infected files "winupdate.exe" in all of the user profiles and system directories. I finally figured out what it was. We manage all machine updates on the workstations so I thought to test that theory and remove Kaseya services. Sure enough once Kaseya was disabled no more infections found. I know these are false positives but it is generated a large headache to deal with them. I have a log file of the infections and a log file after Kaseya was removed (no infections) attached. Let me know if you need anything more. I also saw a few posts on here unresolved, so I hope this helps with future support to them.

Thanks!

mbam-log-2011-03-07 (16-16-33)-INFECTED.txt

mbam-log-2011-03-07 (16-22-12)-CLEAN.txt

[shadowwar]

Ok this is more than likely a settings/exclusions issue.

Please contact corporate support at:

To qualify for business support services, you MUST HAVE a valid annual subscription and able to provide the following information for verification purposes.

Cleverbridge Order Reference Number:

Organization name:

Approved Contact name:

To contact our Corporate Support Team, please send email with the requested information to: corporate-support@malwarebytes.org

[Gerr]

Doing it now, thanks!

[shadowwar]

You welcome!