I am attaching a screen shot of my last memory scan. I am running Comodo firewall and Defense+ along with realtime MalwareBytes Anti-Malware. I know the cmdagent.exe is a FP. I assume the MBAM service postings are the same.
Yes, most likely decrypted virus signatures in MBAM’s memory.
They aren’t alerting on the mbamservice.exe or the cmdagent.exe, but the unencrypted signatures that they have loaded into memory.
- Detections in Memory - My guess is that you are doing a Custom scan in which you have elected to scan Memory and that all these detections are in memory. Since they aren’t physical files they can’t be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out.
The detections in memory are frequently other security applications loading unencrypted virus signatures into memory. Having set off a scan of memory by an antivirus application looking for virus signatures, don’t be too surprised if it finds some in memory.
OK. Thanks for the info.
You’re welcome.