Jump to content

All Activity

This stream auto-updates

  1. Past hour
  2. Hello, The block will be removed. Thank you and let us know if you need any additional help!
  3. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The Computer will restart when the fix is completed. It will create a log (Fixlog.txt) please post it to your reply.
  4. Hi, my client has the website https://b-stick.dk/ blocked by Malwarebytes. It is not blacklisted on other security services. The site was infected, but has been cleaned up, updated and is now protected by new and better security. Can you please unlock, thanks.
  5. Does this mean I'm infected with a new strain of this ransomware that doesn't have a decryption method yet?
  6. Hi, This tool looks great but when I try to extract Asset Information I get this error message. Doesn't matter how many Asset there are. Does anyone can help me with this? Thanks in advance
  7. The IP address is blocked. Just in case you missed it, the log files are attached in the previous post. Thanks, Jeng
  8. TeMerc and Dashke, Thank you for your quick responses. The websites in question belong to a local ISP and are used for Webmail. I will call the local ISP and inform them of your feedback. Dashke, I will forward the malicious script code you posted to the local ISP. Thanks again for your responses and have a great weekend!
  9. Hello @David59, I replied to your support ticket. There seems new variant that might be causing this issue.
  10. Today
  11. Update on the firewall rule: I created an outbound rule in the Windows Firewall setting: This should do it, right? Thanks, Jeng
  12. Greetings, Recently one of our customers contacted us and reported that www.pori.fi & pori.fi (latter being a redirect) is currently being blocked by Malwarebytes Browser Guard. The reason for the block is stated as "Website blocked due to phishing" We checked on our end, and we haven't found any issue that would lead to the domain being blacklisted. We believe that this might be a false-positive. We would politely request that if that you could whitelist/unblock the site in question.
  13. Thank you for helping! But when I try decrypting my files with the "STOP Djvu" software I get this error message on all files: Error: No key for New Variant online ID: UMxKWCt3ZhBU8CPXdPsZ8IDzZxzXMI12EUMDqGQN Notice: this ID appears to be an online ID, decryption is impossible
  14. Hey Kevin, Please see the logs in the attachment. For the Firewall rule, I will google that up and do that. Thanks, Jeng FRST.txt Addition.txt
  15. Hiya jengang31, Yes I agree, orange is classed as possibly suspicious but not confirmed. I would leave them alone, I can have a look at Firewall settings in FRST logs. Are you OK to create a Firewall rule to block the problem IP. More reseach does confirm as malicious and guiding you to Ad supported domains.... Thanks, Kevin..
  16. Ahh thanks! I scrolled through the detected items and they are all orange: I guess I will not click the Removal button in this case. I will rerun the FRST and upload the new logs next. Thanks, Jeng
  17. Hello, The block will be removed. Thank you and let us know if you need any additional help!
  18. Apologies, yes you can remove from where you`re at, also only remove items that are RED
  19. Hello DepoC and welcome to Malwarebytes, Can you post the ransom note and attach a copy of one of the encrypted files.... Thank you, Kevin.
  20. Hey Kevin, I haven't closed the result windows, can I click remove directly there? Also, just would like to reconfirm before I click remove - the detected items seems mostly from Glasswire, which is a software for my Network Monitoring and Firewall. Do we need to remove that? Thanks, Jeng
  21. Hello rihabh and welcome to Malwarebytes, Can you post the ransom note and attach a copy of one of the encrypted files.... Thank you, Kevin.
  22. Read at the following: https://id-ransomware.malwarehunterteam.com/identify.php?case=707e906651c1df975d1995ed0774d576e97b754e
  23. Hiya jengang31, Thanks for that log, continue: Now, let's re-run RogueKiller and remove all the items it found. Right-click on the RogueKiller file and select Run as administrator to start the tool. Click Yes to accept the UAC security warning that may appear. Click Accept to agree with the EULA (End User License Agreement) and close the browser tab it will open. Now click the Scan blue button and under the Standard Scan (recommended) click on the Scan button.
  24. Even my system is affected by same ransomware, all files are encrypted with .NOBU extension. Tried renaming it but no use, files get corrupted. Just turned on my PC an hour ago and found this happened.
  25. Hi, my client has the website https://www.mcelocam.com/ blocked by malwarebytes. Is not in blacklist in other security services. Can you unlock please? Thanks
  1. Load more activity
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.