Jump to content

All Activity

This stream auto-updates

  1. Past hour
  2. Hello, I own the domain s.cystack.net. I have found that Malwarebytes (Real Time Protection) is detecting my domain as a Trojan even though I have ssl certificates. My customer report about the problem with the below PoC image. This is causing me a lot of problems, not to mention loss of customers. My site is clean and if possible please rescan it and have it removed from your blacklist. If this is not possible, please tell me what I can do to be able to remove my site from these lists. If you need any further information, feel free to email me. I remain available and awaiting your response. Kind regards, Vu Hai Dang
  3. Today
  4. Hello @Azhdaha and My name is MKDB and I will assist you. Let's keep these principles as we proceed. Make sure to read the entire post below first. Please follow the steps in the given order and post back the log files. Please attach all log files into your post. Before we start, please make sure that you have an external backup, not connected to this system, of all private data. Only run the tools I guide you to. Please don't run any other scans, download, install or uninstall any programs while I'm working with you. As English is not my native language, please do not use slang or idioms. It may be hard for me to understand. If you do not respond within 4 days, your topic will be closed. Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also a big source of current trojan infections. If you are running any kin of illegal software on your system, please uninstall them now, before we start the cleaning procedure. Please attach the requested zip file and we will be happy to assist you. Thank you!
  5. @frucreisommaddo-7789 Great job! 😃 You should activate elevation prompt and update some programs (if your still need them) or uninstall them (if you don't need them anymore) or otherwise take care of these: The elevation prompt for administrators disabled ^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter^ Malwarebytes version 5.1.0.102 v.5.1.0.102 Warning! Download Update Git v.2.43.0 Warning! Download Update Node.js v.20.10.0 Warning! Download Update Python 3.10.6 (64-bit) v.3.10.6150.0 Warning! Download Update Microsoft Visual Studio Code (User) v.1.81.1 Warning! Download Update Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 v.14.38.33130.0 Warning! Download Update Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 v.14.38.33130.0 Warning! Download Update Google Drive v.1.0 Warning! Download Update Total Commander 64-bit (Remove or Repair) v.11.00 Warning! Download Update qBittorrent v.4.5.5 Warning! Download Update Java 8 Update 391 v.8.0.3910.13 Warning! Download Update Adobe Flash Player 10 ActiveX v.10.1.102.64 Warning! This software is no longer supported. Please uninstall it. Mozilla Firefox (x64 pl) v.121.0.1 Warning! Download Update IObit Unlocker v.1.3.0.11 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. Thank you for your cooperation. You can use KpRm to remove FRST and other tools. Please download KpRm by kernel-panik and save it to your desktop. Right-click kprm_(version).exe and select Run as Administrator. Read and accept the disclaimer. When the tool opens, select Delete Tools under Actions. Under Delete Quarantines select Delete Now, then click Run. Once complete, click OK. A log may open in Notepad titled kprm-(date).txt. I do not need it. Just close Notepad if it shows up. A few final recommendations can be found here: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Hopefully, we've been able to assist you with correcting your system issues. Thank you for using Malwarebytes.
  6. @Lirian Well done! Let's run ESET for a second opinion and FSS and SecurityCheck to check the results. 1️⃣ Please follow these instructions and attach the logfile FSS.txt: 2️⃣ Let me have you run a different scanner to double-check. I don't expect it to find anything, but no harm in checking. I would suggest a free scan with the ESET Online Scanner Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe". Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes. When prompted for scan type, Click on Full scan. Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on the Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You should ignore all prompts to get the ESET antivirus software program. (e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” (in blue, at the bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. Note: If you do need to do a File Restore from ESET please follow the directions below [KB2915] Restore files quarantined by the ESET Online Scanner version 3 https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner 3️⃣ I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications. Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe If Microsoft SmartScreen blocks the download, click through to save the file This tool is safe. Smartscreen is overly sensitive. If SmartScreen blocks the file from running click on More info and Run anyway Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file. Attach it with your next reply. You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt
  7. @MalwareVictim88 Good job! Let's use ESET and SecurityCheck for a second opinion. 1️⃣ Let me have you run a different scanner to double-check. I don't expect it to find anything, but no harm in checking. I would suggest a free scan with the ESET Online Scanner Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe". Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes. When prompted for scan type, Click on Full scan. Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on the Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You should ignore all prompts to get the ESET antivirus software program. (e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” (in blue, at the bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. Note: If you do need to do a File Restore from ESET please follow the directions below [KB2915] Restore files quarantined by the ESET Online Scanner version 3 https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner 2️⃣ Please follow these instructions and attach the logfile:
  8. Hi, Thanks for reporting. The site will be whitelisted.
  9. Hi, Thanks for reporting. The block will be removed.
  10. Hi, Thanks for reporting. The block will be removed.
  11. But this is the block. I know strange. "processPath": "E:\\DCS World OpenBeta\\bin-mt\\DCS.exe",
  12. I have no clue why searching dcs in Chrome would open the game. "websiteData": { "blockType": 15, "ip": "37.120.141.144", "isInbound": false, "netProtocol": "UDP", "port": 10308, "processPath": "E:\\DCS World OpenBeta\\bin-mt\\DCS.exe", "url": "" I am grasping at straws here but do you have the experimental AI feature in Chrome?
  13. @LeBathtubFishe Please do the following so that we may take a closer look at your system. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ Then please restart the computer and then do the following. WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run. In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply Thank you
  14. Hello @GWD45pYQL Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Thank you
  15. Nothing found by that scanner either. I'm sorry but so far there are no signs of an infection on the system. You can try to use Microsoft Process Monitor to try and track down something that might be starting some type of audio program https://learn.microsoft.com/en-us/sysinternals/downloads/procmon
  16. You have a hard drive disk error. Timestamp: 3/27/2024 7:59:22 AM Type: Error Source: disk Message: The device, \Device\Harddisk0\DR0, has a bad block. That is a sign the hard drive is starting to fail. There is no way to determine how long it may last but it's best to backup your personal data to an external drive while you can before the drive does fail. Then look at purchasing a new hard drive and either clone the current drive or reinstall Windows
  17. Excellent. Glad you have everything updated and sorted out. Cheers
  18. Yeah, you had a lot of temp files was the issue. @serpens Please save the following updated FIXLIST and run it as before with Admin rights. Post back the FIXLOG.txt file when done. fixlist.txt Thank you
  19. It found something that I don't think it was the cause but not sure. Please run the following Dr.Web CureIt! Please download the Dr.Web CureIt! anti-virus utility https://free.drweb.com/ You will need to send them an email to obtain a link to download the scanner, please do so The downloaded file will normally have a unique name such as: q7a9tr4p.exe Close all open applications and locate the downloaded file and double-click to run it The program will take a moment to launch and bring up the License and Update screen Place a check mark to agree to the terms and then click on the Continue button Click the underlined link Select objects for scanning On the top left click the Scanning objects that should automatically check all objects Click the small wrench and make sure there is a check on Automatically apply actions to threats Then click the large button on bottom right Start scanning Once the scan has completed there will be a link named Open report click that and a log named cureit.log should open in Notepad The log is saved in the folder named Doctor Web in the top of your user profile folders Please attach that log on your next reply
  20. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes for Windows Help forum. If you are having technical issues with our Windows product, please do the following: Malwarebytes Support Tool - Advanced Options This feature is designed for the following reasons: For use when you are on the forums and need to provide logs for assistance For use when you don't need or want to create a ticket with Malwarebytes For use when you want to perform local troubleshooting on your own How to use the Advanced Options: Screenshots: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  21. So I recently searched exactly the term "dcs" in chrome in the search bar, and Malwarebytes instantly blocked and IP address. I tried searching again and it did the same thing again. The weird thing though is that when I type in "dcs" it does not autocorrect to a link it just looks like it is as if I am searching a word in chrome. Upon looking further into the reports it says between the reports Trojan/Compromised. I have run multiple scans with Malwarebytes afterwards just to be sure nothing got in. Does any one know what is going on with this? Cause when I went to my bookmark of the website I wanted Digital Combat Simulator nothing happened and I was perfectly fine. In the report it listed the file as "E:\DCS World OpenBeta\bin-mt\DCS.exe". If any one knows what is happening or I should take further action let me know.
  1. Load more activity
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.