Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. I've been without a third party AV for several years now, relying on Malwarebytes as my primary protection, and while I do generally surf safely, I do actually occasionally press my luck going out into the riskier parts of the web to go 'hunting' for new threats and bad sites to report to the Malwarebytes Research team and even then, I still have yet to get a single infection (not even a single PUP) and the worst thing I've come across so far that actually got through was the occasional tech support scam site (though even those don't get through any more ever since I installed the MB browser extension beta I mentioned; it's very good at blocking those sites). For years I used Kaspersky and later ESET, always with Malwarebytes, but now it's just Malwarebytes and MSE (Microsoft Security Essentials) and it's been that way for the past 3~4 years.
  3. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  4. After first use of Malwarebytes where 200 PUP files were quarantined, I could not log in to Windows 10. I received "We Can't Sign In To Your Account" message. I unquarantined the files, but no change. I've tried changing temporary login files in Regedit and restarted several times, but system unchanged. Not sure if Malwarebytes responsible, but laptop running fine until first use.
  5. We currently license and use Malwarebytes for Business. One of our security people wanted us to run a scan on an endpoint using the Malwarebyte's AdwCleaner. Would this be a waste of time or does this actually look for and potentially clean up things that Malwarebyte's for Business doesn't?
  6. Today
  7. I don't know if this is the case, but from what I understand on the internet, you could try this guide.
  8. Hi, It's not a push notification, it's a page that opens in the default browser Push notifications are disabled in the Options of each browser, as indicated in the article. @+
  9. Hi @jasonsmith, If you could provide a screenshot, or even better an Apps Report we can help you with this issue. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. Send the Apps Report to create a ticket. Private Message (PM) me the email used and/or the ticket number assigned. Nathan
  10. Malwarebytes can remove the virus from your computer if you want, but your files will stay unreadable or unusable. Neither Malwarebytes or any other soft can give you back your files for now. Your only hope is that you ever had made an backup from it. If no, wait for another solution hopefully.
  11. Hi, We scanned our website, and it shows clean. Can you please remove our domain from your blacklist. Here's the detail report: https://scanner.pcrisk.com/detailed_report/moleq.com#details and from Virustotal: https://www.virustotal.com/gui/url/a139abfaeafb1d4017affb5eee7a073b88a1414ba8db922a7bf5735762437d45/detection Thank you!
  12. I see you made another topic with the same question again... Maybe you do not understand what happened to your PC. Surely your PC is or was infected with an virus, in this case RansomWare. Ransomware is a nasty piece of software that encrypts all documents, movies, database, music, photo and more on your hard-disk. Meaning that you can not open them or read them anymore. The crooks of this software want you to pay them something like 1000+ dollar, after that they will give you an program that decrypt your files on your hard-disk. Then you can read an open your files like before again, just like nothing happened. If you not want to pay, or not have this money available, then there is nothing you else you can do then WAIT. WAIT until they found MAYBE an decryptor that is free to use without paying money. They are trying there best, but it is very very hard work. So unfortunately for you there is at moment NO SOLUTION, how many topics you open again. You can only wait and hope they will find a solution like the older versions again. And even if you should choose to pay the crooks, you are not sure you get your files back. Juts keep an eye on the pages from bleepingcomputer we showed you. If there is an solution they will make it available and publish it there.
  13. Some one told me to post har that's y two post
  14. Thank you a lot for your help, maybe you know how to delete this two last threads but if not i think i have to reset my pc and dowload eveything again 😕
  15. i will do it when it starts again the Reset Of windows, because My friend helped me and showed me how to delete it , The AdwCleaner is still finding some 2 threats but when he is deleting them and i restartet after an hour he finds the same threads again.
  16. Thanks for the comments! For years, I've been in the "use MBAM with another anti-virus application" camp and for the first time, I'm going to try Malwarebytes as a replacement of a third-party anti-virus application. This will be installed on Windows 10 systems, so Windows Defender will still be running. I was mostly interested in feedback from Malwarebytes users who have actually replaced a third-party anti-virus application with Malwarebytes Premium. Your comments have been informative and I thank you for commenting!
  17. Welcome to our Business Forums Kal451, Renaming the PC will not change the name in the console as upon deployment, each endpoint gets a unique identifier that is not changed. As you are seeing, without completing the steps for sysprep, your endpoints will show up under the same Hostname. To get these endpoints to show up correctly, you will indeed want to follow the Sysprep instructions located within the document you linked, see below. Prepare an Image in Sysprep: https://support.malwarebytes.com/docs/DOC-1132 Warm Regards,
  18. Here you go, Ron. Let me know what you suggest next. Fixlog.txt
  19. Hello and Welcome @wenL If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply: NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-X.X.X.XXXX.exe to run the program You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Click the Advanced tab Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the file in your next reply.
  20. Great news! macOS 10.14.5 beta 3 solves the problem by properly "grandfathering" the Malwarebytes for Mac 3.7 kernel extension, so it can be used again. If you're using a beta of 10.14.5, please update that to beta 3. There is a new warning message that will be shown, however: This message indicates that these un-notarized versions of Malwarebytes for Mac will break on some future version of macOS (which version is not specified). Thus, please update Malwarebytes for Mac to version 3.8, which will be fully notarized, as soon as that becomes available.
  21. Hello. Could you, please, review hxxp://moleq.com and remove it from the blacklist, please? Thank you.
  22. Hi, Allow me to suggest adjusting each web browser. The Malwarebytes Blog has an article about "push ads" that take advantage of some mechanisms in modern-day web browsers. This is the link address https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/ If you have Windows 10, you want to make sure to do the section in there about EDGE browser. Then too, do each appropos section for each web browser, regardless of what operating system runs on the computer. Cheers,
  23. Fix result of Farbar Recovery Scan Tool (x64) Version: 23.04.2019 Ran by private (24-04-2019 23:09:32) Run:1 Running from C:\Users\private\Downloads Loaded Profiles: private (Available Profiles: private) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: EmptyTemp: CloseProcesses: HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {08D7A902-CA81-4D03-BFBB-E0A5DC60BE92} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate Task: {E20D52D0-6659-40D1-9197-08ACEF454720} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe Task: {F19B5128-EFC7-48CD-AD7C-7C7C3D36B155} - System32\Tasks\Microsoft\Windows\User Profile Service\MasterGuid => C:\Users\private\AppData\Roaming\\simpletools\\masterguid.exe HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10477_728_181027 SearchScopes: HKU\S-1-5-21-972725633-3369851496-79442316-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_728_181027&q={searchTerms} FF Extension: (Earth from space) - C:\Users\private\AppData\Roaming\Mozilla\Firefox\Profiles\sin8clk6.Dec2018-1545849910610\Extensions\{e3cdb989-8a0e-4fdf-aeed-02058fd00835}.xpi [2019-03-22] S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2018-08-02] () [File not signed] R1 M2E1ZDM0; C:\Windows\system32\drivers\M2E1ZDM0 [140008 2018-11-01] (technologiepillac.com -> ) R1 MTJhOG; C:\Windows\system32\drivers\MTJhOG [122520 2018-11-14] (technologievassy.com -> ) R1 NjE3ZWU2Yjg; C:\Windows\system32\drivers\NjE3ZWU2Yjg [121968 2019-02-04] (chavanactechnology.com -> ) R1 ODgzMjZkMmM5Z; C:\Windows\system32\drivers\ODgzMjZkMmM5Z [119920 2018-10-27] (technologiepillac.com -> ) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X] R3 X6va066; \??\C:\Windows\SysWOW64\Drivers\X6va066 [X] S1 YjUzMzU5MTEyM2Mx; system32\drivers\YjUzMzU5MTEyM2Mx.sys [X] HKLM\...\StartupApproved\Run32: => "DriverPack Notifier" ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File AlternateDataStreams: C:\Users\private\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\private\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] FirewallRules: [{B98B372F-B95B-4B0B-BBD0-B4D4B4860573}] => (Allow) C:\Windows\KMS-R@1n.exe () [File not signed] FirewallRules: [{5840B121-8319-4D56-8594-B06B169EDD75}] => (Allow) C:\Windows\KMS-R@1n.exe () [File not signed] C:\Windows\KMS-R@1n.exe C:\Windows\System32\Tasks\R@1n-KMS\ C:\Windows\system32\drivers\M2E1ZDM0 C:\Windows\system32\drivers\MTJhOG C:\Windows\system32\drivers\NjE3ZWU2Yjg C:\Windows\system32\drivers\ODgzMjZkMmM5Z C:\Program Files (x86)\DriverPack Notifier C:\Users\private\AppData\Roaming\\simpletools\\masterguid.exe Reboot: ***************** Restore point was successfully created. Processes closed successfully. "HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully "HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\1" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\2" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\3" => removed successfully HKLM\SOFTWARE\Policies\Mozilla => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08D7A902-CA81-4D03-BFBB-E0A5DC60BE92}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08D7A902-CA81-4D03-BFBB-E0A5DC60BE92}" => removed successfully C:\Windows\System32\Tasks\R@1n-KMS\Windows64Professional => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E20D52D0-6659-40D1-9197-08ACEF454720}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E20D52D0-6659-40D1-9197-08ACEF454720}" => removed successfully C:\Windows\System32\Tasks\DriverPack Notifier => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverPack Notifier" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F19B5128-EFC7-48CD-AD7C-7C7C3D36B155}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F19B5128-EFC7-48CD-AD7C-7C7C3D36B155}" => removed successfully C:\Windows\System32\Tasks\Microsoft\Windows\User Profile Service\MasterGuid => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\MasterGuid" => removed successfully HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKU\S-1-5-21-972725633-3369851496-79442316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => removed successfully HKLM\Software\Classes\CLSID\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => not found C:\Users\private\AppData\Roaming\Mozilla\Firefox\Profiles\sin8clk6.Dec2018-1545849910610\Extensions\{e3cdb989-8a0e-4fdf-aeed-02058fd00835}.xpi => moved successfully HKLM\System\CurrentControlSet\Services\KMS-R@1n => removed successfully KMS-R@1n => service removed successfully M2E1ZDM0 => Unable to stop service. HKLM\System\CurrentControlSet\Services\M2E1ZDM0 => removed successfully M2E1ZDM0 => service removed successfully MTJhOG => Unable to stop service. HKLM\System\CurrentControlSet\Services\MTJhOG => removed successfully MTJhOG => service removed successfully NjE3ZWU2Yjg => Unable to stop service. HKLM\System\CurrentControlSet\Services\NjE3ZWU2Yjg => removed successfully NjE3ZWU2Yjg => service removed successfully ODgzMjZkMmM5Z => Unable to stop service. HKLM\System\CurrentControlSet\Services\ODgzMjZkMmM5Z => removed successfully ODgzMjZkMmM5Z => service removed successfully HKLM\System\CurrentControlSet\Services\atillk64 => removed successfully atillk64 => service removed successfully HKLM\System\CurrentControlSet\Services\BAPIDRV => removed successfully BAPIDRV => service removed successfully HKLM\System\CurrentControlSet\Services\X6va066 => removed successfully X6va066 => service removed successfully HKLM\System\CurrentControlSet\Services\YjUzMzU5MTEyM2Mx => removed successfully YjUzMzU5MTEyM2Mx => service removed successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\DriverPack Notifier" => removed successfully "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DriverPack Notifier" => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found C:\Users\private\Application Data => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully "C:\Users\private\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B98B372F-B95B-4B0B-BBD0-B4D4B4860573}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5840B121-8319-4D56-8594-B06B169EDD75}" => removed successfully C:\Windows\KMS-R@1n.exe => moved successfully C:\Windows\System32\Tasks\R@1n-KMS => moved successfully C:\Windows\system32\drivers\M2E1ZDM0 => moved successfully C:\Windows\system32\drivers\MTJhOG => moved successfully C:\Windows\system32\drivers\NjE3ZWU2Yjg => moved successfully C:\Windows\system32\drivers\ODgzMjZkMmM5Z => moved successfully "C:\Program Files (x86)\DriverPack Notifier" => not found "C:\Users\private\AppData\Roaming\\simpletools\\masterguid.exe" => not found =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 128855428 B Java, Flash, Steam htmlcache => 405889215 B Windows/system/drivers => 222949 B Edge => 9498 B Chrome => 0 B Firefox => 2189021769 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 15062756 B private => 62213185 B RecycleBin => 4086 B EmptyTemp: => 2.6 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 23:15:59 ==== All fixed I guess? Many thanks for the help.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.