Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Hello Maurice, I have the same problem and I have done steps mentioned by you. Here are my result files. Please Help me too. Thanks Addition.txt FRST.txt
  3. Problems with the website blocking can be addressed and usually fixed here on the forums. But it takes log gathering and patience communicating back and forth. It is probably other conflicting software or a possible infection that causes excessive web blocks.
  4. For any of these issues: Renewals Refunds (including double billing) Cancellations Update Billing Info Multiple Transactions Consumer Purchases Transaction Receipt Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help
  5. @LiquidTension Does turning on "Always Register" also disable Norton Security real-time protection? Thanks, Bill
  6. whoa thanks to this thread , i finally can remove this anomalies, apparently That SMADAV bertayed me, he was like a father to me....... but thanks for helping my problem too Thanks nasdaq very cool!
  7. My Cmore programming software got quarantined while in use as Malware.Ransom.Agent.Generic
  8. Hello, was this addressed? we don't appear to be having the issue any longer
  9. Today
  10. I have also tried with "Enable WMI" both on and off
  11. Hello @exile360 and @N33dful, thank you so much for taking the time to help! I tried these steps, as well as removing the firewall, and it did not work :/ Two points of change though: When pushing to non-windows 10 computer, there is no trouble at all (one is running windows 7 and the other is running windows 8). Also, after making the account on the windows computer a local account (instead of the default that is directly connected our microsoft account), the error message is "Access is Denied". I have confirmed that the account has administrator privileges. What else should I try, --Brandon
  12. Thanks for the report. We're investigating this further and will see if we can work directly with Kaspersky. Keep in mind that this can be skipped simply by removing the checkmark next to "Malwarebytes version 3.x". This will allow you to proceed with the Kaspersky installation whilst retaining your Malwarebytes installation. Afterwards, you can configure mutual exclusions in either product to reduce the likelihood of any conflicts occurring. For details on what exclusions to enter into Kaspersky, refer to the following article.
  13. Hi @shermank, A notification is still displayed when a scheduled scan completes. Were you at the computer when the scan was reported to have finished? Note the notification will self-dismiss itself, so if you were not at the computer you may have missed it. Also note that if the Malwarebytes user interface is in focus, the notification will not be displayed.
  14. Is there a way to create a custom website [BLOCKING] rule that will block certain websites so that they cannot be accessed. I know you have your default blocking that occurs based on the websites reputation, however what if we'd like to create a custom block. Thanks, tdoubleu
  15. I don't have time right now to do the experiments people are talking about, but I wanted to throw out a possible clue. I've just started getting this hitching this morning, and started wondering what might have changed to cause it. For what it's worth, yesterday I rebooted the computer after a 2-3 weeks, and it installed a Microsoft update. This morning, I opened Chrome (with about 25 tabs open) for the first time since the update. Chrome definitely seems to be a big problem here, although all those tabs were open before the update. Not sure if that helps.
  16. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === We need more information to give you sound advice. Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file: In the Reply section in the bottom of the topic Select Click the Choose a File. Navigate to the location of the File. Click the file. It will appear in section. Click the Saving button. Please post the logs for my review. Wait for further instructions ====
  17. That's correct. Using the "Always register" setting will ultimately result in Windows Defender being disabled. You can still utilise the periodic scanning feature in Windows Defender, but it will not provide any form of real-time protection.
  18. Hi, Can you please run the Farbar program and post only the FRST.TXT log for my review. also, please let me see this log. --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. =======
  19. Hi, Chada. My name is Maurice. I will be helping and guiding you, going forward on this case. I regret to read that your system is the victim of this encrypting ransomware. Typically most ransomwares delete themselves once they have done their dirty deed. My first questions to you are: When was the first day that you started seeing the ransom notes ? or noticed the encrypted files ? and prior to that, think back to the day before that, Did you perhaps open a attachment from some Email ? Did you go get some sort of app, game, or utility program of any kind ? If that is so, please provide me as much detail as possible. I can help you to check this system for any malware. I can help you on removing the ransom notes. If you have previously saved Backups of this system, that is the best way to restore your damaged files. There is no known decrypter utility for this new ransomware variant. It looks like it is a new variant of the so-called STOP ransomware. I can also provide you some tips to try to manually look for and try to recover your files that had been deleted ( if any) in the ransomware's encryption steps. At this point, do not delete the files marked with .KVAG extension on the filenames. Keep those in place. There may be in the future a decrypter for this. As of now, there is no known decrypter. I also would like to get from this machine some additional files associated to this ransomware. This system is a Windows 10. Lets start by insuring that Windows 10 shows all folders, all hidden files or folders. What follows is a first step to have Windows 10 show all files and folder. Do not let this spook you out. There is a how-to at Tenforums. Use either option one or two or three https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html [ 2 ] This pc does not have Malwarebytes for Windows. Lets get it installed and then do a scan with it. For download & setup see https://support.malwarebytes.com/docs/DOC-1141 Be sure you Save the setup file first. Then run that to begin the setup. [ 3 ] Let's do one special run with Malwarebytes for Windows. Start Malwarebytes. Click Settings. Click Protection tab Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON CLICK it to get it ON & also in Scan options. On the section "Potential Threat Protection" look down at the one "Potentially Unwanted Programs (PUPs)" look and make sure it is set to "Always detect PUPS ". and look down at the one "Potential Unwanted Modifications (PUM)" look and make sure it is set to "Always detect PUM ". and scroll all the way down to the section Automatic Quarantine On the line "Automatically quarantine detected malware" be sure it is ON Then once all set there, click on SCAN button Then insure Threat scan has a check mark. Then click Start scan. Review the results list. Then I would suggest you make sure all lines have a check mark To that end, if you click the very top left checkbox you can force all detected lines ( if any are detected) to be selected for removal. Be sure each line is checked. Then you can proceed to click on the blue button Quarantine selected. In Malwarebytes. Click the Reports button ( on the left ) Look for the "Scan Report" that has the most recent Date and time. When located, click the check box for it and click on View Report. Then click the Export button at the bottom left. Then select Text File (*.txt) Put in a name for that file and remember where the file is created. Then attach that file with your next reply Please stick with me here. There is more things to do after this. and as to some potential ways to try to recover your files, see my posting here https://forums.malwarebytes.com/topic/251629-all-the-files-in-hdd-extensions-changed-to-kvag/?do=findComment&comment=1335048 That is reply # 30 on that topic. For your benefit, and for that of other readers, if you do a generic web search for help on this, be aware that there are a number of lures out there that are hawking for pay solutions using dubious and ill-advised tools. Please just stick with me here. I will need to gather some additional info from this pc, as well as provide you more guidance. Sincerely, Maurice
  20. As I say though there does seem to be a bigger issue as the Windows settings will not show the available networks. It will show the one that your are connected to, which has to be in your known networks list, but clicking on 'Show available networks' results in no action whatsoever. I'll relocate later and see if it will pick up the network(s) there. I suspect that I'll have to do the 'forget' and 'add' trick again though.
  21. Hi @bdawg425, The steps @exile360 provided should assist you in getting the push install working, you would need to have the administrator account enabled and have the same password set on each machine. Please do let us know if you have any further trouble, we'll be happy to help!
  22. Hi adas, Hi alvarnell, thanks so much adas: that connections list a was super useful I found a rule in Little Snitch (from 2018) which was disallowing connections to: RTProtectiondaemon strange that it had not previously prevented updates! my "reports" tab looks good - it now states: updates: protection updated to 4.0.424 lovely, such great support from you guys neilB
  23. @grahamperrin a resolution should be available later this week.
  24. Sorry for the delay in responding. This should be fixed. Please let us know if you still encounter an issue. Thanks again for the report!
  1. Load more activity
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.