Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. There's no need to respond to an existing suggestion. Duplicates are just fine as we report them regularly to the team anyway, whether they be in the form of a new thread or a reply to an existing thread reinforcing a previous suggestion
  3. Yes, thankfully most sites don't prevent it these days and it's been a really long time since I've come across a site that did. In fact, the last time I can recall anything not allowing it, it was with Skype and Outlook (both Microsoft products; obviously they're not fans of this method). Pretty much everywhere else I've signed up at has allowed it, even banks and credit card company sites. Anyway, I'll be sure to pass your feedback on to the team. Hopefully they can convince IPS (the software provider that develops and maintains the software for the forums) to use an alternative implementation, but unfortunately I'm pretty sure it is up to them to decide. I think the only option we have at this point is to enable the CAPTCHA or not, and having it and dealing with its difficulties far outweighs the negatives of constant spambot floods we used to get before enabling it, so hopefully they will be able and willing to provide an alternative, especially since both CAPTCHA and reCAPTCHA have in fact already been defeated by AI (though reCAPTCHA was patched to be more resistant; it's still only a matter of time before the current implementation is cracked, I'm sure): https://www.abc.net.au/news/science/2017-10-27/captcha-cracking-artificial-intelligence-machine-learning/9080608 https://thenextweb.com/google/2017/10/26/google-recaptcha-ai-security-beat/
  4. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The Computer will restart when the fix is completed. It will create a log (Fixlog.txt) please post it to your reply. === Please post the Fixlog.txt and let me know what problem persists. fixlist.txt
  5. Thanks for the suggestion, exile. I should use your notebook suggestion. I have been discouraged from doing that because some sites prohibit pasting into the password block. However, some don't and I should form the habit of using the notebook idea that I have abandoned.
  6. As a recently joined new member and user, I would like to suggest that the software is somewhat user unfriendly to the computer user group at large. It has some quirks that are not obvious to the insiders who design it. For example, my first scan log had about 60 PUPs; most of which are Chrome extensions. Some were obviously put there by other users than myself. If I want to investigate these PUPs, it would be a nice feature to be able to copy and paste all or part of the log entry to search on line for information as to what the PUP is and why it is there. Right now as a FREE user, I cannot copy anything from the log to paste in a search block. Maybe the paid subscription service member can do this; but I am in the trial period of trying out the paid version and I cannot do a copy. Another assumption made by the people who wrote the User Guide is that when a user sees a message from Malware Bytes that says Website blocked due to malware the user is likely to think that this means that the web site URL most recently clicked on to attempt to access is the website that is being blocked. But most of the time it is a web site that has been re-directed by some unwanted marketing software residing somewhere on the user's computer. This error message should identify what web site is being blocked. This is my biggest problem with my computer these days of windows 10. Re-directs by marketing software hiding somewhere in a browser extension or elsewhere. I cannot find it and expunge it. Malware Bytes cannot find it; it might be is one of the 60 plus PUPs that the scanner detects; but how do I know which one it is?
  7. When to open a new suggestion to me is daunting. It looks like there are 80 plus pages of suggestions. To look at all 80 some pages and wait for them to load and remember what you have already looked at is intimidating. Most people won't bother. If you truly want to get the best feedback from the user group, you need to have an index of suggestion names that could be densely displayed on 1 or 2 pages.
  8. Why not just type out your password in notepad or something similar, then just copy/paste it into the password fields? That's what I do (I also user super complex/random passwords). Regarding the Captcha, I'm with you on that front. I HATE them and I hope they can come up with a better solution that is still capable of beating the bots (and in reality, with the advent of AI/Machine Learning/facial recognition etc. it won't be long before bots are fully capable of defeating them more efficiently than humans ever could anyway, assuming they aren't already there and the spammers just haven't gotten hold of the tech yet).
  9. Hi, Open your chrome settings Click the Password Right Arrow Below the View and manage saved passwords in your Google Account. Click the 3 vertical dots on the Right of Saved Passwords This will open the Save passwords function. Follow the instructions. ===
  10. I did not time it; but estimate for me to sign up is 5 minutes. Problem is two fold. The password comparator algorithm does not operate in real time and when you have inadvertently typed in non-matching passwords you are forced to go through Captcha another time. I use complex passwords and it took me 3 trips through captcha before winning. Yes, I could have taken more time and written my new password down and typed it in with 1 finger, 1 letter at a time and not made mistakes; but old habits die hard. Second problem is Captcha photos; some of them are such poor resolution in the distance that you cannot be sure of contents. Also some of them like storefronts have photos that are a matter of guessing if they are store fronts because there are no store names, doors or other solid clues that the photo is actually a store front. I think Captcha needs more quality assurance testing by 3rd party outsiders of their product. I have used captcha before and as always (on other websites) it is a frustrating experience. In the interest of appealing to a larger membership and not turn off prospective new members and potential paying subscribers, I suggest you try to make the sign up filter more user friendly by addressing the above difficulties. I have seen very creative, simple effective "Captcha" substitutes on other web sites. I am sure with a little effort your creative people could make a unique to malware; but more foolproof robot detector algorithm in lieu of using Capthca.
  11. Today
  12. Hi, I did find this but nothing about gwdkw [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'hnehyw' = 'rundll32.exe "<LS_APPDATA>\hnehyw.dll",hnehyw' https://vms.drweb-av.pl/virus/?i=17669524 gwdkw and hnehyw Run the Farbar program .exe as an Administrator. In the Search text area, copy and paste the following: gwdkw;hnehyw Once done, click on the Search Registry button and wait for FRST to finish the search On completion, a log will open in Notepad. Copy and paste its content in your next reply ==== I need to know exacly what we are dealing with. p.s. The reason for this error Cannot import C:/Users\kelly\Desktop\fixme.reg: Error accessing the registry is possibly due to the fact that you did not add this line to the fixme.reg file. Windows Registry Editor Version 5.00 as suggested. === Open the the Run key in the Current User and if any other random entries are found let me know what they are. HKCU>\Software\Microsoft\Windows\CurrentVersion\Run
  13. I recently tried to run a scan using Malwarebytes Anti-malware. Upon starting the scan, I received a BSOD regarding mbamswissarmy.sys and "PAGE FAULT IN NONPAGED AREA". SysnativeFileCollectionApp dump is attached <SysnativeFileCollectionApp.zip>. I am running Windows 10 64 bit (full retail version). Hardware is new, but OS installation would have been 4 years ago. CPU is AMD Ryzen 2300X, video card is Radeon RX 580, motherboard is Biostar, PSU is Antec 550W. SysnativeFileCollectionApp.zip
  14. Hi, --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. ======= Please run the Farbar program and post fresh FRST.txt and Addition.txt logs for my review.
  15. Hi, Can the cracked win10 cause this kind of warning? Warning or not you can be into trouble. The Updates may not be installed and this alone is problematic.
  16. Your browser is most likely infected. I will be moving this thread to the appropriate forum.
  17. Thanks, the block will be reviewed.
  18. What is Forest Guard?The Malwarebytes research team has determined that Forest Guard is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.More information can be found on our Malwarebytes Labs blog.How do I know if I am infected with Forest Guard?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see these warnings during install:You may see this entry in your list of installed programs:How did Forest Guard get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:How do I remove Forest Guard?Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of Forest Guard? No, Malwarebytes removes Forest Guard completely. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this system optimizer.As you can see below the full version of Malwarebytes would have protected you against the Forest Guard installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. Technical details for expertsYou may see these entries in FRST logs: (BDEsoft) [File not signed] C:\Users\{username}\Desktop\softsinn\SoftSinn\ForestGuard.exe C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftSinn.lnk C:\Users\{username}\Desktop\SoftSinn.lnk C:\Users\{username}\Desktop\softsinn Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs Adds the file SoftSinn.lnk"="5/27/2019 9:15 AM, 855 bytes, A In the existing folder C:\Users\{username}\Desktop Adds the file SoftSinn.lnk"="5/27/2019 9:15 AM, 807 bytes, A Adds the folder C:\Users\{username}\Desktop\softsinn\SoftSinn Adds the file ForestGuard.exe"="5/24/2019 1:11 PM, 379392 bytes, A Adds the file l.txt"="3/6/2019 10:34 AM, 3986 bytes, A Adds the file load2.exe"="5/15/2019 11:18 AM, 77312 bytes, A Adds the file logger.exe"="5/24/2019 1:09 PM, 238080 bytes, A Adds the file unins000.dat"="5/27/2019 9:15 AM, 2084 bytes, A Adds the file unins000.exe"="5/27/2019 9:14 AM, 730789 bytes, A Adds the folder C:\Users\{username}\Desktop\softsinn\SoftSinn\Data Adds the folder C:\Users\{username}\Desktop\softsinn\SoftSinn\Setting Adds the file setting.ini"="5/27/2019 9:16 AM, 162 bytes, A Adds the folder C:\Users\{username}\Desktop\softsinn\SoftSinn\Temp Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_CURRENT_USER\Software\BDEsoft] "{55861586-C050-4EE9-8280-DD6466A4EB71}"="REG_SZ", "MjAxOS0wNi0yNiAwOToxNjowMQ==" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{68F15829-5EB7-406D-98D6-20B4A2167CB9}_is1] "DisplayName"="REG_SZ", "SoftSinn version 3.6.0" "DisplayVersion"="REG_SZ", "3.6.0" "EstimatedSize"="REG_DWORD", 2231 "HelpLink"="REG_SZ", "http://www.SoftSinn.com/" "Inno Setup: App Path"="REG_SZ", "C:\Users\{username}\Desktop\softsinn\SoftSinn" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "(Default)" "Inno Setup: Language"="REG_SZ", "english" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon" "Inno Setup: Setup Version"="REG_SZ", "5.6.1 (a)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20190527" "InstallLocation"="REG_SZ", "C:\Users\{username}\Desktop\softsinn\SoftSinn\" "MajorVersion"="REG_DWORD", 3 "MinorVersion"="REG_DWORD", 6 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "SoftSinn" "QuietUninstallString"="REG_SZ", ""C:\Users\{username}\Desktop\softsinn\SoftSinn\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Users\{username}\Desktop\softsinn\SoftSinn\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.SoftSinn.com/" "URLUpdateInfo"="REG_SZ", "http://www.SoftSinn.com/" "VersionMajor"="REG_DWORD", 3 "VersionMinor"="REG_DWORD", 6 [HKEY_CURRENT_USER\Software\Softsinn\softsinn] "key"="REG_SZ", "softsinn2019" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/27/19 Scan Time: 9:23 AM Log File: 63f5acc0-8050-11e9-b6f0-00ffdcc6fdfc.json -Software Information- Version: Components Version: 1.0.586 Update Package Version: 1.0.10786 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 236344 Threats Detected: 10 Threats Quarantined: 10 Time Elapsed: 6 min, 18 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.Softsinn, C:\USERS\{username}\DESKTOP\SOFTSINN\SOFTSINN\FORESTGUARD.EXE, Quarantined, [3680], [687785],1.0.10786 Module: 1 PUP.Optional.Softsinn, C:\USERS\{username}\DESKTOP\SOFTSINN\SOFTSINN\FORESTGUARD.EXE, Quarantined, [3680], [687785],1.0.10786 Registry Key: 2 PUP.Optional.Softsinn, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{68F15829-5EB7-406D-98D6-20B4A2167CB9}_IS1, Quarantined, [3680], [677737],1.0.10786 PUP.Optional.Softsinn, HKCU\SOFTWARE\Softsinn, Quarantined, [3680], [677738],1.0.10786 Registry Value: 1 PUP.Optional.Softsinn, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{68F15829-5EB7-406D-98D6-20B4A2167CB9}_IS1|DISPLAYNAME, Quarantined, [3680], [677737],1.0.10786 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 5 PUP.Optional.Softsinn, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SOFTSINN.LNK, Quarantined, [3680], [681816],1.0.10786 PUP.Optional.Softsinn, C:\USERS\{username}\Desktop\SoftSinn.lnk, Quarantined, [3680], [687785],1.0.10786 PUP.Optional.Softsinn, C:\USERS\{username}\DESKTOP\SOFTSINN\SOFTSINN\FORESTGUARD.EXE, Quarantined, [3680], [687785],1.0.10786 PUP.Optional.Softsinn, C:\USERS\{username}\DESKTOP\INSTALL2.EXE, Quarantined, [3680], [687794],1.0.10786 Generic.Malware/Suspicious, C:\USERS\{username}\DESKTOP\SOFTSINN\SOFTSINN\LOGGER.EXE, Quarantined, [0], [392686],1.0.10786 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  19. Sorry its on a mac so that program wouldn't run
  20. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  21. Hi I have just downloaded and run malwarebytes to get rid of trovi and/or bing but it didn't detect either - have I done something wrong with the download or run?
  22. Hello there, I am very savvy when it comes to not getting caught out by phishing scams and any attempts to get me to provide sensitive information of bogus websites. That being said, somehow someone ordered two £100.00 Amazon Vouchers without my consent and not using my laptop this month. I know it is true because when I log into amazon.co.uk it shows as an order. I have contacted Amazon to inform them about it but it has left me wondering how this is even possible. I have two step authentication set up, so even if they knew my password from one of the many breaches which seem to happen all the time with websites being hacked, how did they get in? Even when I try to login, it usually asks me to verify using my phone. That makes me wonder if there is actually something on my system that I should be concerned about. I am using Bitdefender Total Security 2019 (fully up-to-date), which has detected nothing malicious during a thorough scan of everything (it took over 15 hours). I ran GMER 2.2.19882 and couldn't see anything obvious, could someone else please cast their eye over this? Needless to say, in the mean time I have changed my password. rootkit.log
  23. I didn't see this posted anywhere around here and happened to spot the unmistakable Malwarebytes logo while watching Ralph Breaks the Internet this evening and found a posting about it on Reddit: One of the Malwarebytes staff commented on the thread as well. Here is the (relatively) spoiler-free context of how it shows up, but I've placed parts in spoiler tags anyway just in case any of you haven't seen it and don't want any plot details spoiled: the 'Antivirus District' which is represented by a large building containing the logos of many well known AV/AM products, and featured front and center is the blue Malwarebytes logo plain as day Other products featured are Kaspersky, BitDefender, Sophos, Rising, Trend Micro, Avira, Avast, COMODO, ESET, AVG, Emsisoft, Safe Network, Symantec and (I believe) Windows Defender (the Windows 10 version, represented by the blue shield composed of 4 quadrants). Later in the film when actually approaching the building you can also see Webroot and the Malwarebytes logo again briefly. Anyway, the coolest part is obviously this:
  24. By the way, if you are going the route of removing Malwarebytes temporarily while they work out this issue you should be able to install the Malwarebytes Anti-Exploit standalone beta. It's free and provides the same excellent Exploit Protection provided in Malwarebytes 3 Premium. You can find out more and get the build in this topic.
  25. For what it's worth, the Developers have been working on this problem for a long time and they do project that it should be fixed in the next Malwarebytes release which I expect to be published within the next month or so (possibly sooner; it all depends on how long it takes them to put in all their changes and fixes and complete testing) so you shouldn't have to deal with this issue for much longer. In the meantime you can either just make do without Malwarebytes temporarily until then or avoid anything that installs any entries into the Winsock. I know those options aren't ideal, but hopefully you won't have to worry about it for much longer. An additional item I'd recommend to help keep you secure until then would be to install the Malwarebytes browser extension if you haven't already. It's very powerful and works with Chrome and other Chromium based browsers like SRWare Iron, Vivaldi and Microsoft's new Chromium based Edge browser as well as Mozilla Firefox. It blocks bad websites similar to how Web Protection in Malwarebytes 3 does but adds some additional features such as clickbait blocking, ad blocking, tracker blocking (for privacy on the web), and behavior based blocking for phishing sites, tech support scams and other common malicious types of websites (it uses databases/black lists similar to Web Protection in Malwarebytes 3 but also includes behavioral blocking for specific categories of harmful websites). The only downside is that it only shields your browser where it is installed as an add-on/extension, whereas the Web Protection in Malwarebytes 3 protects the entire system by hooking into the network stack of the operating system. It is also fully compatible with Malwarebytes so you can continue using it even after this issue is resolved and it will augment your protection: Chrome Firefox If you haven't already, I'd also suggesting using a good ad blocker like Adblock Plus or uBlock Origin, and if you're concerned about privacy you can use some good privacy plugins like Ghostery, Privacy Badger and Disconnect. Also be sure to enable Windows Defender or install some other AV in the meantime if you're going to run without Malwarebytes until this issue is fixed (you can also keep the AV after the issue is fixed if you want it as an added layer of protection as Malwarebytes works just fine in real-time with most AVs). Also, be sure to keep an eye on the top area/pinned topics in this area as that will be where they will announce the new Malwarebytes build when it is released.
  1. Load more activity
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.