Jump to content

All Activity

This stream auto-updates

  1. Past hour
  2. ok same as before. Attached is RKLOG (again) - followed by FRST and addition. And also the Zemana output is: MD5 : Status : Scanned Object : software\microsoft\windows\currentversion\internet settings\connections Publisher : Size : 0 Detection : MaliciousSetting f Action : Delete Addition.txt FRST.txt rklog2.txt
  3. Did reply direct on Friday but as yet no response. Wondering if we were any further?
  4. Thanks for the information! Most of the things you mentioned I had already done: - The malwarebytes browser guard I installed a few days ago - the browser push notifications were off already - the scanning for rootkits etc in malwarebytes itself were on already I've reset my google sync and deleted my complete history as well as turned off the 'start where I left off" feature. After this, A planned quick scan from MWB ran and had 7 detections, scanlog is added in the attachment. After that, I ran another quick scan and nothing came up. At this moment I'm running a full
  5. Today
  6. Greetings, What issues, if any, are you having with the software? The log/text file you posted is blank. Please provide a description of any issues you are experiencing and we'll do our best to help, and if you are able to, please do the following assuming the Support Tool is able to run and complete properly on your system: Download and run the Malwarebytes Support ToolAccept the EULA and click Advanced tab on the left (not Start Repair)Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
  7. You would not encounter any blocks by using wildgoose.co.uk, only by using www.wildgoose.co.uk. The first one has been working all along. That was demonstrated in this thread last Friday. The second one was the problem. If you go to non-standard TLDs with Browser Guard enabled, you are liable to encounter blocks. Very few standard TLDs will be blocked without just cause. Yours is one of very few that has been, and I have been more persistent with our team than you have been with me. I want this fixed as well. The temporary fix I added appears to have been removed. I added it again.
  8. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes for Windows Help forum. If you are having technical issues with our Windows product, please do the following: Malwarebytes Support Tool - Advanced Options This feature is designed for the following reasons: For use when you are on the forums and need to provide logs for assistance For use when you don't need or want to create a ticket with Malwarebytes For use when you want to perform local troubleshooting on your own How to use the Advanced Options: Screenshots:
  9. ok so be clear - am I rebooting at the START of this cycle - and then doing the steps with the hijack "active" I ask only because I disable it every time unless you tell me otherwise
  10. Hiya Nick, Now, let's re-run RogueKiller and remove all the items it found. Right-click on the RogueKiller file and select Run as administrator to start the tool. Click Yes to accept the UAC security warning that may appear. Click Accept to agree with the EULA (End User License Agreement) and close the browser tab it will open. Now click the Scan blue button and under the Standard Scan (recommended) click on the Scan button. When the scan
  11. Thanks. I can't reproduce detection for this, so this might have been fixed already.
  12. Not this section. You must be looking at the Malware removal forum. Files need to be able to be downloadable there.
  13. Hello Deano253, The fix log from FRST is not complete, was the fix allowed to run to completion or did it crash etc... That is probably why a reboot did not happen.. Thank you, Kevin...
  14. My website is still being blocked and I am having to override to get to it I have noticed lots of sites I am going to where I am being blocked. What is going on. It is getting to the point where you software cannot be trusted to give reliable information. I am having to overide all the time! By the way I have cleared my cache.
  15. Bamz

    No IPv6 support

    Nikhils well you are right, it is the killswitch setting, I guess that means its known and will be fixed in next rollout. I'll keep using killswitch as its not important for me to have ipv6, I just wanted to find out why it recently started doing that.
  16. Dear Malwarebytes team, I ran a full system scan yesterday and it detected "mssign32.dll" (which is signed by Microsoft) as Trojan.Agent. The sha-256 value saved in the malwarebytes detection log is also the same as the sha-256 value of the currently signed "mssign32.dll". sha-256: 7EBE304755BA0CB56301F922E17A2AE0C21BEFAF0B9062143219E3CACAC53A39 This confused me a bit, so I ran manual scan on that file today and it didn't detect it anymore, which confused me even more. Has this (potential) false positive detection already been fixed? I've added the log. The other two P
  17. Hello, The block will be removed. Thank you and let us know if you need any additional help!
  18. Only authorized people and you can download any file in this section. I viewed them as I am authorized and then tagged the staff member to review them.
  19. Also the first chat here has 2 downloads on the attached (i did the additional 2). Who downloaded them?
  20. Hello @0dayadmin, There is one potentially malicious file on this domain. Here is the link to a file: https://0day.live/applications/core/interface/file/attachment.php?id=874 VT detection of that file: https://www.virustotal.com/gui/file/ba8ffffc21ac87d23fb65a2f1d497411d582f43d759cbe76463e2af37f1dda34/detection Would you be able to remove this file and to let us know when you do it so we can remove the block after that? Thank you!
  21. Can you delete this whole conversation with all of the attached files?
  1. Load more activity
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.