Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Can you please have a look at hxxps://www.conwinonline.com/. I am getting a trojan popup. I have checked the site and cannot find anything. IP is Also uses domain is hxxps://www.conwinonline.com/ Log file is attached. Screenshot attached. Thank youlog.txt
  3. Hi @nikhils, I'm very happy to hear that, thanks for letting me know! Cheers
  4. Hi, I attached the sfcdetails log. I ran it two times: in the first one it did some repairs. Thanks. sfcdetails.txt
  5. Today
  6. Greetings, The next time the block occurs, right-click on the Malwarebytes tray icon located in the notification area near your system clock and you should see an option there to exclude the most recently blocked site. If that does not correct the issue then you may try excluding the application from the Web Protection component in Malwarebytes by following the instructions under the Exclude an Application that Connects to the Internet section of this support article and selecting the main executable for your messenger application and none of its connections to any sites will be blocked. Please let us know if that does not resolve the issue and if there is anything else we might assist you with. Thanks
  7. Yesterday
  8. Hi again. I have one additional task for you, after you have completed the other stuff I sent in my preceding reply. This one is a custom cleanup task, customized from data collected / reported in Malwarebytes log. This is a text file that I am attaching here named DEL-DO.txt. I need for you to SAVE it to your DOWNLOADS folder or else, to the DESKTOP. RIGHT-click on DEL-DO.txt that you see and do a SAVE AS from the menu-list displayed. Guide it to be saved to the DOWNLOADS folder. Our goal is to get that file onto your system saved AS-IS After it is saved to your system, go to that folder using your Windows Explorer. Then with your mouse pointer, do a RIGHT-click with mouse and pick RENAME then rename it to DEL-DO.reg Once that is done, use your mouse pointer on that file and select MERGE We want that to proceed and get it merged into the registry so that it deletes 2 values. You want to reply YES to let it run. You want to reply YES to allow it to merge. Keep me advised about all this. If you have questions, let me know. Have patience. Have faith. DEL-DO.txt
  9. Been running the beta for several weeks, now on 4.0.2. No issues.
  10. Hi, My name is Maurice. I will be helping and guiding you, going forward on this case. The Microsoft Windows Defender has its own specific set of criteria, different design, from that of Malwarebytes for Windows. It is not unusual for Windows Defender to flag things that are not tagged by Malwarebytes. Please follow my directions as we go along. Please do not do any changes on your own without first checking with me. If you will be away for more than 3 consecutive days, do try to let me know ahead of time, as much as possible. Please only just attach all report files, etc that I ask for as we go along. We need to get information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support- to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. Thank you.
  11. Hi guys, thanks for all your help! It turns out it isn't actually there! Thanks!
  12. At this time, do NOT uninstall the Chrome browser. If you cannot really start Chrome, skip down to the next suggestion to do the SCAN with Malwarebytes ! This machine has a kovter pest infection. It is paramount that you run the scan with Malwarebytes just exactly as I listed before. That is the prime immediate goal. We likely will have to do additional scans after that. . The Chrome browser can be started in its "safe" mode. You can force Chrome to start in reduced mode, called Incognito mode, by putting a parameter at startup. First, close any prior instances of Chrome via Task Manager. Then press Windows-key+R for the RUN option and then put a command line similar to this {do use COPY & PASTE} chrome.exe -incognito Starting Chrome in Incognito mode may work for you, and allow you to make "changes" or tweaks in it. Note also, Incognito mode is also an option in the Chrome menu {as long as it can start}. . To recap again, the Malwarebytes scan is the most pressing thing that needs to be completed. That should only take something like less that 20 minutes. Lets get that done & then have you attach a copy of that scan log. I appreciate you advising that this machine is at work. I'd appreciate your making addressing these issues as a top priority. Also, for your attention, when I list a set of steps, my intent is to do all of the steps. To keep going down the list and do each thing. Unless I mention explicitly mention otherwise. I also need for you to run this next report, after you finish the Malwarebytes scan. I would like to have you run a report tool known as FRST. This has no personal information. It is a well-known & widely used &safe. FRST will help provide me with a list of installed programs and other information about your computer that will help me see if there are any other problems that are not being detected. Please follow the steps below to run FRST. 1: Please download FRST64 report tool from the link below and save it to your desktop: "Download link for 64-Bit Version Windows" Please wait and look toward the top or bottom of your browser for the option to Run or Save. Click Save to save the file and save it to the DOWNLOADS folder. After it is saved, open Windows Explorer and go to the Downloads folder. You should see FRST64 there. Run report with FRST64 Right-click on FRST icon and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run. Click YES when prompted by Windows U A C prompt to allow it to run. Note: If you are prompted by Windows SmartScreen, click More info & followup & choose Run anyway. Approve the Windows UAC prompt on Windows Vista and newer operating systems by clicking on Continue or Yes. Click Yes when the* disclaimer* appears in FRST. The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use. Make sure that Addition options is *checked* - the configuration should look exactly like on the screen below (do not mark additional things unless asked). Press Scan button and wait. The tool will produce 2 logfiles on your desktop: FRST.txt , Addition.txt Click OK button when it shows up. Close the Notepad windows when they show on screen. The tool saves the files. Please attach these 2 files to your next reply. Thank you. Regards.
  13. Hello nukecad. I already press Unsubscribe on website but don.t work.The redirect come from bit.ly link examples: https://scontent-dus1-1.xx.fbcdn.net/v/t1.15752-9/s2048x2048/72565218_1014711225539737_5483165424298229760_n.jpg?_nc_cat=110&_nc_oc=AQkcNGoi1yssf9eRETh9u_gaFE7eXFnlDItMTLSGNhL_vkZJYXlwl2bbOusaP5IMg7FuHX_bRwZk1Iy50GjT1uXN&_nc_ht=scontent-dus1-1.xx&oh=fa89548ed338c17284751a94dbbb6403&oe=5E30EF6A ideapuls.com and techofires.com This are just 2 website what redirect.
  14. The redirects are probably on the server of whatever site it is that you are trying to reach and getting redirected from. They are not emanating from your phone so whatever you scan with won't find any malware on your phone. All you can do is contact the owner of the site that you are trying to reach and making them aware of the problem so that they can fix it at their end. I had similar recently and found a 'contact us' for the site involved. Once I reported the problem they fixed it within an hour.
  15. I'm trying to install MWB 3.9.32 on Mac OS Catalina. I've gone into System Preferences > Security & Privacy > Privacy > Full Disk Access and checked the box for Malwarebytes Protection. But MWB still thinks it doesn't have disk access. It says "You're not fully protected. We recommend enabling real-time protection." When I click through "Turn on protection" it tells me to open the privacy settings and click "Allow" - I don't know what it's trying to tell me, there's no "Allow" button, I'm guessing these instructions haven't been changed from an earlier version of Mac OS. From reading the posts here, it sounds like allowing full disk access is what it wants, but I've done that and it still tells me it can't run. I've tried the advice in the sticky thread to reinstall MSB, and tried rebooting, but nothing helps.
  16. Aww man, i got a trojan. Trojan:Win32/Azden.A!cl Windows defender says it is severe, and it says it may not be fully removed, even though ive deleted the file. I've tried a malwarebytes scan, but it says im all protected. I want to be 100% sure i dont have it. its in C:/Users/(my name)/downloads and then after that, the infected files are there, windows defender says, even though ive already deleted it and it doesn't appear.
  17. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  18. Hello people, Since the new update release of Messenger for Desktop, Malwarebytes has decided it's a PUP thingy and refuses to let it update. I am unable to 'approve' it as it only appears in the 'Reports' section. Can anybody please advise how to get Malwarebytes to accept it? Many thanks, Bea
  19. Phuc


    A total of more than 50 million harmful things in the world in the past 1 month. I am confident that I am always safe because I have been protected by Malwarebytes. 😎
  20. If you still have the latest SFC.exe log please attach it for my review.
  21. Thanks for the additional help. I am unable to open Chrome on this machine because Malwarebytes blocks the exploit which prevents chrome from opening (the exploit attempts to redirect the action to open Chromium which isn't installed). If I uninstall Chrome and reinstall it, I may be able to open it before I reboot. Should I reinstall Chrome, and then follow the steps listed? I won't be able to do the additional scan or the rest until tomorrow as the computer is at work
  22. Hi, I executed the Dism commands and then sfc was able to do some repairs. But unfortunately the problem persists. Windows Defender remains disabled.
  23. Oh, I forgot. I'm using version with component package 1.0.690
  24. At the top of the MB 3 forum, it said to try the MB 4 beta. Well, I did and found the following: Easily installed over MB 3.8.3. Kept all my setting and scan schedules intact including all my account data. In the last 2 days, it has run 2 scheduled quick scans and 1 weekly Threat scan quickly and worked fine. I've used it with Chrome and Edge (dev) with no problems. No false positives. (No positives but I guess I didn't visit any bad sites since install.) So, all in all, I'm pretty happy with its performance and with how things are now displayed. Of course the interface is very different but like with anything else that's new, I'm sure in a few weeks it will be usable without even thinking about it. Only time will tell if what's under the hood is working better and at this time I can only assume its doing fine.
  25. I ran my 6 October Sunday Scan and the problem didn't not occur, but this morning 13 October Scan it did Source Malwarebytes Tray Application Summary Stopped working Date ‎10/‎13/‎2019 8:32 AM Status Report sent Description Faulting Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Problem signature Problem Event Name: APPCRASH Application Name: mbamtray.exe Application Version: Application Timestamp: 5d5c13ae Fault Module Name: Qt5Core.dll Fault Module Version: Fault Module Timestamp: 5cba0161 Exception Code: c0000005 Exception Offset: 0018dc19 OS Version: 10.0.18362. Locale ID: 1033 Additional Information 1: 8c53 Additional Information 2: 8c536d1d6464d0857923512dd1020fab Additional Information 3: 6c92 Additional Information 4: 6c9234d51fddc0138193a9a19c57fdd7 Extra information about the problem Bucket ID: edd4c9e717c7aefde3f1cad3fa6c7fe7 (1437152767896223719) I have gathered a fresh set of logs and have included the Crash Dump File mbst-grab-results.zip mbamtray.exe.6188.zip
  26. Definiterlly is a false positive Right now, only 4 engines detect it
  1. Load more activity
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.