Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Hi Thank you for providing the Support tool report. Please try uninstalling and reinstalling Malwarebytes for Windows using our Support tool. Let me know if that clears up the issue or not. Uninstall and reinstall using the Malwarebytes Support Tool https://support.malwarebytes.com/docs/DOC-2674 Let me know the situation after this is done. I noticed this pc also has Avira Antivirus. I may suggest some exclusions, later, ( if there is still an issue on anti-ransomware) on Avira so that it treats Malwarebytes Premium as a trusted application.
  3. I'm extremely new to the forum, I apologize if any of this seems all over the place. Recently I got hacked on an online game I play, and naturally I was concerned about my computer's security being at risk. Not wanting to have it happen again, I purchased Malwarebytes premium and after a scan, nothing came up. Feeling happy, I went to bed. Today, I saw that two days ago there was an exploit blocked, as shown here: https://gyazo.com/01f741020b377f808e7db3f07653a021 and https://gyazo.com/64bd715cffb0b5a47f52b52f51f241d6 After a minute or two of searching and finding where exactly the exploit came from, I saw that it was located in my %APPDATA% folder, and I was deeply disturbed to see a folder called 'htb' that was recently modified. After a quick look-through of the pictures, text documents, and .jar files within, I was and still am DEEPLY disturbed to see random screengrabs of my desktop and monitors, many .txt files containing each and every password/username combo I have ever used, as well as a very in-depth keylogger on any apps/games/sites that I had visited. I quickly deleted all of the files that were there, ran another scan (which wouldn't really do much as the first exploit wasn't detected in the first place) and I have been going through my computer's files to see if there is anything else like it located on my computer; so far, no results. My question I suppose is, what i s the next step, or any further steps I can take to ensure I am protected completely? Thank you in advance.
  4. Thanks for the support report file. Lets do a special custom fix. I am sending a custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair. Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) in the Downloads folder The tool named FRSTENGLISH is already on the Downloads folder. Start the Windows Explorer and then, open the Downloads folder. Double click FRSTENGLISH to run the tool. If the tool warns you the version is outdated, please download and run the updated version. Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. Some machines take longer than others. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the Fixlog.txt Let me know about how things go after this. We will likely do more on the next pass. Cheers, fixlist.txt
  5. The deluge of error reports has ended, so presumably the problem is solved. Fixlog.txt
  6. ..noooope. I followed the list (what did I delete with the windows R command by the way?) After I rebooted and loaded Chrome, i got a popup that MWBs is blocking techsuperb.biz. Is it ok to leave sync turned off? what if we do solve it, but then I turn sync back on and a Chrome instance on another pc is redirecting me, will this version be infected again?
  7. Yesterday
  8. Over an hour ago, I decided to upgrade from "free" to pay and I have been living on one of those online nightmares ever since. As the image on the right of the screenshot shows, I was directed to "one last step" and instructed to allow malwarebytes in privacy settings. However, as shown in the image at left, the request to allow Malwarebytes never appeared in my settings. I took a look at all the boxes. It just wasn't there. Many bizarre things happened after that and I had to do forced shutdowns and unplug my computer for 30 seconds before it would come back on. Finally, I got to the support page and filled out all the info for the ticket, but when I clicked the first picture reCaptcha, all the pictures disappeared. This happened several times. Each time, I had to refill all the information. I did a couple of restarts. reCaptcha still shut me out. I tried chat. No one ever came on to help/ Forturnately, the reCaptcha to this forum worked. I hope someone here can help. Right now, it feels to me like Malwarebytes itself might be acting like a virus. Thank you
  9. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  10. Out of the blue today, MBAM is quarantining XYplorer file manager, claiming it has Trojan.Maplpack.VB.generic. It's doing it on version 20.10 and the new version today 20.20. It was fine early this morning and yesterday and the day before, but now it's rendered the program unusable without excluding it. This is screwing up me and a lot of other people. What's the deal - is it really infected or is it a false positive?
  11. Thanks for the info. Attached the file. mbst-grab-results.zip
  12. Hey there, so I am really hoping I can get this false positive removed by the team here as my group who run the site are not offering any malicious content and I assume this is just a preemptive measure to provide safety to the users of this extension by blanketing less well known Cryptocurrency related sites because of the previous spike in crypto related malware. The site i am referring to that i help run is https://ccmf.online/ If i can get this resolved ASAP that would be greatly appreciated, i have always been a strong supporter of Malwarebytes software and worry if i am seeing this then how much of my userbase is also seeing this, discrediting us without just cause.
  13. Per your request, just a reminder to check my logs. I hope you can figure this out. Thanks again. Ed
  14. I regret to hear that you had to do a Windows System Restore. I am not real sure what you mean by " wait for another solution from Frst for example ". Lets get a fresh report. We need to get information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-1.4.0.615.exe to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. Thank you.
  15. Thanks for posting. If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply: NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-X.X.X.XXXX.exe to run the program You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:
  16. Hi, My name is Maurice. I will be helping and guiding you, going forward. We need to get additional information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-1.4.0.615.exe to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. The Brave browser is encountering website block notices. For Your Information: The website Block message indicates that a potential risk was blocked by the malicious website protection. The Malwarebytes web protection, by default, will always show each IP block occurrence. The Malwarebytes Webs protection feature will advise customers when a known or suspected malicious IP is attempted to be reached (outgoing) or is trying access your PC. See our info page https://www.malwarebytes.com/lp/ip-blocking/?ipblock=true Incoming block notice can be ignored, our software is blocking the threat and there is nothing more that can be done. On Outbound blocks, any attempted connection was stopped. No action is required unless you’re also experiencing malware symptoms or there are multiple (different) IPs (ex;123.23.34 and 4.44.56). Thank you.
  17. Please remove these entries from the hosts file. Here is how. https://www.thewindowsclub.com/how-to-set-the-windows-7-hosts-file-back-to-default
  18. Thanks for you answer Maurice but as i wrote earlier if i choose to quarantine and remove the files via Mbam after restarting i see a black screen and cmd window and i am unable to use my PC so i have to restore windows to a previous working point that is infected though. So by restoring windows i restore the Bitcoinminer somehow. I chose not to do any action this time just to post a fresh report and wait for another solution from Frst for example.
  19. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Thanks Ron
  20. Thanks, I never like to take "remove from quarantine" action even if I think it's a false positive, though will do so now.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.