Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. You're quite welcome @Mike43 I'll go ahead and leave you with some further information to help keep your computer clean going forward. Let's get real. If you're not backing up your data and you're still using Google Chrome then you're just not serious about Privacy, Safety, and protecting your data. Malwarebytes is a fantastic program but you still need to back up your data and you still need to block scripts and Ads in your browser. If you're still using Google Chrome I would highly suggest you consider using Firefox instead. For more advanced users you might consider installing NoScript as well (it does have a higher learning curve though) Help Secure your browsers Please install uBlock Origin for your browsers to better protect your system FireFox, Chrome, Opera , Safari, Microsoft Edge AdBlock for Internet Explorer How to use uBlock Origin to protect your online privacy and security | uBlock Origin tutorial 2018 This video tutorial above explains how to use uBlock Origin in advanced user mode and all the advanced settings to protect your online privacy and help prevent unwanted sites from changing your browser settings Browser push notifications: a feature asking to be abused HTTPS Everywhere NOTHING TO HIDE documentary Review your email and Office choices Quit Gmail for free encrypted email - Tutanota Why ProtonMail Is More Secure Than Gmail LibreOffice - Free and open source office suite Use Password Management software Bitwarden KeePass Password Safe Encrypted Instant Messenger and Voice Calls Riot Signal Wickr Me Follow-up Reading Everything you need to know about cybercrime 10 easy ways to prevent malware infection Keep your data backed up Thank you for choosing Malwarebytes as your preferred security protection software and tell your friends and family too. We're here to help. I'll go ahead and close your topic soon, but if you do find you need further assistance please let us know and we can reopen your topic, or you can create a new one. Have a great weekend Ron
  3. Understood, Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help Ron
  4. WOW, that is what we call a fast response. First I want to thank you for the fast, precise, and easy to comprehend explication. 1 more thumbs up for MalwareByte. I have followed your suggestion and removed the extension, did a new scan with malwarebyte and everything seem to be alright Again thank you for your help
  5. Today
  6. @jdemoccc There is a one-click MBES -> MBEP migration tool coming soon but it is not yet ready.
  7. After running FRST the results are unchanged -- can't start mbam.exe with normal Windows boot but mbam.exe runs and scans OK if boot to safe mode + networking. With normal Windows boot I tried disabling all protections in my ESET security but no change. Below is the info from Fixlog.txt. ================================================================================================= Fix result of Farbar Recovery Scan Tool (x64) Version: 19-06-2019 Ran by dculp (20-06-2019 14:30:52) Run:3 Running from C:\FRST_Farbar Loaded Profiles: dculp (Available Profiles: dculp) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: EmptyTemp: CloseProcesses: HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2012-11-30] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2871808 2012-11-30] (Microsoft Windows -> Microsoft Corporation) SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=CKMB&bmod=CKMB" CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program files\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1F2776C4-9468-D082-92E6-56EE85889A47} => No File CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1FBB964C-9468-D082-1A06-CAEE85889A47} => No File CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {504A8032-9468-D082-6410-3BA185889A47} => No File CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {504A996F-9468-D082-3909-3BA185889A47} => No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Aided Resonator Design (CARD).lnk -> F:\Temp2\CARD-14.31\CARD.BAT (No File) ***************** Restore point was successfully created. Processes closed successfully. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value restored successfully HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => not found HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found "Chrome StartupUrls" => not found HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B} => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B} => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850} => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850} => not found HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => not found HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Aided Resonator Design (CARD).lnk" => not found =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7772488 B Java, Flash, Steam htmlcache => 1088 B Windows/system/drivers => 12690 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 2494 B dculp => 145481436 B RecycleBin => 0 B EmptyTemp: => 154.2 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:33:21 ====
  8. I quite well agree that direct contact would be optimal, and would help avoid any problems in relaying information, and who knows, maybe talking to one of your people would get him off that dang McAffee and also on to MWB... I fear that trying to convince him to make a general post is not going to be met with much success. May i ask by what means i could have him contact your help-desk? Every time i have done so (and there have been more than several) it has been through a link within MWB-
  9. It restarted, should I open its file location and run it again?
  10. @sfrush way too soon to even guess. It ( 3.8.1.2950 ) [ or its successor ] has to be in a test period & then without any show stoppers outstanding. At least 7 to 10 days from now. If it is released, there will be an annoucenment at the very top of this sub-forum. Also, if your pc is running the Beta, it will automatically get notice of the release & the update.
  11. Okay, please see if Malwarebytes will run now and run the following 3 steps again. Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  12. I see the Windows update assistant in my task manager far below and when I press check for update it shows I am up to date, would it be safe to assume it stopped and to restart?
  13. Hello @brucemc777 It really is best if your friend comes to the forum and signs up and starts his own new topic so that one of our Experts can provide direct one-on-one assistance. Going through a middle 3rd party will make fixing the computer nearly impossible. They can also contact our Helpdesk for support if wanted. Thanks Ron
  14. Sorry, stupid question. How do I know if I'm using Remote Desktop? The only computer-to-computer communication I do is between my desktop and my laptop and that is primarily (99%) through my own wireless network at the house. But a ton of my work and my software are in the cloud. Does it sound like I can disable RDP and block the 3389 port? Thank you both for the information.
  15. IMHO we should not have to contact Malwarebytes for this, it should be available in the my account portal where one manages their subscriptions.
  16. You should be able to restart the computer as long as no actual update is running. You can click Start, and type in Check for updates and see.
  17. I downloaded the update assistant and accidentally downsized it instead of pressing the downsize button on screen and don't see it anywhere on my screen or in my task bar, I'm not sure if it's still running but should I leave it be or open its file again if it stopped?
  18. coming soon to a computer near you... once its done being tested in the beta process, should not be too long.
  19. Anyone know when the official version for 3.8 will be released?
  20. I had this issue some time back where I had the license key + ID. In the end Support sent me a new lifetime key but one of the newer ones. So keep on them to get that as it is easier.
  21. I've got a friend... No, really! Anyway, he has a PC and for some reason uses McAffee AV. When trying to upgrade the McAffee he somehow became prey to one of those pop-up call support scams. He called and allowed the person access. After a while he figured out something was amiss and rattled off some impolite words to the scammer. Yeah, brilliant, while the computer is still connected to a remote operator... He now can not connect to the internet. When he called McAffee support, they said they could not do anything without an internet connection (translation: we are a boiler-room pretend support site and WILL not help you without an internet connection because we have no clue what to do otherwise.) He and i are about a thousand miles apart, so i was trying to walk him through some pretty basic trouble shooting in the dark. The OS is Windows 10. Tried first connecting to his modem. He is with Comcast so i had him open a browser and point it to 10.0.0.1 but got an error message saying it could not connect, and i think, no connection was present. He is able to connect to the internet with another computer, a bit of a dinosaur, through the same switch, but he is way to obstinate to try to get him to go to a support website and post - matter of fact, his best contemplated solution is to buy a new computer. Next we tried the Windows network connections troubleshooter, but it was not able to run due to an error. Then i had him open services.msc and put bits on automatic and start it, Cryptographic Services on auto and start and Windows Update on auto and run, then we opened up an admin cmd window and tried ipconfig /flushdns but this failed. I had him restart the computer and tried to flush the dns cache again, but that once again failed. So that is what we have tried, right or wrong. Would someone who actually knows what they are doing (in other words, not me...) give me some step by step guidance here so i can try to walk him through on the phone? Thank-you very much!
  22. Based on my research, it appears this particular botnet is primarily focused on attacking RDP (Remote Desktop Protocol) servers, not endpoints so if you are running a non-Server build of Windows you should be safe. That said, you should of course keep your anti-malware, antivirus and operating system up to date to guard against threats in general, and if you don't use Remote Desktop, I'd also suggest disabling it so that it cannot be used as a potential point of attack for any threats (I always disable it on all of my systems for this reason as I never use it so it just represents a potential backdoor into my system should a hacker or infection attempt to exploit it). Instructions on disabling it can be found here and you can take it a step further by blocking port 3389 in the Windows Firewall as that is the default port used by Remote Desktop and you may also want to disable the service used by Remote Desktop if you aren't going to use it. You'll find instructions on how to do that here.
  23. FYI Sophie has posted on another thread Sophie707 indicated she does have a Support ticket and that she would stick with that. Cheers.
  24. Ok. Please reference; Microsoft Operating Systems BlueKeep Vulnerability To mitigate the possibility of the RDP vulnerability being exploited, make sure all you systems, referenced by OS in the above, are patched.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.