Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Here is the most recent website blocked log. These seem to have tapered off some since I installed the Malwarebytes Browser Extension. Website blocked.txt
  3. Here is from the scan from Malawarebytes (I also clicked on theFRST.exe link, but while downloading it a warning came up, so I didn't do that one yet): Scan from Mbytes.txt AdwCleaner[C00].txt AdwCleaner[S00].txt
  4. Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  5. Today
  6. Alright, I ran RogueKiller. Here is the report. ReportRogue.txt
  7. Greetings, I am glad that installing version 3.8.3 fixed the problem. Please let us know if you have any more issues and we will do our best to help you. Thanks
  8. O bug parou sozinho... agora esta normal
  9. Again, we need to know what version of MWB. There was an issue with the first build or two of the latest on selected Macs, but that has reportedly been solved with the most current.
  10. Sorry about that there in the topic title and in my message, thank you for the correction! Thank you for this information, I'll keep this all In mind!
  11. Hi there, We've seen it on pretty much every Macbook Pro Non-Touchbar 2017 model since the recent MWB update. Not seen it on any other MAC. Exclusively 10.14.5 and later, no earlier OS. No other MACs to date. Removing MWB resolves the issue. Thankings you! Barney Buoy®
  12. If you willy-nilly Browse the Internet you can possibly land on a malicious web site using an Exploit and cause malware to be downloaded with a possible execution. Your Profile indicates " Interests: Malware analyzing " so you should be well aware that all viruses are malware and not all malware are viruses and viruses play a very small fraction within the malware arena. The vast majority of malware are trojans and the chances of a malicious web site using an Exploit to cause download and possible execution will be for a trojan, and not a virus. Putting it back into perspective, if you are just using Google Images this will not be too likely. It is possible but not probable and because that possibility exists, is the reason we install anti malware software on our computers. Graphic files in themselves are not malicious per se. The web site hosting it can be and that's why you always have to be on your guard. Graphic files come in many formats such as GIF, PNG, JPEG, BMP, PCX and other formats. There have been graphic files that have been crafted in such a way as to exploit known vulnerabilities in the Graphics Rendering module of MS Windows. Left unpatched, that's one way a site using an Exploit can effect a malware download with a possible execution. Graphic files can also be used to hide malware "in plain site". The Graphic File can be manipulated in such a way as where a PE binary is appended to the graphic or mathematically added ( Example: XOR ) or by using steganography. In that state the modified graphic file is safe and will not "self execute" and it will require a secondary program or script to extract the PE binary which is the malware.
  13. I have attached the proof of concept. Note: Before it is mentioned, CheatEngine is often flagged by MalwareBytes as a PUP (Potentially Unwanted Program), but it is used completely unironically for me as I am a game developer (have to test my obfuscator/anti-cheat to see if it is working). Addition.txt FRST.txt
  14. mbst-grab-results.zipmbst-grab-results.zip ANEXO DE LOGS DO Malwarebytes Support Tool
  15. Hello! i was wondering, if I for example googled "cats" and clicked on a thumbnail of a image (just clicking on the thumbnail to view it, not clicking "view full image" or "go to website") and if the website was malicious, would it cause a virus? Or is that only if you actually go to the website? Thanks! -Casper
  16. CORREÇÃO.... estou usando agora a versão 3.8.3
  17. Since this didn't get a reply, i'll post my fix here instead. Updated with MalwareBytes Chameleon Version# & MalwareBytes Anti-Malware Home (Free) Warning: CloudNet is a HIGH-level danger to your system. It has no visible symptoms, and WILL reinstall itself to your memory if removed manually. Take notice immediately if you become infected. CloudNet is often used for Crypto mining on the attacked CPU. However, it is still a rootkit and it compromises your system to more backdoor Malware/Trojans. FOR THOSE INFECTED WITH THESE SYMPTOMS: Infected registry with keyword(s); CloudNet, DivineRivers, and csrss.exe, Unable to open ANY Anti-Virus software (Sophos is known to open, but it will not be your solution!) "Unable to connect the Service' pop-up. Random BSOD's (Blue Screen Of Death) Windows Defender constantly reporting threats, yet unable to Quarantine/Remove correctly. 1) Download MalwareBytes Chameleon, and unzip the folders onto your Desktop. 2) Click on the 'chameleon' Compiled HTML Help file located in mbam-chameleon-<VersionNumber>\Chameleon\Windows\... Example: chameleon.chm 3) Click on any of the blue 'Chameleon #' buttons on the left-hand side. This should open a console and your background will go black. Follow the set instructions. NOTE: If you receive a pop-up that asks you to update the software, ALWAYS press 'Later'. The program will update itself in the program automatically. 4) Wait for the Mbam-killer to finish killing known virus processes. 5) Navigate to Settings > Detection and Protection > Detection Options> Enable 'Scan for rootkits'. This must be done before you scan, otherwise you will have to restart. 6) Navigate to Scan > Select Threat Scan > Start Scan. Wait until the scan is complete. 7) Skim through all Threats, and Select All. Optional: Disable ones you POSITIVELY know are not Trojans/Malware. 😎Quarantine all Threats. Navigate to History > Select All > Delete Hint: This will not only quarantine them, but completely remove them from your system. (RECOMMENDED) 9) Wait for console/GUI to complete tasks/follow on-screen directions. 10) Restart NOTES It is recommended that you re-do steps 2-9 after reboot. If Mbam-killer doesn't detect any malicious processes, and MalwareBytes Anti-Malware software doesn't detect any threats, you're likely clean. Please install further Anti-Virus/Malware programs to wipe them from your system. HOWEVER: It is also recommended that you format your drive and start with a fresh copy of your OS after being the victim of a rootkit. Admins: Please feel free to edit my response/add to it if I have stated anything wrong. I hope I help the next victim of this nasty Trojan. A huge Thank-You to the MalwareBytes development team for combating these immoral Trojans.
  18. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  19. Do nada o meu Malwarebytes começou a dar um bug que ao clicar no sino de notificações o Malwarebytes para de funcionar, segue exemplo abaixo: Antes de clicar Depois de clicar Para o programa voltar a funcionar preciso ir em gerenciador de tarefas do Windows e finalizar o processo referente a essa janela que seria ''mbam.exe'' após fazer isso fica normal, eu já desinstalei, reinstalei, usava a versão 3.6.1 e era normal, foi ao atualizar o banco de dados q deu esse bug, então resolvi instalar a atual e mais recente versão 3.8.1, e para minha surpresa o bug continua
  20. Are you purposefully going to this site? Programdiag.com
  21. hxxp://alphacentauri2.info Or, if there are legitimate reasons to block it, please email me, the administrator, at myusername @ gmail.com
  22. Computer is Inspiron 570 Service Tag: CQPKDP1
  23. Here is the log below and some screenshots to go with it. Farbar Service Scanner Version: 27-01-2016 Ran by Herbert & Christal (administrator) on 21-08-2019 at 17:35:46 Running from "F:\" Microsoft Windows 10 Home (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. There is no connection to network. Attempt to access Google IP returned error. Google IP is unreachable Attempt to access Google.com returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\ipnathlp.dll => File is digitally signed C:\Windows\System32\iphlpsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  24. Here is the link: https://up2sha.re/file?f=R6ucz2eaDb87eKEWj8
  25. Yesterday
  1. Load more activity
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.