Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation since 07/27/2021 in Posts

  1. Yup, we detect XCSSET, though we call it OSX.DubRobber. Some commentary on the Kim Komando article: There are a number of factual inaccuracies... examples: There was no "jump" from macOS to other apps This was NOT the first upgrade to XCSSET This did not give it any better ability to run on M1, as the malware is mostly written in AppleScript The article recommends a program that we detect as a potentially unwanted program Kim Komando has absolutely no credibility in the security space at a very minimum. (I'd extend that to say she has absolutely no credibility, but ...)
    2 points
  2. "Users are now allowed to suppress Scan Notifications when no threats are found" Thank you! In my opinion, this is a "big" thing 🙂 great to see it happen! It makes Malwarebytes just a bit more convenient to use. Thanks don´t forget to translate it in to german... some more german translation missing... Beside the translation - everything works fine with the new beta 🙂
    2 points
  3. 2 points
  4. Re my Windows 7 Ultimate SP1 update situation, I can definitely confirm that installing only KB4474419 was enough for Malwarebytes to update itself to 4.4.4.126, 1.0.43778 Update package , 1.0.1404 Component Package. Previously, I was all set to install every update noted in Advanced Setup's post. From his list, the only update I already had was 3140245. I was missing 3020369 (tho I have 3020370), as well as 3125574 and 4490628. The list also shows 4516655 and 4516065, following 4474419. I haven't bothered with those two, but maybe they might be required for some future Malwarebytes update? Re the update process itself, it's a while since I've been in the thick of PC work, and have somewhat lost the plot (81 y.o) but I managed to run the msu for KB4474419 that you'd linked and it was only necessary to get offline, then re-liven Windows Updates (which has been off for 2-3 years) after which Windows found the msu without me pointing to it, and installed it. After rebooting I got back online and Malwarebytes updated itself. Quite painless! Thanks Imacri, Porthos and Advanced Setup 🖖. Live long and prosper!
    2 points
  5. Just wanted to give all a head's up that as of right now MBAM is performing great on Windows 11 in the Dev Channel.
    2 points
  6. In its five years of existence, No More Ransom has helped prevent almost a billion euros from ending up in criminals’ pockets https://www.europol.europa.eu/newsroom/news/unhacked-121-tools-against-ransomware-single-website
    2 points
  7. Malwarebytes community, We want to let you know once more we recently released a new version of your product, 4.4.4.126 component package 1.0.1404 As always, if you don't want to wait for the 'Update Available' notification, go right ahead and retrieve the update manually by clicking "Check for updates" in Settings > General. What’s New in this 4.4.4: Brute Force Protection (for RDP) Added Naming for Teams UI branding in the Check for Updates Dialog Uninstall Protection Users are now allowed to suppress Scan Notifications when no threats are found Enhanced detection and remediation Improved performance Some Issues now addressed: Fixed: Fix problem with showing the reboot dialog when CU stuck in some situations. Fixed: Web exclusions get cleared when turning off Web Protection Fixed: Italian language 'Scan time' formatting issue in UI Fixed: Checking for updates doesn't inform user of network error when unable to reach license server Fixed: Permanent exclusion can be added as "IP address" or "Website" exclusion when navigating to blocked IP Fixed: Browser Guard - MB4 interaction doesn't work after MB4 restart (need to restart Chrome also) Fixed: Reopening of Chrome leads to high memory consumption of Native Messaging Host App Fixed: Allow List: Add an item window and Allow a file/website/app/previously detected exploit window are not aligned when German language selected Fixed: Spelling issue Swedish Fixed: mbamtray 'Access violation' crash under certain circumstances Fixed: Tooltip content gets cut if opened on the edge of the window Fixed: Several minor UI issues Thank you so much. -Erix
    2 points
  8. To be honest with everyone, Windows 11 is just a reskin of 10....I haven't seen much improvements excepting making my job harder in IT as microsoft continues to hide more and more options.
    2 points
  9. Hello, The domain is blocked because of these PDF files. For an example: https://transpack-krumbach.de/_upload_bilder/_filemanager/file/64152938251.pdf http://transpack-krumbach.de/_upload_bilder/_filemanager/file/temexarevabiwegafelejo.pdf http://transpack-krumbach.de/_upload_bilder/_filemanager/file/40595992680.pdf ETC. ViruTotal file detection: https://www.virustotal.com/gui/file/2fe8db2ed51d45dff380aec46d99838cb8237955ae29ec7d16fc77a48d8d7da2/detection https://www.virustotal.com/gui/file/e090449fd033423e29456b4b8b9acc4a027641514e71ddfdf5dfa8d743dbe008/detection Please clean your domain from all malicious files and let us know when you do so we can remove the block after. Thank you!
    1 point
  10. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you
    1 point
  11. Hello, thanks for bringing this to our attention. We've reviewed the site again and have determined it no longer warrants being blocked so we've disabled the block in our database. Removal should be reflected in the next database update going out in a few hours or so.
    1 point
  12. First, let me clarify that I'm not the product manager for Browser Guard, so I can only answer as a fellow user (albeit one with some inside knowledge 🙂). Thus, I can't answer all these questions. However, regarding that warning, that is displayed by Safari for ANY extension that has permission to see the webpage content. It does not matter what the extension actually does with that content... Safari simply wants to let you know that it can access the content. This is a good thing to be aware of. We say that we're not collecting any of that data, but a less reputable developer could lie about that. Worse, a developer may not be collecting data, but may sell their extension to someone who then secretly starts using it to collect data. (This is a common problem with older Chrome extensions that the owner no longer cares to update.) So, it's reasonable for Safari to show such a warning, even if the developer claims not to be collecting data. Ultimately, it's an individual decision what you do about that warning. Part of that depends on how much you trust Malwarebytes. For problems with the functionality, I'd have to refer to @gatortail.
    1 point
  13. I think you mean Catalina 10.15 or later. 🙂
    1 point
  14. Note that, although the extension can see those things, no data is shared with Malwarebytes. That said, I can understand why granting that permission is uncomfortable. So, there are a couple things you can do, short of denying access globally which would affect the extension's ability to protect you. 1) Set it to be allowed for all sites, but then change the setting to Deny for specific websites. 2) Set it to Ask, in which case it will ask you for every website. Safari will then remember your choice for that site. Option 2 is probably the safest compromise, but also could become irritating.
    1 point
  15. The iOS Privacy app was released globally this morning and is propagating out to servers now.
    1 point
  16. Hello Malwarebytes, Again we are receiving complaints from start.me users (who also use Malwarebytes) that https://start.me is blocked by Malwarebytes. Users mention that the URL https://f.start.me is listed as "phishing". Can you please investigate this ASAP and unblock any URLs containing https://*.start.me? Best regards, Arjen Robijn Founder Start.me https://start.me
    1 point
  17. Below mentioned website is getting blocked.please review the same and unblock as it seems false positive. https://idfcmf.com
    1 point
  18. Was not blocked. Note the dot after the com in the link you posted😉
    1 point
  19. Its riskware. Any gamehack can have some unknown consequences.
    1 point
  20. Hello and welcome, Smart Driver Care in this case is not being detected as malware. It is being detected as a PUP or Potentially Unwanted Program. Adding it to your Exceptions in Malwarebytes as instructed by Porthos will allow you to continue using it without disabling Malwarebytes. All best,
    1 point
  21. Malwarebytes Beta community, We want to let you know we recently released a new quick update to the Beta of your product, version 4.4.4.126 component package 1.0.1413 If you are running a previous version of Malwarebytes with the Beta Updates Setting turned on it means you have signed up for our Beta Updates Program and you will get the Malwarebytes 4.4 Beta as an update. As usual, if you don't want to wait for the 'Update Available' notification, go right ahead and retrieve the update manually by clicking "Check for updates" in Settings > General. Hardened Brute Force Protection (RDP) Thank you so much. -Erix
    1 point
  22. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === AV: ESET Security (Enabled - Up to date) AV: Norton Security (Disabled - Out of date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} I suggest you remove Norton using their Uninstaller. Download and run their uninstaller tool from this site. https://support.norton.com/sp/en/us/home/current/solutions/kb20080710133834EN_EndUserProfile_en_us Restart the computer when the removal is completed. ----- Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The Computer will restart when the fix is completed. It will create a log (Fixlog.txt) please post it to your reply. === The files Malwarebytes is reporting are Quarantined. Not causing any issues. Delete it. How to Delete/Restore quarantined files. https://support.malwarebytes.com/hc/en-us/articles/360038479214-Quarantine-or-restore-items-with-Malwarebytes-for-Windows-v4 Follow the directives on the page to delete all the files. <<<>>> Please post the Fixlog.txt and let me know what problem persists. fixlist.txt
    1 point
  23. Hi, Reviewing you log now. Stay posted. nasdaq
    1 point
  24. This is for Jimmie only ! Hello @Jimmie My name is Maurice. Porthos has advised me you need specific assistance. This here is to help you remove one BitDefender driver that is still on your system. Please do not be using other apps or web browsers during this next procedure. Only use web browser for purpose to get to this forum. [ 1 ] As a next basic step, Please set File Explorer to SHOW ALL folders, all files, including Hidden ones. Use OPTION ONE or TWO of this article https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html [ 2 ] We will use FRSTENGLISH.exe on Downloads folderr to run a custom script. The system will be rebooted after the script has run. This custom script is for JIMMIE only / for this machine only. This custom script is intended to remove 1 BitDefender driver. NOTE-1: This script will run a scan using System File Checker to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. Please be sure to Close any open work files, documents, any apps you started yourself before starting this. If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached, please disconnect any of those. Please save the (attached file named) FIXLIST.txt to the C drive user Download folder Start the Windows Explorer and then, to the Downloads folder. RIGHT click on FRSTENGLISH.exe and select RUN as Administrator and allow it to proceed. Reply YES when prompted to allow to run. to run the tool. If the tool warns you the version is outdated, please download and run the updated version. IF Windows prompts you about running this, select YES to allow it to proceed. IF you get a block message from Windows about this tool...... click line More info information on that screen and click button Run anyway on next screen. on the FRST window: Click the Fix button just once, and wait. You will see a green progress bar start. This run here should be fairly quick. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the FIXLOG.txt with your next reply later, at your next opportunity After the system has restarted & Windows has settled back in, please advise as to the original issue. Cheers.
    1 point
  25. Thanks for reporting, this will be fixed in 10 minutes.
    1 point
  26. www.kunestra.hr has been whitelisted, and should be accessible in 15-30 minutes. PLEASE NOTE that if someone accesses the site using kunestra.hr instead of www.kunestra.hr, they will be blocked by Google Safe Browsing. That is beyond our control and you will need to deal with Google about that.
    1 point
  27. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Ensure that you are in an Administrator Account Double-click to run it. When the tool opens click Yes to disclaimer. Check the boxes as seen here: Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Please attach the logs for my review. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png Let me know what problems persists. Wait for further instructions p.s. This program is updated often. If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided. OR, you should restore the program from the Quarantine folder. ====
    1 point
  28. Thank you for the FRST reports. NEXT This should only take something less than 15 minutes. Now a fresh new scan with Malwarebytes for Windows. In Malwarebytes for Windows program, we want to do a special scan. Click Settings ( gear icon) at the top right of Malwarebytes window. We want to see the SETTINGS window. Then click the Security tab. Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON 👈 Click it to get it ON if it does not show a blue-color . Next, click the small x on the Settings line to go to the main Malwarebytes Window. Next click the blue button marked Scan. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. >>>>>> 👉 You can actually click the topmost left check-box on the very top line to get ALL lines ticked ( all selected). <<<< 💢 Please double verify you have that TOP check-box tick marked. and that then, all lines have a tick-mark Then click on Quarantine button. Then, locate the Scan run report; export out a copy; & then attach in with your reply. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4
    1 point
  29. Hi, The block will be removed in the next update. Sorry for the inconvenience Regards
    1 point
  30. If you run into a hitch, as we go along, stop and ask me first. We may wind up needing to re-use FRSTENGLISH at a later point. So please do not delete it. Plus, I will guide you on tools cleanup when we get to close the case ( at the end). Thanks for the Fixlog. The Windows System File Checker reports, "Windows Resource Protection found damaged files and repaired them correctly.". Overall, the custom script run is a good thing to have done. Now, as a matter of fact, we do need to get a fresh report. And we will need to use FRSTENGLISH to get that. . Go to the Downloads folder. RIGHT-click with the mouse on FRSTENGLISH & select "Run as Administrator" to start it. When prompted to allow it to run, reply YES and let it go forward. When the tool opens click Yes to the disclaimer. Now, be sure to TICK the check-box marked "Addition.txt " ( like in picture here). Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've run it before it may not and you may need to select it manually Please attach both logs to your reply. To save attachments please click the link "choose files". Then browse to where your file is located and select it and click the Open button.
    1 point
  31. Please download the latest version (4.12.9), released yesterday. It includes a fix for this bug. You can download it by opening the app and choosing Check for Updates from the Malwarebytes menu.
    1 point
  32. For more information, see: https://support.malwarebytes.com/hc/en-us/articles/360038524054-Why-Malwarebytes-scans-so-fast-on-Mac-devices Also, note that although it's entirely possible for a Mac to get infected just by visiting a website, it's quite rare for that to happen in practice. The last known time it happened, back in 2019, involved a Firefox vulnerability. The last before that was a series of events in 2011-2012 involving Java vulnerabilities. (Java is no longer part of macOS by default, for that reason.) So, most likely, if you didn't actually download and open anything from that site, visiting it probably won't have resulted in an infection.
    1 point
  33. Alright. By the way, I do not see a indicator on FRST about any "infection". As far as how busy the Windows system is when first started, consider to trim down the number of auto-started applications. These are some of those that are auto-loaded. Discord Steam Spotify Epicgameslauncher Overwolf Gamecenter com.blitz.app Opera GX Browser Assistant
    1 point
  34. Hello @Azer0 My name is Maurice. I will guie you. My first posr is simply to respond to That is very normal. Just DISREGARD the percentage readouts .....until after a minute or 2 has elapsed. The very initial "percentage" counts are NOT to be considered as a reliable readout. People often see that & get all dis-oriented. So, skip that as a true indication. We use actual security scanners to look for any actual infection.
    1 point
  35. Hi @xxxxxx123, Looks like our support team reached out and resolved your issue yesterday. Please let us know here or respond back to your ticket if you need any additional help. Thanks, Cecile
    1 point
  36. You are very welcome. I am glad to have worked with you. We can proceed with cleanup of tools we used. To remove the FRST64 tool & its work files, do this. Go to your Desktop folder. Do a RIGHT-click on FRST64.exe & select RENAME & then change it to UNINSTALL.exe . Then run that ( double click on it) to begin the cleanup process. Delete esetonlinescanner.exe Delete msert.exe Delete FSS.exe Delete SecurityCheck.exe Any other download file I had you download, you may delete. I wish you all the best. Stay safe. Sincerely. Maurice
    1 point
  37. Hi, This will be fixed shortly.
    1 point
  38. Hello, I will move your post to the correct section of the forum. Thank you!
    1 point
  39. I'm sorry the software isn't working properly but we'll do our best to help. To begin, please do the following so that we may take a closer look at your installation for troubleshooting: NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply Thanks
    1 point
  40. This is a false positive. Thank you for reporting this. It shall be fixed shortly
    1 point
  41. What is AdBlock Now?AdBlock Now is a Chrome extension that triggers our Potentially Unwanted Program (PUP) detection rules. PUPs, or Potentially Unwanted Programs, are programs that may include advertising, toolbars, and pop-ups that are unrelated to the software you downloaded. PUPs often come bundled with other software that you installed. By flagging PUPs we offer users a choice to consider whether they want to use this software.If you would like to remove AdBlock Now, please follow the removal instructions below.How do I know if I have AdBlock Now?This is how the Chrome extension shows up in the list of installed extensions:You may see this type of windows during install:How did AdBlock Now get on my computer?Browser extensions use different methods for distributing themselves. This particular one was downloaded from the webstore:after a redirect from their website:How do I remove AdBlock Now?Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the items you are concerned about. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of AdBlock Now? No, Malwarebytes removes AdBlock Now completely. What if I want to keep AdBlock Now?Should users wish to keep this PUP and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access.As you can see below the full version of Malwarebytes, as well as Browser Guard, would have warned you about the promoting website. Technical details for expertsYou may see these entries in FRST logs: CHR Extension: (AdBlock Now) - C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnhhhkoemfnieeacbcfbebmidanfjlg [2021-07-26] Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnhhhkoemfnieeacbcfbebmidanfjlg\1.0.0.0_0 Adds the file 128.png"="7/26/2021 10:47 AM, 9223 bytes, A Adds the file background.comp.js"="7/6/2021 3:28 AM, 4292 bytes, A Adds the file content.js"="7/6/2021 2:56 AM, 379 bytes, A Adds the file manifest.json"="7/26/2021 10:47 AM, 1110 bytes, A Adds the file toblock.js"="7/6/2021 2:40 AM, 411487 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnhhhkoemfnieeacbcfbebmidanfjlg\1.0.0.0_0\_locales\en Adds the file messages.json"="7/26/2021 10:47 AM, 157 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnhhhkoemfnieeacbcfbebmidanfjlg\1.0.0.0_0\_metadata Adds the file computed_hashes.json"="7/26/2021 10:47 AM, 5096 bytes, A Adds the file verified_contents.json"="7/6/2021 3:29 AM, 1869 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg Adds the file 000003.log"="7/26/2021 10:48 AM, 667 bytes, A Adds the file CURRENT"="7/26/2021 10:47 AM, 16 bytes, A Adds the file LOCK"="7/26/2021 10:47 AM, 0 bytes, A Adds the file LOG"="7/26/2021 10:47 AM, 369 bytes, A Adds the file MANIFEST-000001"="7/26/2021 10:47 AM, 41 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings] "kdnhhhkoemfnieeacbcfbebmidanfjlg"="REG_SZ", "B58C9B742CE4DE83AB12C980A74CA021058A1AE949552308443531936150A6AC" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/26/21 Scan Time: 10:55 AM Log File: 2cffc264-edef-11eb-82b5-080027235d76.json -Software Information- Version: 4.4.3.125 Components Version: 1.0.1387 Update Package Version: 1.0.43558 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 257828 Threats Detected: 10 Threats Quarantined: 10 Time Elapsed: 1 min, 59 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 1 PUP.Optional.FakeExtension, HKCU\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|kdnhhhkoemfnieeacbcfbebmidanfjlg, Quarantined, 2145, 960922, , , , , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 PUP.Optional.FakeExtension, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg, Quarantined, 2145, 960922, , , , , , PUP.Optional.FakeExtension, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\kdnhhhkoemfnieeacbcfbebmidanfjlg, Quarantined, 2145, 960922, 1.0.43558, , ame, , , File: 7 PUP.Optional.FakeExtension, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 2145, 960922, , , , , 7471F56BD2C5CD076AA0996A596D2723, F245DCC58A2DB600948F5291B77DFA2EA4CE8DE7810E59F7138235369BA359FB PUP.Optional.FakeExtension, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 2145, 960922, , , , , 0891B88C610421F5BC1C98B838C11980, 104FFDD95A1FC949966AB4C3326AFB1B972822B64C9B076F1D248BFE8E581603 PUP.Optional.FakeExtension, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg\000003.log, Quarantined, 2145, 960922, , , , , CD65D0A204EF9105CC47E00DEA223C26, 7DC8E5A2C902EEE87D5604B116858F0878F7552F912141017CA70C2C84B5B677 PUP.Optional.FakeExtension, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg\CURRENT, Quarantined, 2145, 960922, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 PUP.Optional.FakeExtension, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg\LOCK, Quarantined, 2145, 960922, , , , , , PUP.Optional.FakeExtension, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg\LOG, Quarantined, 2145, 960922, , , , , A6F0B160DD50BC5E37E12359D92E6857, 6BDDEFE6D6FDEFE18DE5160807695BD44D41697DA8E85DD168550D428E7E1080 PUP.Optional.FakeExtension, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kdnhhhkoemfnieeacbcfbebmidanfjlg\MANIFEST-000001, Quarantined, 2145, 960922, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes would have warned you about this PUP.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
    1 point
  42. Activate Malwarebytes Premium on Android device
    1 point
  43. Malwarebytes Beta community, We want to let you know once more we recently released a new Beta of your product, version 4.4.4.126 component package 1.0.1404 If you are running a previous version of Malwarebytes with the Beta Updates Setting turned on it means you have signed up for our Beta Updates Program and you will get the Malwarebytes 4.4 Beta as an update. As usual, if you don't want to wait for the 'Update Available' notification, go right ahead and retrieve the update manually by clicking "Check for updates" in Settings > General. What’s New in this 4.4.4 Beta: Brute Force Protection (for RDP) Continued Added Naming for Teams UI branding in the Check for Updates Dialog Tamper Protection Users are now allowed to suppress Scan Notifications when no threats are found Enhanced detection and remediation Improved performance Some Issues now addressed: Fixed: Fix problem with showing the reboot dialog when CU stuck in some situations. Fixed: Web exclusions get cleared when turning off Web Protection Fixed: Italian language 'Scan time' formatting issue in UI Fixed: Checking for updates doesn't inform user of network error when unable to reach license server Fixed: Permanent exclusion can be added as "IP address" or "Website" exclusion when navigating to blocked IP Fixed: Browser Guard - MB4 interaction doesn't work after MB4 restart (need to restart Chrome also) Fixed: Reopening of Chrome leads to high memory consumption of Native Messaging Host App Fixed: Allow List: Add an item window and Allow a file/website/app/previously detected exploit window are not aligned when German language selected Fixed: Spelling issue Swedish Fixed: mbamtray 'Access violation' crash under certain circumstances Fixed: Tooltip content gets cut if opened on the edge of the window Fixed: Several minor UI issues Thank you so much. -Erix
    1 point
  44. Thank you, please run the following fix @1Lurker1 Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work. Please make sure you disable any real time antivirus or security software before running this script. Once completed make sure you re-enable it. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more. NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords. The following directories are emptied: Windows Temp Users Temp folders Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Flash Player cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. fixlist.txt Thanks
    1 point
  45. @Gt-truth IPS has informed us that these issues should now be resolved. Please let us know if they return.
    1 point
  46. 1 point
  47. Hi @Chipperbad, If you could send me an Apps Report as well (instructions in my post above) that would be super helpful! It sounds like UMX and the Settings app is at it again: https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/ I have been looking into this for awhile now, and even have a UMX test phone. Unfortunately, I haven't been able to reproduce what everyone is seeing myself. However, if I have enough proof that the Settings app is indeed causing issues again, I'll go ahead and add a detection. Nathan
    1 point
  48. Hi @ScciVcci, If you could send me an Apps Report, I can look further into this for you. To send an Apps Report with Malwarebytes for Android use the following instructions. 1. Open the Malwarebytes for Android app. 2. Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our support staff to know where to direct it. By sending the Apps Report, you will create a ticket in our support system. Private Message (PM) me the email used and/or the ticket number assigned. Nathan
    1 point
  49. Please note the Piracy Policy was updated on 10/04/2016 as shown above. The forum Guidelines have also recently been updated. If you've not already read them please take the time to do so.
    1 point
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.