David H. Lipman

They were really Big Fixes @1PW

The temperature of the disk is a by-product of normal operation and is within normal operating specifications. A Western Digital Spindle drive Operating Environmental condition is 0 ~ 60 Deg C and you reported 43 Deg C. There is no issue.

I suggest working with them further. Especially if you pay to use their VPN client software.

Assuming the VPN is safe, you don't disable the Windows Firewall, you allow the VPN client to go through the Windows Firewall.

I'll assume that's 43 Deg Celsius which is ~110 Deg Fahrenheit. That's not a high temperature. Obviously if a disk is being scanned, it is in its highest mode of operation ( SSD or Spindle ) and its temperature will be expected to rise above a quiescent state temperature. Your highest mode of operation temperature is both reasonable and within operation specifications. Comparatively speaking Humans are ~98.6 Deg F. Your disk drive temperature isn't much higher. The application priority is a moot point. The disk activity is the key to drive temperature and any application that causes numerous files to be open and read successively will create a highest mode condition of operation for a given disk drive.

To be blocked, MBAM has to know the URL of the site hosting the FakeAlert. If the URL of the site can be discerned, it can be submitted such that it can be blocked for other Malwarebytes' product users. These sites are created en masse and its difficult to keep up with the myriad of sites being created. Malwarebytes has created new Browser Add-Ons called Malwarebytes Browser Guard for Chrome and Firefox to mitigate FakeAlerts and other frauds. Unfortunately, one has not been created for Safari, yet. Browser Add-On references: Malwarebytes Browser Guard Malwarebytes Browser Guard Extension for Chrome Malwarebytes Browser Guard Extension for Firefox Some references on Tech support Scams which FakeAlerts play a part in: US FBI PSA - Tech Support Fraud US FTC Consumer Information - Tech Support Scams US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams Malwarebytes' Blog - Search on - "tech support scams" Malwarebytes' Blog - "Tech support scams: help and resource page" EDIT: Here are videos demonstrating Apple FakeAlerts used to goad Apple device users to download Advanced MAC Cleaner and MyMobileSecure VPN solution. Apple FakeAlert leads to Advanced MAC Cleaner Rogue AV software Apple FakeAlert leads to MyMobileSecure VPN solution

It was an Apple FakeAlert and is not malware on your MAC. It was a kind of malicious advertisement ( aka; malvertisement ). I have created a PDF ScreenShow of a myriad of FakeAlert screens which includes numerous Apple FakeAlerts - FakeAlert-Screens.pdf / Flash Version

Replace URL with; http://downloads.malwarebytes.com/file/mb-mac { tested with WGET }

Wat is mB.exe and where are you downloading it ? If you want the Malwarebytes anti malware fore windows the URL is - http://downloads.malwarebytes.com/file/mb-windows Which is digitally signed, ‎Monday, ‎October ‎21, ‎2019 09:32:12

It is spam, just delete it.

The site is redirecting to a PayPal Phish http://dlvr.it/RHl6nY ===> https://login.limited-released.akusangatbaik.com/us/signin

Please reference: amazonaws blocked

Please send me a PM so I know with whom I am conversing with.

I exist, therefore I am....

The article has nothing to do with the use of a Virtual Private Network ( VPN ). Thus the article is non sequitur. A VPN connection is where one uses software that tunnels all their outbound communication through the Internet and the traffic comes out from the POV of the VPN Provider's network. Thus if you were connected to Bharti Airtel's network and you used a VPN with an exit node in Brazil, web sites you visit would see the IP address of the Brazilian network and not the IP address of Bharti Airtel's network. The PC user's activity can't be seen by Bharti Airtel. All they would see is that your PC would be connected to one IP address in Brazil as the traffic would be protected by a Transport Layer Security ( TLS ) encrypted connection. A VPN really isn't needed if you are on a desktop on your home network unless you are super paranoid. However if you are on a notebook and connect to WiFi HotSpots or connect to a Hotel's network, then a VPN would protect your Internet activity from hackers targeting WiFi HotSpots or deliberate spying on a Hotel network ( such as in the case during the Chinese Olympics at Chinese Hotels ). If one travels often with a Laptop, alternatively one may obtain a Wireless WAN card or USB device as that basically is an appliance that combines a Cellular Phone connection with a MODEM such that its bypasses WiFi and Hotel type networks and makes a Laptop/Notebook work more like a Smart Phone in that in accesses a Cellular Network and locks out hackers to a greater degree. EDIT: It should be noted that if you are paranoid about your ISP and want to use a VPN, that paranoia extends to the VPN provider as the traffic you do NOT want to be seen by your ISP will be seen by the VPN Provider. Thus you have to trust the VPN Provider much more than your ISP and as this threads subject post indicates, "...vulnerabilities affecting multiple Virtual Private Network (VPN)..." where a "...remote attacker could exploit these vulnerabilities ..."

FTC Sues Owner of Online Dating Service Match.com for Using Fake Love Interest Ads To Trick Consumers into Paying for a Match.com Subscription "The Federal Trade Commission sued online dating service Match Group, Inc. (Match), the owner of Match.com, Tinder, OKCupid, PlentyOfFish, and other dating sites, alleging that the company used fake love interest advertisements to trick hundreds of thousands of consumers into purchasing paid subscriptions on Match.com. The agency also alleges that Match has unfairly exposed consumers to the risk of fraud and engaged in other allegedly deceptive and unfair practices. For instance, the FTC alleges Match offered false promises of “guarantees,” failed to provide services to consumers who unsuccessfully disputed charges, and made it difficult for users to cancel their subscriptions. “We believe that Match.com conned people into paying for subscriptions via messages the company knew were from scammers,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “Online dating services obviously shouldn’t be using romance scammers as a way to fatten their bottom line.” Match Touts Fake Love Interest Advertisements, Often From Scammers Match allows users to create Match.com profiles free of charge, but prohibits users from responding to messages without upgrading to a paid subscription. According to the FTC’s complaint, Match sent emails to nonsubscribers stating that someone had expressed an interest in that consumer. Specifically, when nonsubscribers with free accounts received likes, favorites, emails, and instant messages on Match.com, they also received emailed ads from Match encouraging them to subscribe to Match.com to view the identity of the sender and the content of the communication. (example of ad touting message) The FTC alleges that millions of contacts that generated Match’s “You caught his eye” notices came from accounts the company had already flagged as likely to be fraudulent. By contrast, Match prevented existing subscribers from receiving email communications from a suspected fraudulent account. Many consumers purchased subscriptions because of these deceptive ads, hoping to meet a real user who might be “the one.” The FTC alleges that instead, these consumers often would have found a scammer on the other end. According to the FTC’s complaint, consumers came into contact with the scammer if they subscribed before Match completed its fraud review process. If Match completed its review process and deleted the account as fraudulent before the consumer subscribed, the consumer received a notification that the profile was “unavailable.” In either event, the consumer was left with a paid subscription to Match.com, as a result of a false advertisement. Consumers who considered purchasing a Match.com subscription generally were unaware that as many as 25 to 30 percent of Match.com members who register each day are using Match.com to attempt to perpetrate scams, including romance scams, phishing schemes, fraudulent advertising, and extortion scams. In some months between 2013 and 2016, more than half of the instant messages and favorites that consumers received came from accounts that Match identified as fraudulent, according to the complaint. Hundreds of thousands of consumers subscribed to Match.com shortly after receiving communications from fake profiles. According to the FTC’s complaint, from June 2016 to May 2018, for example, Match’s own analysis found that consumers purchased 499,691 subscriptions within 24 hours of receiving an advertisement touting a fraudulent communication. Online dating services, including Match.com, often are used to find and contact potential romance scam victims. Fraudsters create fake profiles, establish trusting relationships, and then trick consumers into giving or loaning them money. Just last year, romance scams ranked number one on the FTC’s list of total reported losses to fraud. The Commission’s Consumer Sentinel complaint database received more than 21,000 reports about romance scams, and people reported losing a total of $143 million in 2018. Match Deceived Consumers with Inconspicuous, Hard to Understand Disclosures The FTC also alleges Match deceptively induced consumers to subscribe to Match.com by promising them a free six-month subscription if they did not “meet someone special,” without adequately disclosing that consumers must meet numerous requirements before the company would honor the guarantee. Specifically, the FTC alleges Match failed to disclose adequately that consumers must: Secure and maintain a public profile with a primary photo approved by Match within the first seven days of purchase; Message five unique Match.com subscribers per month; and Use a progress page to redeem the free six months during the final week of the initial six-month subscription period. The FTC alleges consumers often were unaware they would need to comply with additional terms to receive the free six months Match promised. As a result, consumers were often billed for a six-month subscription to Match.com at the end of the initial six months, instead of receiving the free six months of service they expected. Unfair Billing Dispute and Failure to Provide Simple Subscription Cancellation Practices Due to Match’s allegedly deceptive advertising, billing, and cancellation practices, consumers often disputed charges through their financial institutions. The complaint alleges that Match then banned these users from accessing the services they paid for. Finally, the FTC alleges that Match violated the Restore Online Shoppers’ Confidence Act (ROSCA) by failing to provide a simple method for a consumer to stop recurring charges from being placed on their credit card, debit card, bank account, or other financial account. Each step of the online cancellation process—from the password entry to the retention offer to the final survey pages—confused and frustrated consumers and ultimately prevented many consumers from canceling their Match.com subscriptions, the FTC contends. The complaint states that Match’s own employees described the cancellation process as “hard to find, tedious, and confusing” and noted that “members often think they’ve cancelled when they have not and end up with unwanted renewals.”

AT&T to Pay $60 Million to Resolve FTC Allegations It Misled Consumers with ‘Unlimited Data’ Promises "AT&T Mobility, LLC, will pay $60 million to settle litigation with the Federal Trade Commission over allegations that the wireless provider misled millions of its smartphone customers by charging them for “unlimited” data plans while reducing their data speeds. In a complaint filed in 2014, the FTC alleged that AT&T failed to adequately disclose to its unlimited data plan customers that, if they reach a certain amount of data use in a given billing cycle, AT&T would reduce—or “throttle”—their data speeds to the point that many common mobile phone applications, such as web browsing and video streaming, became difficult or nearly impossible to use. “AT&T promised unlimited data—without qualification—and failed to deliver on that promise,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “While it seems obvious, it bears repeating that Internet providers must tell people about any restrictions on the speed or amount of data promised.” The FTC alleged that, despite AT&T’s unequivocal promises of unlimited data, it began throttling data speeds in 2011 for its unlimited data plan customers after they used as little as 2 gigabytes of data in a billing period. AT&T’s alleged practices affected more than 3.5 million customers as of October 2014, according to the FTC complaint. After AT&T challenged whether the FTC had jurisdiction to bring the case, the Ninth Circuit U.S. Court of Appeals in 2018 ruled that the FTC did have jurisdiction and authority to challenge the company’s marketing of mobile data services, allowing the Commission’s case to proceed. As part of the settlement, AT&T is prohibited from making any representation about the speed or amount of its mobile data, including that it is “unlimited,” without disclosing any material restrictions on the speed or amount of data. The disclosures need to be prominent, not buried in fine print or hidden behind hyperlinks. For example, if an AT&T website advertises a data plan as unlimited, but AT&T may slow speeds after consumers reach a certain data cap, AT&T must prominently and clearly disclose those restrictions. The $60 million paid by AT&T as part of the settlement will be deposited into a fund that the company will use to provide partial refunds to both current and former customers who had originally signed up for unlimited plans prior to 2011 but were throttled by AT&T. Affected consumers will not be required to submit a claim for the refunds. Current AT&T customers will automatically receive a credit to their bills while former customers will receive checks for the refund amount they are owed." FYI: https://violationtracker.goodjobsfirst.org/parent/at-and-t "Penalty total since 2000: $1,321,619,366 Number of records: 261"

zaponics.com - Domain was created on 9/5/2019 https://zaponics.com/?product_cat=malwarebytes That page indicates they are selling a LifeTime Key. That hasn't been done in years so it is highly probable this is a Fraudster.

Unfortunately, these scams are all too common. The only comment is how quick for a scammer to know that MBAM was updated to v4,x which was done so recently. ** It would help to know what the Phone Number and the URL is associated with the web Site of this fraudster. The URL for MBAM v4,x is; http://downloads.malwarebytes.com/file/mb-windows If you can not access the above URL, you should have your PC checked-out in; Windows Malware Removal Help & Support Reference: US FBI PSA - Tech Support Fraud US FTC Consumer Information - Tech Support Scams US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams Malwarebytes' Blog - Search on - "tech support scams" Malwarebytes' Blog - "Tech support scams: help and resource page"

It is called a FakeAlert and is a fraud. It is a kind of malicious advertisement ( aka; malvertisement ) I have created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf / Flash Version that include Norton and McAfee"subscription expired" notifications.

Hi, how you doing ? We think there is nothing bad in pleasing yourself from ever and again. Some things should remain private, and if your relatives and friends find this out it, this will be something to worry about. Something anyone would be terrifically embarrassed by. This will have a significant impact on your personal life and wellbeing. For a certain period of time, we have been tracking your PC activity by means of a trojan virus that had been installed by yourself and that had infected your PC. You had been infected after clicking on an poster on one of our virus-infected pornographic websites. A trojan virus gives us access to your PC and any device that is connected to it, whether via wifi or bluetooth. We have been monitoring your screen and everything you have been doing - through a live feed - and you had no idea of us doing this. We also have access to your camera and microphone - we can switch them on/off at any time. We have been privately storing all data and info that we have been considering worthwhile. For example: contacts, social media, emails, etc. We have recorded a video where you can be seen pleasing yourself. Moreover, we’ve made a split-screen footage and shown the video you had been watching. By clicking a button, I can send this blackmail material to all your contacts. If you want to avoid this dirt, just transfer 2500$ to the my bitcoin wallet. Bitcoin address: "1FpqfJq6NSMB########2HnP77frBsYGQ" Though verification is required, you can easily buy bitcoin. Google how to buy bitcoin. The next moment after receiving money, I will erase all your data. You have only 5 days to send the money. Otherwise, I will have to do what I have told you about hereinabove We don’t make mistakes. Reporting this is useless, it is impossible to track this email address and these emails have been sent via an external server abroad. These accounts have been hacked. If you make the stupid choice to do report this or contact anybody about this message we will directly release your footage and forward it. Besides, we will do anything we can to distribute any other harmful information. Once this email is opened, we will be notified, and since then the clock will start ticking You have only 5 days. Do not run out of time! Kind Regards

C-Panel refers to a web site, not a PC and or user accounts. If you can not access the C-Panel or Control Panel to your web site, contact your hosting company for a resolution.

This is purely a scam and they send those emails out en masse hoping one or two bite at the bait. Just delete the email and then change your email password to a new Strong Password just to make sure. Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach. https://haveibeenpwned.com/ Please reference: ----------------- US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam MyOnlinesecurity - attempted-blackmail-scam-watching-porn BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Blackmail Scam still current

https://theblog.adobe.com/security-update/ "At Adobe, we believe transparency with our customers is important. As such, we wanted to share a security update. Late last week, Adobe became aware of a vulnerability related to work on one of our prototype environments. We promptly shut down the misconfigured environment, addressing the vulnerability. The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. This issue was not connected to, nor did it affect, the operation of any Adobe core products or services. We are reviewing our development processes to help prevent a similar issue occurring in the future. Should you have any questions, we encourage you to contact us at: https://helpx.adobe.com/contact.html "