Jump to content

David H. Lipman

Experts
  • Content Count

    17,304
  • Joined

  • Days Won

    15

Everything posted by David H. Lipman

  1. Domo arigato @LiquidTension No change. I keep the utility in question updated and in-hand and installed the "System Monitor service" per your request and monitored MBAM accessing the account. Nothing was logged. I then specifically loaded Fiddler and setup MBAM to use a Fiddler Proxy. Results ==> Data.ZIP Note that no other program complains about a Proxy. There is only a Proxy use when I specifically setup one like Fiddler. No other components of MBAM have issues and the program gets updates. It is only an issue with keystone.mwbsys.com and it only occurs w
  2. @AlexSmith and @AdvancedSetup and @msherwood KUDOS on your fine work in an overwhelming and difficult Forum'ware Upgrade.
  3. FipsAlgorithmPolicy = 0 Rebooted, no change. FipsAlgorithmPolicy = 1 Rebooted, no change reverted back to, FipsAlgorithmPolicy = 0 Rebooted, no change IIS Crypto 3.2 - Backed up registry - RegistryBackup.zip Advanced, "Best Practices" Rebooted, no change Restored registry Rebooted, no change Sayonara Bonjour Rebooted, no change "There are no updates available for your computer" ( Win7 Ultimate/32 )
  4. The Internet’s Biggest Webmaster Forum Had a Data Breach
  5. Phishing is all about capturing user credentials in a masquerade as some entity. This can be a Bank, an online store, Insurance account, medical account, email account, etc. For example, the below is a Phish for USAA... The email could have been a Malwarebytes account Phish but we would have to see the Full Header and Body of the email (RAW format in text not a graphic screenshot) to make that determination. The objective would be to block the Phish URL by Malwarebytes' products. Malwarebytes' provides a sub-forum for provideing URLs of suspect and/or malicious sites in;
  6. This section is for submitting the actual malware that performs the action. I have requested Forum moderators move this thread to; Windows Malware Removal Help & Support In the mean time, submit a sample of the Ransom Note and/or an Encrypted file to ID Ransomware for information. Please reply back with the results from ID Ransomware
  7. If so... Please REPLACE "Malwarebytes Dark 4.5" with one with a contrast exampled by "Malwarebytes Dark 4.5". Cosmos is good but not "that good".
  8. I don't know w/o seeing more plumage but my guess is a Tern.
  9. I am happy to relate that I have not seen one 500 error Today.
  10. [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "EnableNegotiate"=dword:00000001 "User Agent"="Mozilla/4.0 (compatible; MSIE 8.0; Win32)" "IE5_UA_Backup_Flag"="5.0" "ZonesSecurityUpgrade"=hex:d2,80,a9,04,3f,04,ca,01 "ProxyEnable"=dword:00000000 "ProxyServer"="" "MigrateProxy"=dword:00000000 Quit MBAM. Restarted. Same error.
  11. Nope. It's not part of any setting I use. When I do use a Proxy it is at 8118 or a SOCKS5 Proxy at 9050. There is nothing listening on 8080. 'localhost' is only assigned in my etc/LMhosts file. I saw that in the logs and I don't know where it is coming from. I do not see where ProxyEnable is actually enabled.
  12. Thanx, I missed that 😞 The Amazon Certificate Authority has verified the "SSL Client Certificate" which was issued on June 21, '20 and is valid through Thursday, July 22, 2021. It was just a glitch.
  13. Xiexie ni @exile360 Don't know if the PCAP will help or not but I supplied one just in case. LicenseServer.zip
  14. It just indicated the Certificate expired or something else related to the Certificate's date. What is the Domain you are accessing?
  15. Obrigado. Edition: Premium Yes, Notebook was rebooted with same results.
  16. Dank je Now at; 4.2.0.82, 1.029433 and 1.0.1036 No change EDIT: I have attached a PCAP of MBAM accessing the License Server. LicenseServer.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.