David H. Lipman

bulliontradings.com - Domain was created on 9/6/2023 No longer resolves to an IP so it looks like it has already been taken down. The Domain is registered with Namecheap so in cases such as these you would file an Abuse complaint with Namecheap as well as the web site hosting company.

Who does that ?

Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you

No worries @nso89 . That a FakeAlert. That is a Push Notification, web site or Pop-Up that falsely indicates and even that never happened. They either are for Technical Support scams and have a Phone Number associated with it or are used to as a referral for some application for monetary gain. I have seen numerous examples of both FakeAlets for Tech Support scams and for the purpose referral profits for anti malware and VPN applications.

I'm truly sorry for you to feel that way. One has to understand more about malware. PDF files may contain malicious URLs or may exploit vulnerabilities in a PDF Rendering software but they do not "directly" infect. Malwarebytes reserves it signatures to files that directly infect a PC as a Portable Executable file. MBAM specifically applies signatures to target PE binaries that start with the first two characters being; MZ They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these file types can be renamed to be anything such as; TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'. This includes file names that use Unicode Right-to-Left Override to obfuscate an executable file extension. Malwarebytes does employ signatures on a simplistic basis on some scripted malware but not on specific scripts. However, MBAM does not target documents via signatures such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc. It also does not target media files; MP3, WMV, JPG, GIF, etc. MBAM does not target MSI files by signatures. MBAM is capable of extracting PE files embedded in these COM Structured Storage files and may target them via signatures. Malwarebytes employs heuristic constructs and its Anti Exploitation module to Scripted Malware, media files and Documents as well as its Web Protection module and the added protection of Browser Guard. Thus let's assume that this was a PDF that was specially crafted to exploit a bug (vulnerability) in rendering a PDF. In that case the anti exploitation would block and/or mitigate the the action of exploitation and any possible payload. Take a PDF that is implementing a Phish. Malicious actors create Phishing emails. Some may contain the Phish Content in thy body of the email. However that may fall prey to Spam and Content Filters. To thwart that the actor may create a PDF that has the Phish Content in the body and has a URL to the site intended to harvest associated credentials. Here the Web Protection module or Browser Guard will block the access to the malicious web site. So while a PDF is not "detected" by a signature, the Malwarebytes product will protect the user and that is what counts. Another example is malicious DOC/DOCx and other MS Office documents (aka; maldocs) . Here too MBAM will not "detect" a maldoc but the anti exploitation module will block a document specifically crafted to exploit the MS Office environment (or other applicayions that may view/edit it). Another scenario is where malware is embedded in the document and tries to drop it and run it. If the file embedded is an EXE file, the signatures base would detect IFF it was executed but the anti exploitation would block the dropping and execution process. Another scenario is where the maldoc has a malicious VB Script. Here the anti exploitation would block the malicious actions of the script as well as using the Web Protection and even Browser Guard if there was a malicious site that the script was trying to visit or download a payload from. I can truly understand the desire to at least "know" if it is a malicious document, Virus Total participating vendors will provide that indicator. I had a case where a user on a Borough Hall network connected a USB drive that detected the Wimad Trojan on some MP3 and other media files by Kaspersky. Wimad files exploit the Digital Rights Management (DRM). In that case Malwarebytes would not detect the media files via signatures. However, the anti exploitation module would protect the user, in the same scenario, if they employed Malwarebytes. This is why one should still enable the Microsoft Windows Defender of the OS. It will detect the malicious Documents, Scripts and Media files. HTH

Since @Missie has not replied I am posting a graphic from a URL found in the email that bolsters the concept that this was spam trying to obtain monetary gain through a referral to the Malwarebytes store.

Thank you. However that is not a good submission. You basically took an email, obtained its Headers and Body in RAW format and used Microsoft: Print to PDF and attached the created PDF. Microsoft Print to PDF created a graphical representation of that data and its not something that can be worked with. However from the subject line "Reactivate your Malwarebytes Anti - Virus Protection Fri, 22 Dec 2023 17:36:30 -0500!" it leaves me to believe it is not a Phishing email. It is some entity trying to obtain monetary gain through a referral to the Malwarebytes store; store.malwarebytes.com which is legitimate. We have been seeing numerous posts and submissions of people getting spam email with FakeAlerts and Renewal notices not by Malwarebytes but in the name of Malwarebytes. To be sure... Please export said email to a .EML file or view the source of the email, for its RAW contents, and copy all the text into a .TXT file. Then place either the .TXT file or the .EML file in a ZIP file and attach that ZIP file in a Reply.

Good advice @1PW idx.support Registrant Name: Identity Theft Guard Solutions, LLC Registrant Organization: Identity Theft Guard Solutions, LLC Registrant Street: 10300 SW GREENBURG RD STE 570 Registrant City: PORTLAND Registrant State/Province: OR Registrant Postal Code: 97223-5416 From Comcast

No. I have Verizon FiOS but my Verizon email address was supplied as a backup address for a, geriatric, high functioning autistic.

I just received this on my Verizon email.

FTC Announces Claims Process for Consumers Harmed by Credit Karma “Pre-Approved” Offers for Which They Were Denied

Yes @Porthos, but it is demonstrative of exceptions.

I would not say ALL. But I would include Dell "Support Assist" in that list.

No. The home of Profiles is; C:\Users

You viewed; C:\Users ?

I have done numerous BIOS Updates. It is an automatic performance when re-installng an OS or installing a new OS. For bug and security fixes as well. My favourite was a notebook BIOS update that helped with a fan cooling issue. The BIOS has nothing to do with data files or one's Profile. However since it will require an OS reboot, it could be coincidental with a Profile corruption or temporary issue where one's Profile will not load properly and the OS creates and uses a temporary Profile. For example: You login as Boss and the Profile is; c:\users\BOSS The Profile BOSS fails to load properly and the OS creates a Temporary Profile such as... c:\users\BOSS.TMP or c:\users\TEMP Because the Temporary Profile will use Defaults, the user will not have their Desktop Icons and their regular settings. It will use Default settings. References: https://www.dell.com/support/home/en-us/product-support/product/inspiron-3910-desktop/drivers https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=dhdwr&oscode=w2021&productcode=inspiron-3910-desktop

Comcast Xfinity data breach affects over 35 million people

No need to multi-post. I moved this thread to Website Blocking where presumed False Positives are posted.

Employees are members of the Forum Group; Sfaff. @Porthos is a member of the of the Forum Group; Trusted Advisors and is also a Forum Moderator and has justly earned that and when he gave the advice of downloading from BleepingComputer he was providing trusted advice. BleepingComputer is owned and operated by @grinler who is a member of the Malwarebytes' Forum Group; Experts. For an official response, I'll PING @AdvancedSetup, the Forum Administrator.

Nah, get Garlic bulbs. Place a Garlic bulb on your cutting board. Use the palm of your hand and press down and the cloves will start to separate. Separate the individual cloves and discards the garlic "paper." Use a knife and cut at the base of a clove ~1/8" from the bottom but not all the way through. This will allow you to peel back the skin and remove the remaining skin. Place the peeled garlic in a plastic zip lock bag. When done peeling, roll up the bag and squeeze out the air then close the zipper and place it in the Fridge.

What? No fresh Garlic?