David H. Lipman

Thank you. This is not a case of Phishing. It is a variation of a Tech Support scam in the name of Malwarebytes. Numerous forum members have posted about this scam. Please Reference: have received 3 scam emails about Malwarebytes account chargesFake Receipt?Your subscription for “Malware bytes Security” has been renewed.Phishing scam using malwarebytes subscription (cares@usorderreceipt02.co) Phishing is a process masquerading as a known entity where a web site, a PDF or other document uses content that emulates that entity and tries to get the victim to provide login creden

You have falsely equated a MS Windows executable file to malware and then equated it to an Apple MAC. @alvarnell may be best able to assist you.

CSRSS.exe is the name of a MS Windows PC Portable Executable (PE) file name.

Is this a Windows PC or a Apple MAC system ?

The etc/hosts file is about name to IP address resolution. Not about blocking ingress or egress. What you show in your graphic is not a correct way to use the etc/hosts table. To block an IP you would use the Windows Firewall or block the IP on the LAN's Router. Using the Windows Firewall only affects that PC. If you want all devices and computers to have that IP blocked, place the block on the Router. Here is a proper example. It shows that the Domain and Sub-Domains on the right are ASSIGNED an address and is telling the OS not to use DNS for resolution. In the below exmp

Sites that push nefarious Browser Add-Ons or Plug-Ins are not "ads", they are malvertisements.

I went to that web site and tried to "play" a video in Firefox and Edge. The site wanted me to install a Plug-In to play that video in Firefox and in Edge it gave me a web site that wanted me to install a plug-in to "free memory". I would not consider soap2day.to to be a legitimate site and was created in December 2019 so it just a tad over a year old.

@william12345 No. A virus is a executable file or code that is prepended, appended or cavity injected into a legitimate file and is able to self replicate. Once infected, that infected file can further the infection by infecting other legitimate files. Or the infection can spread from computer to computer. Such code or executable self replicates. That is it is able to spread on its own and without assistance. On the other hand, trojans need assistance to spread. There are trojans that also prepends, appends or cavity injects malicious code into a legitimate file. However, the acti

This may be a False Positive but you didn't post in the area that handles False Positives. I have requested your thread be moved to; File Detections where file based False Positives are handled.

Maybe @Erix ?

In the email, did it provide a phone number as well as an amount due ?

If there was a Link to a Pop-Up then it was a fake message known as a FakeAlert. If a Malwarebytes' product provided a Pop-Up, it would come from Malwarebytes' software on the PC, not from a website.

Are you stating Malwarebytes' software is no longer blocking the site but Microsoft Edge is ? RE https://forums.malwarebytes.com/topic/269652-please-un-flag-membersdaytradesafecom-18514630226/?tab=comments#comment-1434183

Scam “US Trading Commission” website is not the FTC

https://staysafeonline.org/data-privacy-day/ "Data Privacy Day Millions of people are unaware of and uninformed about how their personal information is being used, collected or shared in our digital society. Data Privacy Day aims to inspire dialogue and empower individuals and companies to take action." https://staysafeonline.org/resources-library/ https://staysafeonline.org/stay-safe-online/online-safety-basics/ ** A message from the National CyberSecurity Allience. References: https://www.cyber.nj.

I use my own set of smilies

The file is malware and is detected by MBAM as; Padodor.Backdoor.Stealer.DDS Please don't host malicious files on third party sites. I have requested your link be removed by the Forum Administrator @AdvancedSetup

Your posted subject only contains the Domain name Hastopic.com and the body of the post has only a bunch of smilies. Please elaborate on the problem(s) you are experiencing. Help us help you with full explanations of the problems you may have or those you are experiencing.

Your post subject states "Phone stated problem, error code2C224/2" but the body only has question marks. If you received "error code2C224/2", please give details of where and how you received error code2C224/2. In the Malwarebytes software ? On the Malwarebytes Forum ?

Thank you for the choices - Much appreciated !

xerxessecure.com Domain is registered with corporatedomains.com Domain is registered to Comcast Corporation Domain Name Server (DNS) is hosted by Comcast Cable Communications, LLC, USA - New Jersey Domain was created on 3/5/2019 Domain was last updated on 10/21/2020

Old mechanical typewriter character striking arms could get stuck against another if one typed too fast. One had to physically separate striking arms. So a keypad was designed to slow one's typing down to mitigate striking arm conflicts. Thus was born the QWERTY keyboard. Even after there were electric typewriters using Ball and Thimble print heads, the QWERTY layout was the de-facto standard where there were no striking arms to get stuck against each other. Subsequently the QWERTY standard layout was inherited by computers. Everyone knew the layout and were accustomed to it.

Then I would suggest the parent of Verisign, DigiCert (acquired from Symantec). While I do not have recent information, I know that in the past malicious actors have digitally signed malware with Comodo Certs.

You see what I am using. I like its contrast and ease on my old eyes.