shadowwar

Moderators
  • Content count

    7,732
  • Joined

  • Last visited

1 Follower

About shadowwar

  • Rank
    Forum Deity

Recent Profile Visitors

58,678 profile views
  1. Please report the site here: https://forums.malwarebytes.com/forum/155-newest-ip-or-url-threats/
  2. You can add it to the malwarebytes exclusion list and no longer be alerted.
  3. This file came from that path directly? This file is broken like mbam tried to quarantine it and it wont run in its current state. However fixing the file it is the valid firefox file. Would be safe to ignore just very strange that you have it running from there.
  4. This is not the correct path where firefox.exe should be. C:\USERS\MIKE\FIREFOX.EXE Most often when its located in userroot like here its often malware. It should be located here: C:\Program Files (x86)\Mozilla Firefox\firefox.exe or C:\Program Files\Mozilla Firefox\firefox.exe Can you please zip the file that is being detected and attach it here so i can have a look? An alternative would be to submit it to virustotal.com and paste the link here to the report.
  5. This should be no longer detected. This has been reported to dev again. The quarantine may not show up till after you reboot.
  6. understood. See pm to follow.
  7. Couple of questions as i am trying to figure out what is going on here. Are you running mbam offline? We have preliminary tested this but have been unable to repro in our testing environments. Could you please send me the full mbam That said i should of fixed this. Either Mbam will have to be online and or you will have to update the database to get the fix. Can i also ask for you to do this so we can figure out what is exactly happening? The MBARW devs/staffers must have good, detailed, documentation for a quality analysis. Please consider running the following Malwarebytes written data gathering Support Tool: 1.) Download arwlogs.exe to an Administrator desktop of the system in question. https://malwarebytes.box.com/s/fpbjgxi0cp1feswku3a5d3c92iggv9rp 2.) Right-click the arwlogs.exe icon and select "Run as administrator". A zipped archive should soon be generated to the Administrator desktop. 3.) Rather than email the archive as the tool directs, please attach the archive to your next reply in this topic. Please consider left-clicking the "Follow" button, near the upper-right corner of your topic, to receive timely email notifications about updates to your topic. Although more data may be required, after the requested data is posted, the Malwarebytes' QA & Developer Teams, and staffers can commence their analysis. Thank you always for your assistance.
  8. To fix this i would need the file and or the malwarebytes service log. You can also send the file to virustotal and link me the report. www.virustotal.com
  9. Ok but mbam 3.still detects? Even if accidently removed all it would do is rewrite the driver and not remove it. So shouldn't affect anything.
  10. This should be a false positive. Can i ask you to run mbar on this machine and send me the logs? https://www.malwarebytes.com/antirootkit/ Please attach here the mbar-log and the system-log,txt from the mbar folder. After you run mbar dont hit cleanup. Just exit the application. Also if it creates files in the mbar folder similiar to this naming structure please zip them and attach them here: filename-k.mbam filename-u.mbam
  11. You will see a decrease in the size of our main mbam database today and tomorrow as we optimize it for performance. Other than a slight boost to scan times you should not see any other changes.
  12. If you are trying to start Malwarebytes and you receive an error message that the resource is already in use then you may be infected with Adware.Yelloader. Please follow the instructions below to remove the infection. 1. Download version 1.09.4.1001 of Malwarebytes Anti Rootkit (MBAR) https://malwarebytes.box.com/s/h72aj6mp6rkshh7lk0u7msx810wz75jl 2. Run the exe. Click ok to extract. 3. After extraction MBAR should start. Click next. 4. Update by hitting the update button. After the update completes hit next. 5. Hit the scan button. Please let it finish the scan. This rootkit may slow your machine down and MBAR may look like it will freeze but it will continue to scan. Please allow it to do so. It could take a couple hours. 6. Once the scan is complete, press the cleanup button and allow MBAR to remove what is found and allow your computer to restart. Please don't click on the window why cleanup is running. This may delay it even more. 7. Malwarebytes functionality should be restored. You must run a Malwarebytes threat scan so any remaining detections are removed. This should remedy the rootkit. If you are still having issues please post in this forum or open a helpdesk ticket. Changelog: Made compatible if Malwarebytes 3 was already pre-installed. Updated bundled defintions to more recent package.
  13. This hopefully should be fixed next update.
  14. this will be fixed next update. Thanks for reporting. about 20 mins from now
  15. This will be fixed next update.