[Tor Browser]

The Tor Browser 13.5.2 (All Platforms) has been released. (06-August-2024)
Tor Browser 13.5.2 is now available from the Tor Browser download page and also from our distribution directory.

Blog/Announcement | Full Changelog |

Quote

Full changelog

The full changelog since Tor Browser 13.5.1 is:

• All Platforms
  • Updated NoScript to 11.4.31
  • Bug tor-browser#42835: Filter data transfers containing files
  • Bug tor-browser#42998: Rebase Tor Browser stable onto 115.14.0esr
  • Bug tor-browser#43005: Backport security fixes from Firefox 129
• Windows + macOS + Linux
  • Updated Firefox to 115.14.0esr
• Android
  • Updated GeckoView to 115.14.0esr
• Build System
  • All Platforms
    • Bug tor-browser#42470: Add merge request CI for linting
    • Bug tor-browser-build#40964: Create new Tor Browser gpg subkey
    • Bug tor-browser-build#41168: deploy_update_responses-$channel.sh should check that it is not reverting an update in an other channel
    • Bug tor-browser-build#41184: Update generate blog post script to use new blog header images
    • Bug tor-browser-build#41190: Add morgan.gpg to keyrings and list of valid keyrings in firefox+geckoview
    • Bug tor-browser-build#41191: Remove richard.gpg from keyrings and list of valid keyrings in firefox+geckoview
    • Bug tor-browser-build#41204: NoScript isn't added automatically to Mullvad Browser changelogs

 

[communication with mullvad server]

Hello @Aryna:

Although a bug fix was made to correct the unnecessary traffic to Mullvad.net in MB5 for Windows v5.1.5.112 in June, is/was a similar fix scheduled for the MB5 for Mac product?

Thank you.

CC: @TBA

 

[communication with mullvad server]

Hello @TBA and :

Is the Malwarebytes 5 for Mac v5.4.1 edition Premium Plus?

Thank you.

 

[Firefox 130.0.1 release now available]

Version 129.0, first offered to Release channel users on August 6, 2024

Quote

New

• Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment. These changes offer a more accessible reading experience.

  

• Reader View now has a Theme menu with additional Contrast and Gray options. You can also select custom colors for text, background, and links from the Custom tab.

  

• A tab preview is now displayed when hovering the mouse over background tabs, making it easier to locate the desired tab without needing to switch tabs.

  

   

  This feature is part of a progressive roll out.

  What is a progressive roll out?

• HTTPS is replacing HTTP as the default protocol in the address bar on non-local sites. If a site is not available via HTTPS, Firefox will fall back to HTTP.

• HTTPS DNS records can now be resolved with the operating system's DNS resolver on specific platforms (Windows 11, Linux, Android 10+). Previously this required DNS over HTTPS to be enabled. This capability allows the use of HTTP/3 without needing to use the Alt-Svc header, upgrades requests to HTTPS when the DNS record is present, and enables wider use of ECH.

• Added support for multiple languages in the same document spoken in macOS VoiceOver.

• Address Autofill is now enabled for users in France and Germany.

Fixed

• Various security fixes.

 

Mozilla Foundation Security Advisory 2024-33

14 Security Advisory Impact Fixes: 11 High, 2 Moderate, and 1 Low

Quote

 

Security Vulnerabilities fixed in Firefox 129

Announced

August 6, 2024

Impact

high

Products

Firefox

Fixed in

• Firefox 129

#CVE-2024-7518: Fullscreen notification dialog can be obscured by document content

Reporter

Shaheen Fazim

Impact

high

Description

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack.

References

• Bug 1875354

#CVE-2024-7519: Out of bounds memory access in graphics shared memory handling

Reporter

dalmurino

Impact

high

Description

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape.

References

• Bug 1902307

#CVE-2024-7520: Type confusion in WebAssembly

Reporter

Nan Wang

Impact

high

Description

A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution.

References

• Bug 1903041

#CVE-2024-7521: Incomplete WebAssembly exception handing

Reporter

Nils Bars

Impact

high

Description

Incomplete WebAssembly exception handing could have led to a use-after-free.

References

• Bug 1904644

#CVE-2024-7522: Out of bounds read in editor component

Reporter

Irvan Kurniawan

Impact

high

Description

Editor code failed to check an attribute value. This could have led to an out-of-bounds read.

References

• Bug 1906727

#CVE-2024-7523: Document content could partially obscure security prompts

Reporter

Shaheen Fazim

Impact

high

Description

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. 
This issue only affects Android versions of Firefox.

References

• Bug 1908344

#CVE-2024-7524: CSP strict-dynamic bypass using web-compatibility shims

Reporter

Masato Kinugawa

Impact

high

Description

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection.

References

• Bug 1909241

#CVE-2024-7525: Missing permission check when creating a StreamFilter

Reporter

Rob Wu

Impact

high

Description

It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on any site.

References

• Bug 1909298

#CVE-2024-7526: Uninitialized memory used by WebGL

Reporter

s48gs.w

Impact

high

Description

ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory.

References

• Bug 1910306

#CVE-2024-7527: Use-after-free in JavaScript garbage collection

Reporter

Norisz Fay

Impact

high

Description

Unexpected marking work at the start of sweeping could have led to a use-after-free.

References

• Bug 1871303

#CVE-2024-7528: Use-after-free in IndexedDB

Reporter

Jason Kratzer

Impact

high

Description

Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free.

References

• Bug 1895951

#CVE-2024-7529: Document content could partially obscure security prompts

Reporter

Hafiizh

Impact

moderate

Description

The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions.

References

• Bug 1903187

#CVE-2024-7530: Use-after-free in JavaScript code coverage collection

Reporter

Christian Holler

Impact

moderate

Description

Incorrect garbage collection interaction could have led to a use-after-free.

References

• Bug 1904011

#CVE-2024-7531: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines

Reporter

Lars Eggert

Impact

low

Description

Calling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.

References

• Bug 1905691

 

 

[RTProtectionDaemon]

Hello @amzara and :

The RTProtectionDaemon is an essential part of your Mac's protection when Malwarebytes for Mac Premium has been added to the device's security.

And yes, RTProtectionDaemon's PID should always be present.  Although a default setting can be altered for less CPU usage during system scans, it is not recommended. Open the Malwarebytes' GUI  -> Settings -> General -> Advanced tab. It is advised the default High (Recommended) radio button remain selected.

Does any possibility exist the Mac device is under resourced for the expected work load?

Thank you.

[Surge in Magniber ransomware attacks impact home users worldwide]

Quote

A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor.

More...

Some attack vectors: Windows zero-days,  fake Windows and browser updates, and trojanized software cracks and key generators.

[No detecto esto es una vergüenza ahora que ocurrequiénmo pasa esto aquí dej]

Hello @x3200_ and :

Please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[Im not sure what i have downloaded but pls help...]

Hello @jackgosso and :

Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[I think I have a virus]

Hello @Bounty and :

Please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[Manchester VPN blocking website]

@AdvancedSetup:

What is the best way to escalate this topic's VPN issue please?

Thank you.

[uBlock Origin (uBO)]

uBlock Origin (uBO)  v1.59.0 was released on 30-July-2024.

Download: Autoupdate or install from the browser's Add-ons source.

Homepage | Announcement, Release Notes & Downloads | Wiki | 

Quote

• Improve href-sanitizer scriptlet
• Improve trusted-replace-node-text scriptlet
• Improve set-constant scriptlet
• Improve prevent-fetch scriptlet
• Improve href-sanitizer scriptlet
• Fix CSP/PP header injection in non-document resources
• Add trusted-suppress-native-method scriptlet
• Add support for $currentISODate$ in trusted-set-cookie scriptlet
• Add essential and nonessential to set-cookie (by @ryanbr)
• Fix distance calculation in picker
• Fix bad serialization of Date objects
• Fix race condition when loading redirect/scriptlet resources
• Improve logging in prevent-addEventListener scriptlet
• Add :matches-prop() pseudo CSS operator
• Improve set-cookie scriptlet
• Improve trusted-replace-node-text scriptlet
• Improve trusted-replace-(fetch|xhr)-response scriptlets
• Improve prevent-addEventListener scriptlet
• Add isodate as available placeholder for auto-comment
• Improve trusted-replace-outbound-text scriptlet
• Classify generic cosmetic filters with comma as highly generic
• Raise max buffer size for response body filtering
• Trim end of class tokens in generic cosmetic filtering's surveyor
• Improve trusted-set-cookie scriptlet

 

 

[cURL]

 

cURL and libcurl 8.9.1 have been released. (31-July-2024)

Website | Download | News | Releaselogs | Changelog | Video Presentations | Documentation | Tutorial | FAQ | Comparison Table | 

Quote

 

Fixed in 8.9.1 - July 31 2024 

8.9.1  8.9.1  8.9.1 only

Bugfixes:

• cmake: detect `libssh` via `pkg-config`
• cmake: detect `nettle` when building with GnuTLS
• cmake: drop `if(PKG_CONFIG_FOUND)` guard for `pkg_check_modules()`
• configure: limit `__builtin_available` test to Darwin
• connect: fix connection shutdown for event based processing
• contrithanks.sh: use -F with -v to match lines as strings
• curl: more defensive socket code for --ip-tos
• CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
• CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
• example/multi-uv: remove the use of globals
• ftpserver.pl: make POP3 LIST serve content from the test file
• GHA/windows: increase timeout for vcpkg build step
• lib: survive some NULL input args
• macos: fix Apple SDK bug workaround for non-macOS targets
• misc: cleanup after removing years from copyright
• os400: build cli manual.
• os400: workaround an IBM ASCII run-time library bug
• RELEASE-PROCEDURE.md: remove the initial build step
• runtests: fold timing details with GHA, sync `-r` tflags
• tests: provide FTP directory contents in the test file
• tidy-up: URL updates
• TODO: thread-safe sharing
• transfer: speed limiting fix for 32bit systems
• vtls: avoid forward declaration in MultiSSL builds
• wolfSSL: allow wolfSSL's implementation of kyber to be used
• wolfssl: avoid calling get_cached_x509_store if store is uncachable
• wolfssl: CA store share fix
• x509asn1: unittests and fixes for gtime2str

 

[Please advise and check for potential malware on my fresh windows pc]

Hello @WubbFlubb and :

Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[Malware continues to reinstall itself after being deleted]

Hello @javon and :

Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[Menu Bar issue]

Hello @IanMetz:

EDIT: Please follow the instructions of @Aryna first.

The attached graphic appears like a severely truncated pull down menu for MB5 for Mac v5.4.1.

If you have tried a restart of macOS, perhaps a reinstalling of the app over the top of the existing install may work.

The newest release is available >>here<< and its validation SHA-256 should be:

 94273265615d931cb72ffbbecdfc0f285dd40fe2179ca2a39a990a036b767fba

Please let the forum know in your next reply how it worked.

Thank you.

[Why doesn't Malwarebytes permanently block a recurring riskware?]

Hello @pwerwath and :

Please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[scan run on an old laptop]

Hello @Iori and welcome back:

Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to your topic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[I think im getting remote hacked on...could someone assist me? thanks in ad]

Hello @Tiaro and :

Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to your topic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[How to manually update protection definitions in version 5.3.1 ?]

Hello @TimothyM and welcome back:

Even though it is no longer seen with the v5.4.1 pull down menu bar icon, the database protection update is still available in two ways:

1. (Preferred) Open the MB5 for Mac GUI and goto Settings ⇾ General and verify that both Automatic update boxes are ticked and that the interval is left at its installed default or at some other reasonable interval.
2. Open the MB5 for Mac GUI and pull down the Malwarebytes menu and select “Check For Updates…”. An immediate application/DTBS update check should result.

As of this reply, the last protection/database update, as seen in Detection History ⇾ Activity log, would have been to v4.0.647 on last Thursday, 25-July-2024.

Thank you.

[Manchester VPN blocking website]

Hello @IanMetz:

Today, I am getting good connections with the DailyMail news domain with my MBP, Safari, MB5+ w/VPN through the Manchester, UK server city.

Let us try escalating to Malwarebytes management/staff: Ping @treed @ElPiedra

Thank you for your patience!

[I think my pc is infected. Stoled my crypto money]

Hello @originalkz and :

Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to your topic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[Sysinternals Suite]

Sysinternals | Homepage | Sysinternals Live | What's New | Sysinternals Suite | Sysinternals Utilities Index | Sysinternals Utilities Downloads | Sysinternals Blog |

Microsoft's Sysinternals Suite 2024.23.07 was released on 23-July-2024.

Sysmon/Symon64 has been updated to v15.15 as of 23-July-2024.

Process Monitor for Linux has been updated to v2.0 as of 23-July-2024.

[0x49019;window.zfgloadedpopup = true; ---- Malicious?]

Hello @StartUpMenu and :

Please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

Although I will not be your malware removal helper, please carefully follow the steps in the order given:

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

Please make the following system changes:  Please pay close attention to the instructions in all the following links.

1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
4. Disable-Fast-Startup. <<<<< Important.
5. Show-Hidden-Folders-Files-Extensions.

Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
3. >>>> Restart the computer <<<<
4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

Thank you.

[Manchester VPN blocking website]

Hello @IanMetz:

It appears as it lasted far too long to be termed a "transient condition". Please let the forum know as soon as you're able if the issue repeats.

Thank you.

[VPN is not working.]

Hello @Uke:

A request will be made, to forum management, to move your reply to a separate topic to avoid confusion.