Jump to content

1PW

Trusted Advisors
 View Profile  See their activity

  • Posts

    12,407

  • Joined

  • Days Won

    46

 Content Type 

Posts posted by 1PW

    Outbound RTP detection (powershell)

    in Resolved Malware Removal Logs

    Posted · Edited by 1PW

    Hello @wattheheck:

    I don't have any indications why the computer's W11 crashed, and I cannot interfere with the instructions your helper is going to send you. Until your helper does weigh-in, please take NO self-directed remedial actions for the greatest possible success with your system.

    However, you could bypass step one (with AdwCleaner) and continue at step two.

    Thank you.

    Outbound RTP detection (powershell)

    in Resolved Malware Removal Logs

    Posted · Edited by 1PW

    Hello @wattheheck and :welcome::

    Do you have any indications as to why Windows 11 crashed recently?

    Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

    Although I will not be your malware removal helper, please carefully follow the steps in the order given:

    Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

    Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

    Please make the following system changes:  Please pay close attention to the instructions in all the following links.

    1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
    2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
    3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
    4. Disable-Fast-Startup. <<<<< Important.
    5. Show-Hidden-Folders-Files-Extensions.

    Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

    1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
    2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
    3. >>>> Restart the computer <<<<
    4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

    Example image of where to click to attach the five (5) files when posting your reply to your topic:

    image.thumb.png.e208c182ff570799c53bcf57

    The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

    Thank you.

    Manchester VPN blocking website

    in Mac

    Posted · Edited by 1PW

    Hello @IanMetz and :welcome::

    I used my Mac's MB5 Premium Plus to try to recreate what you observed. Initially, I too received a hang condition without the error notification well documented in your attachment. Then I switched to Firefox, Chrome, Edge, and Tor browsers and I made VPN connections with the Daily Mail domain through the Manchester M247 service provider.

    I quit & relaunched my Mac's Safari browser, and this time I VPN connected to the Daily Mail domain. I checked the M247 Network Status (local service provider for Manchester) and found 2 of their 13 Manchester servers were not online. Even so, you would believe their control system would exclude offline servers.

    Please try again and let this forum know if you can connect.

    Thank you.

     

    • Like 1

    cURL

    in General Software and Security Updates

    Posted

     

    cURL and libcurl 8.9.0 have been released. (24-July-2024)

    Website | Download | News | Releaselogs | Changelog | Video Presentations | Documentation |

    Quote

    Changes in 8.9.0 - July 24, 2024

    Changes:

    Bugfixes:

    Further

    The previous release was 8.8.0.

     

    • Thanks 1

    I need help making sure my PC is secure and safe

    in Resolved Malware Removal Logs

    Posted

    Hello @Zurinto and :welcome::

    Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

    Although I will not be your malware removal helper, please carefully follow the steps in the order given:

    Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

    Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

    Please make the following system changes:  Please pay close attention to the instructions in all the following links.

    1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
    2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
    3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
    4. Disable-Fast-Startup. <<<<< Important.
    5. Show-Hidden-Folders-Files-Extensions.

    Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

    1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
    2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
    3. >>>> Restart the computer <<<<
    4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

    Example image of where to click to attach the five (5) files when posting your reply to your topic:

    image.thumb.png.e208c182ff570799c53bcf57

    The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

    Thank you.

    Scan not detecting trojan that pops up as notifcation

    in Resolved Malware Removal Logs

    Posted

    Hello @dfa and :welcome::

    Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

    Although I will not be your malware removal helper, please carefully follow the steps in the order given:

    Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

    Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

    Please make the following system changes:  Please pay close attention to the instructions in all the following links.

    1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
    2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
    3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
    4. Disable-Fast-Startup. <<<<< Important.
    5. Show-Hidden-Folders-Files-Extensions.

    Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

    1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
    2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
    3. >>>> Restart the computer <<<<
    4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

    Example image of where to click to attach the five (5) files when posting your reply to your topic:

    image.thumb.png.e208c182ff570799c53bcf57

    The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

    Thank you.

    Firefox 130.0.1 release now available

    in Firefox

    Posted

    Version 128.0.2, first offered to Release channel users on July 23, 2024

    Quote

    Fixed

    • Fixed an audio echo in video calls on macOS under certain conditions. (Bug 1908539)

    • Fixed an issue where the AdGuard extension popup was not displaying. (Bug 1906132)

    • Fixed an issue causing some screen readers to fail to read when navigating by character in rich text editors. (Bug 1905021)

    • Fixed visual glitches when dark mode is enabled in Windows ARM devices. (Bug 1897444)

    • Fixed an issue causing NTLM authentication failure. (Bug 1908115)

    • Fixed an issue where content displayed on mouseover was not captured in a screenshot. (Bug 1905468)

    • Various stability fixes.

       

     

    • Thanks 2

    Trojan:Script/Wacatac.B!ml detected on my pc

    in Resolved Malware Removal Logs

    Posted

    Hello @Geky212 and :welcome::

    Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

    Although I will not be your malware removal helper, please carefully follow the steps in the order given:

    Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

    Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

    Please make the following system changes:  Please pay close attention to the instructions in all the following links.

    1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
    2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
    3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
    4. Disable-Fast-Startup. <<<<< Important.
    5. Show-Hidden-Folders-Files-Extensions.

    Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

    1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
    2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt 
    3. >>>> Restart the computer <<<<
    4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

    Example image of where to click to attach the five (5) files when posting your reply to yourtopic:

    image.thumb.png.e208c182ff570799c53bcf57

    The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

    Thank you.

    • Like 1

    Seeking some advice--should I take further steps and if so, what?

    in Mac Malware Removal Help & Support

    Posted · Edited by 1PW

    Hello @lvsw and :welcome::

    Please consider adding the Malwarebytes Browser Guard v2.6.0 extension to the iMac's Safari browser if you have not already done so. The free MBG may be obtained through the Mac App Store.

    Other Browsers: Some Mac enthusiasts may recommend another Firefox-based browser that would additionally permit the use of the respected uBlock Origin (uBO) extension along with MBG.

    Browsing Safety: Many legitimate sites exist that will test a domain before you actual visit them. Your call.

    Hopefully, you are doing system backups at reasonable intervals.

    HTH

    Getting MB blocked website popups often

    in Resolved Malware Removal Logs

    Posted · Edited by 1PW

    Hello @jondilly1974 and :welcome::

    In your Protection Event log above, the Domain and IP Address fields are blank. Is this the way it was logged?

    Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

    Although I will not be your malware removal helper, please carefully follow the steps in the order given:

    Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

    Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

    Please make the following system changes:  Please pay close attention to the instructions in all the following links.

    1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
    2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
    3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
    4. Disable-Fast-Startup. <<<<< Important.
    5. Show-Hidden-Folders-Files-Extensions.

    Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

    1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
    2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
    3. >>>> Restart the computer <<<<
    4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

    Example image of where to click to attach the five (5) files when posting your reply to your topic:

    image.thumb.png.e208c182ff570799c53bcf57

    The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

    Thank you.

    macOS sequoia unable to install

    in Malwarebytes for Mac Support Forum

    Posted · Edited by 1PW

    Hello @redstalk321 and welcome back:

    This often happens when Malwarebytes staffers/management have not yet received a go ahead from those charged with Malwarebytes for Mac Test Engineering.

    macOS 15 Sequoia is still at Beta 3 and if history serves, won't release until about November 2024.

    If you are that adventurous, (and are ready to accept the consequences) you could try MB5 for Mac 5.3.2.1393 release version against macOS 14.6 Beta 4 Sonoma. But don't expect Malwarebytes staff to be eager to support the pair quite yet. macOS 14.6 Sonoma could go to release very soon.

    Thank you and HTH.

     

    Malwarebytes for Mac Beta v.5.4.1 first look.

    in Malwarebytes for Mac Beta

    Posted · Edited by 1PW

    For my 2021 MBP18,1, the automatic update (late Friday, 19-July) to the v5.4.1.1525 Premium Plus beta (from v5.3.2.1393) was itself unremarkable.

    1. For curiosity's sake, I did a simple macOS 14.5 Sonoma restart and after the startup phase, the menu bar MB5 icon was a perfect white. (R: 255, G: 255, B: 255) If the menu bar background is still at default, the Mb5 icon is nearly undetectable. After selecting/pulling the new menu structure down, the MB5's icon changed to near black (R: 28, G: 27, B: 31) from its former user chosen blue color. The MB5 icon's color choice now seems absent from general settings. (The color's numeric values are expressed in “native” values.)

    2. The threat scan speed seems acceptably unchanged if MB5's cache is replenished/updated. e.g., ~8 seconds versus ~2 minutes for an empty cache scan. I don't save old scan reports, but it seems that more objects are scanned now compared to v5.3.2. But this did not change my system's manual nor scheduled scans, and is therefore inconsequential.

    3. Perhaps undocumented; if the user decides to have a Dock icon for MB5, that icon will show an upper-right red dot if the MB5 UI is open and an RTP feature is off.

    4. If the user decides to show an MB5 icon in the menu bar, a superimposed active VPN icon is present, as already documented. If an RTP feature is off, the red warning dot is also present, but it eclipses a present VPN icon. However, IMHO this is minor.

    Congratulations to the team for this new release.

    Thank you, all.

    Screenshot 2024-07-21 at 17.26.34.png

    Screenshot 2024-07-21 at 17.31.06.png

    Screenshot 2024-07-22 at 05.51.04.png

    Screenshot 2024-07-21 at 17.46.37.png

    • Like 1
    • Thanks 1

    Random Website Block

    in Website Blocking

    Posted

    Hello @gasmask:

    I set my active VPN's connection city to Dusseldorf and used my Firefox stable v128.0 to connect to the URL you reported above and let the YouTube video go to its end and continue to the next video.

    I have not yet seen any Malwarebytes blocks (Riskware or otherwise).

    Are you still able to reproduce the Firefox/MB5 Premium Riskware blocks?

    Thank you.

    • Like 1

    Tails

    in General Software and Security Updates

    Posted

     

    Tails 6.5 (stable) has been released. (16-July-2024)
    Home | Downloads | Hashes | Changelog | Documentation | Support | FAQ | Known issues | News |

    Quote
    Tails 6.5

    Changes and updates

    Fixed problems

    • Fix preparation for first use, often breaking legacy BIOS boot and creation of Persistent Storage. (#20451)

    • Fix the language of Tor Browser when started from Tor Connection. (#20318)

    • Fix connection via mobile broadband, LTE, and PPPoE DSL. (#20291, #20433)

    For more details, read our changelog.

     

    • Thanks 1

    I think i might be hacked, Or there is malware on my pc...

    in Resolved Malware Removal Logs

    Posted

    Hello @MisterJ and :welcome::

    Thank you for the attachment(s) you have already posted. However, please carefully follow the procedures below in the order given for the best data. Please do not forget Malwarebytes AdwCleaner in its proper order.

    Although I will not be your malware removal helper, please carefully follow the steps in the order given:

    Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process.

    Then, follow each step in the order provided. Unless otherwise asked, please attach all log files.

    Please make the following system changes:  Please pay close attention to the instructions in all the following links.

    1. If you have not done so already, Enable System Protection and create a NEW System Restore Point.
    2. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads. Make sure to turn it back on once the scans are completed.
    3. Temporarily disable the overly sensitive Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed.
    4. Disable-Fast-Startup. <<<<< Important.
    5. Show-Hidden-Folders-Files-Extensions.

    Please run the following scans:  Please Take your time and pay close attention to the instructions in all the following links.

    1. Select the following link and run a Scan with Malwarebytes AdwCleaner with only the eight (8) requested options selected.  Report files: AdwCleaner[S00].txt and AdwCleaner[C00].txt   Please run the scan only once, correctly, to capture any and all error data. Alternate Download Source.
    2. Select the following link and run a DEFAULT Scan with Malwarebytes 5 for Windows®. Report file: Malwarebytes Scan Report YYYY-MM-DD HHMMSS.txt
    3. >>>> Restart the computer <<<<
    4. Select the following link, and then rename FRST.exe or FRST64.exe to FRSTEnglish.exe and run a Scan with Farbar Recovery Scan Tool. Report files: FRST.txt and Addition.txt

    Example image of where to click to attach the five (5) files when posting your reply to your topic:

    image.thumb.png.e208c182ff570799c53bcf57

    The sooner you attach/send the five (5) log files, the sooner one of the Experts will weigh-in on your topic.

    Thank you.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.