sabzzz
-
Posts
19 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by sabzzz
-
-
soon after posting the op, malwarebytes shutdown, restarted , and said its up to date, so did the update install after all? should i still do the above instructions if it says its up to date?
-
the new update fails to start, keep getting an error message
-
Its not being blocked anymore. Thanks for checking this out so quick.
-
-
I launched this game through steam, Malwarebytes quarantines dowser.exe, preventing the game from launching.
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 6/26/20
Protection Event Time: 7:46 AM
Log File: aabaa7b6-b7a2-11ea-bc45-50465d64290f.json-Software Information-
Version: 4.1.0.56
Components Version: 1.0.955
Update Package Version: 1.0.26041
License: Premium-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System-Blocked Malware Details-
File: 1
Malware.Generic.553257435, C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe, Quarantined, 1000000, 0, 1.0.26041, A0B209B78876D37720FA09DB, dds, 00780740
(end) -
I am using steam and downloading DLC for a game, and i keep getting website blocked due to trojan, I did a full scan and got nothing. Is this some false positive or a real problem?? I am very worried.
Here is the report:
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 3/27/20
Protection Event Time: 9:46 AM
Log File: 5b5e0e0a-7031-11ea-9bb0-50465d64290f.json-Software Information-
Version: 4.1.0.56
Components Version: 1.0.859
Update Package Version: 1.0.21450
License: Premium-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Steam\steam.exe, Blocked, -1, -1, 0.0.0-Website Data-
Category: Trojan
Domain: steam.naeu.qtlglb.com.cdn20.com
IP Address: 157.185.146.129
Port: 80
Type: Outbound
File: C:\Program Files (x86)\Steam\steam.exe(end)
-
Thank you for getting back to me about the installer files.
The rest of the problems look to be resolved, I am no longer receiving any block due to trojan notifications.
So far, so good.
-
So far I have no more blocking due to trojan notification after using both chrome and Firefox with syncing off, however i did get an outbound block due to phishing.
I know my logs looked clean, but I would like to ask about this attached image. When I use Microsoft Security Essentials and it scans windows installer files, most have that chinese letter in the name, is that normal?
-
Hello,
I do not use and devices synced to the computer.
I have done some browsing with Firefox and have had no notifications, Chrome has not caused any in over 48 hours either.
I will turn Sync off and see how it goes.
I would like to add that around a week before this issue started I had removed Trojan.StolenData via adwcleanr. It looked to have been successfully removed.
-
In addition to the requested log I posted above, I would like to mention something odd I noticed when i did a microsoft security essentials scan. When it was scanning windows installer files, many of the names had an odd chinese character in the names. I believe my windows installer files may be compromised
-
Here is the FRST log.
I haven't used any other browsers enough as of yet to determine if this occurs with them. I will do some browsing using firefox and see if it happens then.
It seems to happen a few times times over a 24 hour period, and only when I have chrome up.
-
Yes, I have also repeated the uninstall and reinstall a second time
-
I hate to say this but I have just received the notification again. I will attach a log
-
after the re-install I so far haven't gotten the website blocked notification, so far so good. If it starts to re-occur I will let you know.
Thanks again for the help
-
I am still getting website blocked due to trojan, outbound connection, after completing the instruction above. the instructed scans come back clean. would you like a log of the event?
-
I went ahead and reset sync.
-
Thank you for the assistance
my system froze during the scan and i had to do a hard reset. after this i booted up Windows reconfigured some registry files and it said it is updating files. as if i had done a a Windows update. I got my system up and running, looks normal, still got an outbound connection website blocked notification from malwarebytes. Should I still reset the chrome Sync as instructed above?
-
I have been getting website blocked due to trojan. I had several threats removed via malwarebytes and adwcleaner, however, the website blocked due to trojan notifications continue and always for a site called the-extension.com. this is after running more threat scans and coming up clean
I tried to download adwcleaner from your site and chrome blocked the download, after allowing it to download, and doing a a custom threat scan, i had 6 PUP. since then i have ran another threat scan which comes up clean, but the above issue of website blocked due to trojan persists.
I will attach the reports and my most recent scan log
the new update fails to start, keep getting an error message
in Malwarebytes for Windows Support Forum
Posted
mbst-grab-results.zipThanks for the help, here is the file.