Jump to content

Dr_Bombay

Members
  • Content Count

    16
  • Joined

  • Last visited

About Dr_Bombay

  • Rank
    New Member
  1. Thanks for all the help and great information for going forward. Please consider this issue resolved/closed. PS - MWB 3 and its support just got you another new customer!
  2. Ok - followed you procedure exactly - attached is the fixlog file. Just as FYI, it saved to the FRST64 folder not to the desktop. Fixlog.txt
  3. Reply to: Advance Setup post. Follow you procedure per you post and all seems to be good. Files attached as requested. However, I am wondering if the issue could come back if the user re-enables Google Sync. Once I disable (turned off) sync MWB was able to clean and keep the threats from coming back. I also tried to follow the procedure that was linked in exile360's post above regarding turning off and resetting Google Sync but I was not able to follow the entire procedure only up to the point of turning off sync not resetting sync which seem to do the trick. I have also attached the original threat scan that shows the repeating threats so that maybe you can tell if these are really issue or not, file name "threat scan 59 issues". Thanks for the follow up! Addition.txt AdwCleaner[C05].txt FRST.txt Threat scan results.txt Threat scan 59 issues.txt
  4. Thanks for the suggestions. It appears that the issue here is Google Sync. I was not able to fully complete the instruction regarding Sync but got far enough to turn it OFF. Since SYNC has been off I have re-scanned and re-booted the computer multiple times and the result is that the threats are not longer coming back or being detected. So that is success! I don't know if SYNC can be fixed and re-enabled (I do not have full access to this google account) and not have MWB detect threats but that is for another day. Thanks!
  5. Hello - Need some help please! Working on a computer that keeps getting the same 59 threats even after MWB says they are quarantined. I have also run ADWcleaner and it also keeps finding threats, not as many and sometime none but I can't seem to keep the system clean. All 59 treats are for MindSpark and all are located/related to Chrome extensions. Attached are the log files from a scan with FarBar. Any suggestion would be appreciated!! Addition.txt FRST.txt
  6. Looks like I found the issue. It was a SPAM email that my filter did not catch which had links to the blocked website. Looks like MWB is doing its job!! Thanks.
  7. After starting the computer and only opening Outlook I get a MWB message "Website Blocked". Blocked Website details: Cat: Ransomware, Domain: N/A, IP add: 86.105.186.110, Type: Outbound Connection File: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE I am trying to figure out what is going on and how to fix it. Seem wrong that Outlook is trying to make an outbound connection with out me doing anything other than opening Outlook. Any suggestions would be appreciated. Thanks!
  8. Ok, finally have a response from the client. A full reset of Internet Explorer has resolved the fake message from popping up. Thanks for the help.
  9. Thanks for the detail analysis. I am also not fond of webmail but many of my clients are elderly and want to keep things as simple as possible. I am also aware of the risks with the advertisements that appear on these webmail sites but my latest test I switched his home page to google, no other pages loading and after approx. 3 hours sitting idle at that page the fake message appeared again. I have asked him to reset IE to factory/default settings but he has not responded since. If no luck I will also have him try Chrome and/or Firefox. I will update as soon as I hear from him. Thank you!
  10. Yes, just like those examples. The point is that is keeps coming back even after Malwarebytes scans which find nothing. The message will come on even if you just let explorer sit there idle. This can happen anywhere between 1 to 4 hours. I have asked the client to do a reset on Explorer and waiting to see if that helps/resolves the issue. Thanks.
  11. I have a friend/client running Windows 8.1 and Internet Explorer (all current and updated) that he uses IE to access his Comcast email. We leaves IE running to monitor his emails but after sitting idle anywhere from 1 hour to several hours the fake virus warning with audio comes on (so this happens without any movement or clicking by the user). The IE tab changes from the current site to flash yellow and now says Microsoft Support (but obviously it is not). The only way at this point that IE can be closed is to use task manager. The user has a current trial version of the latest Malwarebytes program and has scanned the system several times, the first scan 2 weeks ago produced a few PUP/issues and cleaned them but the warning messages came back. Subsequent scans did not find any issues. This is the first time that I have seen this issue where Malwarebytes did not permanently resolve the issue and where the warning message pops up even when IE is sitting idle. Any suggestion how to fix this would be appreciated! My latest attempt was to reset IE - waiting on result. Possibly uninstalling/re-installing IE and/or installing Chrome?
  12. Thanks for the feedback. I will let my user know and report any issue should some arise. Personally, I use the premium Malwarebytes and it works great. I use the free version of SuperAntiSpyware as an extra cleanup tool when/if needed. Again, thank you!
  13. Is it ok or not recommended to run Premium Malwarebytes and Paid SuperAntiSpyware at the same time? I suspect like Antivirus programs you should only have one running at the same time to avoid problems. Thanks.
  14. OK - after a service/process tree stop and a reboot, looks like I am ok. MBAMservice is taking approx. 235K of memory and holding steady. Current: 3.3.1.2183 Component ver: 1.0.262 Update package ver: 1.0.3803
  15. Still having high RAM usages problems! Clicked update and it said update applied: Current: 3.3.1.2183 Component ver: 1.0.262 Update package ver: 1.0.3803 Help!
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.