Jump to content

Fab4

Members
  • Content Count

    18
  • Joined

  • Last visited

About Fab4

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello Ron, First of all, I deleted the FRST folder in safe mode. The real reason I'm responding back is related to a question that I was hoping you can share your thoughts / or a comment regarding the malware that was just removed. After my initial individual efforts using Malwarebytes3 and AdwCleaner, and also through your guidance, my system now starts to try automatically installing the Intel Software Guard Extensions (SGX) driver. The automatic install repeatedly fails after becoming stuck in queue. My question is probably outside the boundaries or scope of this forum, but I was wondering whether SGX may have been waiting to install until recognizing a clean system. The driver tries to install since SGX was set up to be supported in a ready state on my system from the factory configuration in the BIOS setting known as 'Software Controlled'. I was wondering whether you know if Windows 10, upon recognizing a clean system and the platform enabled is now trying to install the driver. I wasn't aware my system even met all the full criteria for SGX until noticing these repeated failures to install the driver. Thank you
  2. The system is running fine thank you... No signs of infection. I'll check to verify that the OEM has the latest network driver. I found the files quarantined in C:\ FRST\Quarantine\C \ProgramFiles(x86)\DriverToolkit Questions: Do you recommended (deleting) the quarantined files? Can this entire path directory be safely deleted?
  3. Hello I've attached all the log files per the instructions. DriverToolkit PUPs were removed from C:\ProgramFiles(x86)\DriverToolkit. I'm not at all familiar with the Farbar recovery scan tool. I'm not sure what the tool performs. I don't know where to look to find the quarantined DriverToolkit PUPs The Fixlog reported under =Remove Proxy= that 4 registry entries were removed. Also Fixlog reported C:\Program Files(x86)\DriverToolkit => moved successfully Addition.txt FRST.txt AdwCleaner[C02].txt MB3 Threat Scan.txt Fixlog.txt
  4. alrighty okey-doke then. Since almost 24 hrs passed since my post, I assume the standard protocol on this forum for reaching the support team is to first attach the mbst-grab results zip file. I don't know why exactly this would necessitate invoking a response unless if my screen shot didn't show the same files that are on the list of quarantine files from the Malwarebytes log (file:14) posted on the Removal Instructions I do need to bring to attention one fact however and that is this. I ran AdwCleaner BEFORE running Malwarebytes 3. AdwCleaner quarantined most of the DriverToolkit PUP's. Therefore I believed it necessary to attach the log file(s) from AdwCleaner (before and after quarantine) Sorry if I've stepped on anyone's feet. I'm still learning the nightclub two-step mbst-grab-results.zip AdwCleaner[C01].txt AdwCleaner[S01].txt
  5. To add some clarity (or possibly confusion), the Removal Instructions for DriverToolkit posted here on this forum lists these files as being quarantined. Please refer to the Malwarebytes log (file: 14) from that original post on the Removal Instructions. The question is why didn't MB quarantine these files?
  6. I ran into a big problem with the Windows 10 feature update that I couldn't solve. I contacted Microsoft the first time in like 10 years. I requested level 2 support... and MS offered to troubleshoot the headache by remotely assist. Without my consent or knowledge they installed DriverAssist by Megaify Software. Seriously, to troubleshoot a problem with Windows update? Unfathomable. After screaming obscenities, I ran Malwarebytes and AdwCleaner to scan & quarantine the PUP's and registry entries. Malwarebytes quarantined all except four files in a folder called C:\Program Files(x86)\Driver Toolkit . Two files are driver package installers (DPInst64.exe and DPInst32.exe) that Virus Total lists as Signed files, Valid signatures by Microsoft Corporation. The other two are dynamic link libraries (msvcp100.dll and msvcr100.dll), again which Virus Total blessed. I want to delete the entire folder - Driver Toolkit. I don't know why MBAM wouldn't touch them with all the PUP's it found in that folder. Ideas on the best way to handle these ?
  7. Thank you. The clean operation removed all remnants in the system files and registry. I wasn't aware the Malwarebytes Support tool could perform this without a re-install. Great!
  8. Would someone kindly define what the Malwarebytes bot means by their Windows product? e.g, Adware Cleaner, JRT, Windows Firewall Control by BiniSoft ? Or is it supposed to mean Malwarebytes 3 for Windows versus Malwarebytes for Android ?
  9. Neither of the two selections provided by the Malwarebytes bot are relative. I didn't install a Malwarebytes Windows product nor do I have a license issue for a paid version of MalwareBytes I only installed Malwarebytes 'Trial' premium version for consumers.
  10. I have the feature update of version 1809 build 17763 Windows 10 that I received in December 2018 through the Windows Update process. I have been running Windows 10 without any issues whatsoever (knock on wood). The previous version I undated from also had no issues either which was version 1803. I enabled the Windows ransomware protection just last month for the first time and it performed flawlessly without any issues. It automatically creating protected folders and allowed me to add apps through the Controlled Folder Access in Windows 10 settings. Approximately the week following after enabling Windows ransomware protection, I installed the Premium 'trial' version of Malwarebytes, unaware that Malwarebytes premium comes with anti-ransomware. After I installed the Malwarebytes trial version, I began to notice issues with not only Windows ransomware protection that I had not seen before, but also my printer unable to print from a browser. I only recently purchased a new Dell XPS desktop 1 year ago. This is a breakdown of issues I've experienced : 1) Windows notifications prompts me that ransomware protection is blocking the apps I already added as allowed apps while running them from a USB thumb drive. 2) After deciding to focus on resolving the printer issue and troubleshooting with Dell on the printer, the only resolution to fix the print issue was to perform a system restore . I saw only two choices of system restore dates to select - the date MalwareBtyes was installed and after it was installed. I selected the former. The printer issue was resolved and Malwarebytes could no longer be ran. 3) My focus turned toward troubleshooting the Windows ransomware protection. I'm still receiving Windows notifications whenever I run a portable app from the USB drive that says these apps are being blocked even though the apps were already added. I can see those apps added under Controlled Folder Access in Windows settings. My concern is that I can see a lot of remnants of Malwarebytes that are scattered throughout my system files and registry. The most logical method I know to successfully remove all of the traces and leftovers would be to re-install the MalwareBytes trial version, and then perform a clean un-install with an uninstaller tool. The problem with that method however is my system already installed the trial version, so I will not be permitted another re-install. After reflecting back on what sequence of events had to have caused these issues, I have to derive from those experiences that all of the issues began prior to the restore which leads me to conclude the installation of the MB application likely caused a conflict. I can only make a request at this point to Malwarebytes if it's at all possible, on whether a temporary key for re-installing the trial version could be issued so that I can perform a clean un-install. It would be the easiest and cleanest method. However if there is a better resolution, I am most willing to give something else a try. Thank you in advance
  11. Thank you for clarifying this. The Binisoft landing page beginning with "We at Malwarebytes are big fans too". I don't know another way to interpret that announcement. Hence the reason for the obfuscation and asking the question who the official support site is.
  12. After the acquisition last year and the fact that one can't download Windows Firewall Control directly from Malwarebytes official website, does Malwarebytes offer support to a user where they might be experiencing with the latest version? A recent article on Ghacks cited their source from Malwarebytes asking users to uninstall the current version of Windows Firewall Control manually before they run the installer again. Other than the measure to uninstall previous versions, there are very few posts that I could find on Malwarebytes forum about problems encountered. It would build greater assurance if one knew who to turn to for support. At least, I'd feel better knowing if I ran into a problem with Windows Defender Firewall. I've already made recent changes to the default settings to block all outbound traffic. I never used WFC before and I haven't installed it yet. I thought I would perform all the changes from the settings in Defender first before installing the application. Then after installing WFC, the options to add rules to allow programs to make connections would prevent Defender maybe from having the tendancy to complain, or maybe a least amount of notifications. I'm currently running Malwarebytes Premium so I suppose no news is good news on the MalwareBytes forum about WFC running at the same time potentially conflicting with one another.
  13. Further reading on Google has led me to more understanding behind Google's bolstered efforts, beginning on Chrome (beta) for Android (64.0.3282.29). This was supposed to include big changes on the browser's security side. It was in version 64 that it's pop-up blocker features behavior was included so that it would be more efficient at blocking re-directs. After disabling Javascript for the very first time today as suggested, I noticed an inability to log in to some online accounts. Yet my device has been updated to Chrome stable version 64.0.3282.119 ever since Feb. 1st with the stronger pop-up blocker, and my browser experienced one instance as I mentioned at the beginning of this thread. I'm finding that I'm often misunderstanding the terms frequently used - Ads and Pop-ups. These seem to mean those commonly related less threat-like, nuisances. Malvertising , however, seems to be a term more suited to differentiate what appeared to have occurred on my stable Chrome browser. Security features often seem lacking better descriptive term(s) or else they use the terms 'Ads and Pop-ups' interchangeably to mean a security threat similar to the four or five occurances that happened on my Chrome browser. Certainly, Ads that 'pop-up' in a window that have an 'X' to close that window while viewing the website page, can not be the identical type of threat as when on a web page that suddenly opens links in new tabs and re-directs the old tab to a new URL. Google just released Chrome for Android 65.0.3325.53 (beta) on Feb. 6. I'm planning to wait for the stable version from Google Play to be available to see whether any security bugs may have been found in 64. In the meantime, I'll have to keep toggling JavaScript 'on' and 'off'.
  14. Thanks. I've been actively looking for another Browser for Android. In addition to Opera that you mentioned, I've been reading about Firefox as an option to mask the Browser and OS. I can't remember for certain whether it had , or still has built-in UA masking script to spoof sites to thinking you're using another browser. I know Chrome (for desktop) has an extension offered by Google. The odd thing about that is, Google states it does NOT increase your browsing security? So I can't see the reason why Google developers created it. Thanks for the tips !
  15. Wow ! Holy cow These 79 pgs are going with my saved files. Thanks I must be doing alright since that I've only had two types on one device. I've never seen it happen on any computer.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.