Porthos

@Gool You dot not have to scan for rootkits or do full custom scans. Rootkit scanning is not enabled by default. You may want to disable that unless you think you have a rootkit infection. Rootkit scanning takes l long time and is really aggressive and does ignore some whitelisting which can result in false positives. If you decide to keep rootkit scanning on, just be aware of the possibility of false positives.

This is what it looked like for unauthorized users.

Please do the following so that we may take a closer look at your system. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ Then please restart the computer and then do the following. WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run. In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply Thank you

This is a Browser Guard exclusive "Heuristic" block. I have moved your post to the correct section so the Browser Guard team can address it.

I found it for you. It is blocking the downloads, not the site. https://vensim.com/wp-content/molecule.exe

@TonyVSUK Do you have a screenshot of the block from Malwarebytes?

Just do a shutdown. Hold the SHIFT button while doing it.

Don't use the computer. You could create a new topic then since after you get a new drive, it will be about installing Windows.

Do you have a screenshot?

@bobtucker Let's get the info to get the process started. Be aware it will take many steps and scans to fully remove malware. Please respond to all future instructions from your helper in a timely manner. Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Then be patient for the next expert to take your case. Thank you

@MattSV Could you zip and attach the detected file, please

If any of the passwords are currently correct they need to be CHANGED. Is this the same email address you used to sign up at this forum? You should check all of your email addresses here. https://haveibeenpwned.com/

I did not suggest that to stop the block on your backend. That was not the expected outcome.

Having that setting on disables Defender.

Wait for staff to return on Monday to recheck things. If you trust your site and the host you can add it to the allow list. You have not ever mentioned your actual site.

That is crapware. You already have Malwarebytes and if you have not already done it, I am going to suggest you make the following change so Malwarebytes and Windows security(Defender) can work alongside each other to protect you. Please make the following change in Malwarebytes if you're using the Premium or Trial version Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the Security, or General in V5 tab. Then turn off "Always register Malwarebytes in the Windows Security Center" Restart the computer

What AV software?

After you clear sync from your Windows computer then you can clean Chrome on the Mac.

Moved to Malware removal for Windows.

Did you clear the sync in the Google account after cleaning the desktop??

When I try to directly to rbsf5vft.kajabi.com I get the following. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/14/2024 Protection Event Time: 5:16 PM Log File: b1a7346c-faac-11ee-ab82-001a7dda7102.json -Software Information- Version: 5.1.2.109 Components Version: 1.0.1214 Update Package Version: 1.0.83445 License: Premium -System Information- OS: Windows 10 (Build 19045.4291) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: kajabi.cname.getrockerbox.com IP Address: 157.230.184.192 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe @TeMerc@JPopovic@BjelakovicL

Will be posted and you should get one when replied to.

Personally, I do not like the direction MS is taking Edge. I use Firefox as my daily browser. But I only use 4 extensions.

@lucasham Let's get the info to get the process started. Be aware it will take many steps and scans to fully remove malware. Please respond to all future instructions from your helper in a timely manner. Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Then be patient for the next expert to take your case. Thank you

@Realium Let's get the info to get the process started. Be aware it will take many steps and scans to fully remove malware. Please respond to all future instructions from your helper in a timely manner. Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Then be patient for the next expert to take your case. Thank you