Porthos

@Fred232 Could you please provide the protection log skowin the detection.

But clear the storage like the instructions state.

@BjelakovicL Pimg

A failing drive can run slowly.

Log for staff. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/12/2024 Scan Time: 1:49 PM Log File: 6eb654d6-f8fd-11ee-aecc-001a7dda7102.json -Software Information- Version: 5.1.2.109 Components Version: 1.0.1214 Update Package Version: 1.0.83361 License: Premium -System Information- OS: Windows 10 (Build 19045.4291) CPU: x64 File System: NTFS User: I7-PC\SAPC -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 33 sec -Scan Options- Memory: Disabled Startup: Disabled File system: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4019933037, C:\MALWARE TEST NO WD\LAUNCHERGS\LAUNCHERGS.EXE, No Action By User, 1000000, -275034259, 1.0.83361, 6445A97FE7465300EF9B4F6D, dds, 02777364, 98DA5AADA37CB17C2A7AB1F4C6610915, F95D9DD676C56CDD0F9F37476B8A10CCA6B173D00DB50CCAB4C0F0F4D152F2D1 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)

Browser guard block even after resetting the extension. It is to access my one drive when remoting my clients.

If you can not see the Browser Guard icon in the browser toolbar, click the puzzle icon and unhide or pin the icon. If you're having issues with Malwarebytes Browser Guard you may want to try to update the program manually. Click on the extension icon Click the Kebab Menu -> then Support Click the Check for database updates button If still having an issue then click Clear Browser Guard Storage, Restart the Browser, and check for Database Updates again

Add the faceit exe's to allow applications to connect to the internet. Also, this is not helping you any. Restore back to hourly. I am going to suggest you make the following change so Malwarebytes and Windows security(Defender) can work alongside each other to protect you. Please make the following change in Malwarebytes if you're using the Premium or Trial version Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the Security, or General in V5 tab. Then turn off "Always register Malwarebytes in the Windows Security Center" Restart the computer

Veuillez soumettre un seul ticket/demande. Des billets supplémentaires augmenteront le retard. Sachez que la réponse peut prendre 3 à 7 jours ouvrables après la réponse automatique avec votre numéro de ticket.

1payuq.ph.files.1drv.com

@wrmiles Let's get the info to get the process started. Be aware it will take many steps and scans to fully remove malware. Please respond to all future instructions from your helper in a timely manner. Please do the following so that we may take a closer look at your system for any possible infections. Do these 2 steps FIRST so that files and folders are set to SHOW, plus also, Turn OFF Windows Fast Start. Show-Hidden-Folders-Files-Extensions https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/ Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ Then please restart the computer and then do the following. WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run. In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply Then be patient for the next expert to take your case. Thank you

Since it was not included, a log for staff. -Website Data- Category: Phishing Domain: outlook.advantis.ai IP Address: 99.86.74.71 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

@Forrial Also need to clarify, that both the premium and privacy are both yearly subscriptions.

Please do the following so that we may take a closer look at your system. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ Then please restart the computer and then do the following. WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run. In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply Thank you

That is the issue. This is one issue only the support desk can address. The forum can not deal with license issues. Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help Please submit only one ticket/request. Additional tickets will increase the delay. Be advised it can take 3-7 weekdays for a response after the automated reply with your ticket number.

This is a browser guard exclusive block. I have moved your post to the correct section so the Browser Guard team can address it. @JPopovic

@tara3 This is the second time today you have posted in the wrong section. I have moved your post to the correct forum section. Also, could you provide a screenshot of the block?

You do not look infected but the computer could use a tune-up and basic cleaning. Please post the same log you posted here in a new topic in the malware removal section.

It is classified as adware. Staff will review. It was already reclassified as adware @JPopovic@BjelakovicL

Should be fixed already. Be sure the client updates if there are any issues. If you're having issues with Malwarebytes Browser Guard you may want to try to update the program manually. Click on the extension icon Click the Kebab Menu -> then Support Click the Check for database updates button If still having an issue then click Clear Browser Guard Storage, Restart the Browser, and check for Database Updates again

https://support.threatdown.com/hc/en-us/p/nebula_quickstart https://support.threatdown.com/hc/en-us/articles/11715742772627-Nebula-Onboarding-Guide-for-IT-admins https://de.malwarebytes.com/pdf/guides/MBQSG.pdf https://www.malwarebytes.com/blog/business/2022/11/10-malwarebytes-nebula-best-practices If you need other assistance, I would highly suggest that you open a support ticket with Business Support to work with them directly. Submit Business Support Ticket

It is a False positive. That tool is used by many malware removal forums to clean up the tools used during malware removal. It is also a very old version as well. you can delete it. Given you had rootkit scanning enabled, that might be the reason since this reads usermode with kernelmode version and when a file is in use at the time, it might see a difference here. This doesn't mean it's a rootkit though. This might just happen when the file is in use. Sometimes this also gives unpredictable results as that engine works slightly different. This is exactly why rootkit scanning is disabled by default when you install Malwarebytes. Also because our current engines are powerful enough already to deal with rootkits even when rootkit scanning is disabled. Rootkit scanning is not enabled by default. You may want to disable that unless you think you have a rootkit infection. Rootkit scanning is really aggressive and does ignore some whitelisting which can result in false positives. If you decide to keep rootkit scanning on, just be aware of the possibility of false positives.

Do you have a screenshot of the block from Malwarebytes? @Kitboga

@ET-S Do you have a screenshot showing the block?

@Kata Please do the following so that we may take a closer look at your system. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ Then please restart the computer and then do the following. WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run. In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply Thank you