Gregory Norris

Website blocked due to suspicious content Website Blocked: objects.githubusercontent.com v2.6.27 | Heuristics: suspicious content Malwarebytes Browser Guard blocked this page because it may contain malicious activity. I presume this is due to some people using github to distribute actual malware but in my case it tried to block the download of a Joplin update. To be safe I scanned the actual file with Malwarebytes which didn't find any malware (I always check anyways due to the possibility of upstream attacks).

I'm trying to install the latest version and I'm getting false positives.NiceHashQuickMinerInstaller.zipexcavator.zip

I've not used this software before but have found many recommendations for it including this particular version which doesn't appear to have been changed in quite a while. ccunlockerreport.txt Unlocker1-9-2.7z

Program and Link were detected in last scan (1/26/2022) as Malware Sandbox 23. Searching the forums resulted in one previous false detection from 2020 which was corrected. I've been using the program since at least April of 2021 with no issues. The program itself doesn't appear to have been updated in many years (it's still one of the best free duplicate finders I've found). AwesomePhotoFinder.zip

Check your email to see if it's still there, if you deleted it and don't have it backed up somewhere I imagine they could email it to you again (if support is also up and working now, it was down before). It could still be on a receipt as well. If you used mb-clean it should have created a txt document with the keys (it's supposed to re-enter it as well but it froze on me after reinstalling when I tried it earlier [which didn't work since they hadn't released the update yet]).

Open Task Manager (Ctrl+Shift+Esc) and click the arrow next to 'more details' (I see you've done so already but I want to be thorough for others sake). Click Malwarebytes service (under Processes) and press delete, after a few moments you should get a message that the service stopped working and restarted. If you have the latest update it should now be resolved (at least that's what I did).

For those having network issues my best guess would be that something got corrupted. I'd suggest running the Windows diagnostic tool on it and maybe trying to reinstall the drivers. It is possible that some hardware got burned out but if it did that's not really mbams fault (yes the faulty update caused memory and network problems but if it actually burned something out that means that the cooling system was insufficient and the computer failed to shutdown when it should have). My laptops running a gen 3 or 4 I7 which was still pretty new at the time, it's always on, always a bit hot around the fans but aside from killing my battery (because I didn't use it off charge enough) the system is still running strong after several similar issues throughout the years caused by other programs and sometimes Windows itself. The mbam team should have sent out an email but they identified a new problem and got it fixed in a relatively short timespan which unfortunately happened to coincide with planned maintenance (or so I presume) of the support server (I suppose it's also possible the support server got the bad update as well but they probably have protection against that).

Thank God it's fixed. I had to disable mbam for a while so it would stop crashing my system but it's working now. Honestly had me pretty freaked out since I couldn't access the support site either (apparently it's under maintenance though it could be my blockers) and there was the whole CCleaner scare recently (the attackers took over the update server). This machines starting to get a bit old too and it's always on so I was a little worried about hardware at first (though that fear subsided when I traced the problem to mbam service). After all these years using mbam (and more recently mbam pro) I can honestly say I've had very few issues over the years. A few false positives back in my portable apps days (the compression wrapper used for the apps was also used in some malware), an issue with the UI not starting when I got pro (that seems to be fixed now though originally I just delayed my startup), and then this today. Overall I'd say it's a really good track record and I plan to continue to use and support mbam as long as I can. As a testament to how long it's been since I've used the forums (and a good measure for how rarely I've had major issues) I had to reset my password to access the forums because neither my old notes nor my password manager had it.

I'm thankful for my job I finally got after years of searching. I'd also be quite thankful if I got a free Mbam Pro license.

I just ran a scan that told me that WinDump is malware. I got the program from a trusted site (http://www.winpcap.org/windump/ Rated as excellent on WOT and also the providers of WinPCap which is used for both white and black hat activities). WinPCap is primarily a packet capture tool for Windows, WinDump is a tool used to diagnose WinPCap and other wireless devices supported by it. WinDump is the windows version of tcpdump a linux tool. Though the site doesn't directly say to put it in the System32 directory as I did by placing it in the System32 directory I can easily use WinDump from the command line (it is a command line tool). My best guess as to why mbam detected it as trojan is because it is by it's nature a data capture tool and a malicious version of it could very well steal all sorts of sensitive information. Also, chances are that someone has packaged a virus that uses WinPCap or WinDump just as people have used NSIS to package viruses even though NSIS is not a virus but instead just a highly efficient compression engine. mbam_log_2011_02_01__10_49_11_.zip

Seems ComboFix either removed itself or got removed by another cleaner. Will run OTC when I've finished my current work (Later tonight). Current Backup Solution is to use SyncToy (2.1) to copy all copyable files to my EHDD Comodo usually runs as just a firewall but, due to a recent problematic email (which come to think of it could be related to those weird Temp files-they didn't send anything though.) I'm running Defense+ as well. Malwarebyte's is my only Anti-virus right now but, since I have Comodo and run scans regularly I don't see a need for anything heavier (No need to have to active protection modules). I have my own updater.bat file I created that uses FileHippo, SoftInformer, and Windows Update to check for updates. It also runs the update for mbam from the Command Line. I use Firefox and Opera depending on the application. I like the customization features of Firefox and use AdBlock+ along with WOT to keep spy/adware down (Very few issues there). I use opera for safe browsing and when I'm running on a limited power supply for extended periods of time. (Meetings outside without an outlet). I once had the McAfee Site Advisor and I didn't really like it. I get the same effect with the two smaller plugins I just mentioned. I believe Comodo replaces the HOST file for me. It's also good at blocking incoming stuff. Basically if a program tries to access the net and it's not in Comodo's safe list it will prompt me and if I don't answer in time it will block the request. As far as performance goes I'm planning to reformat it soon and install Win7 64 and possibly switch from having an actual Ubuntu Partition to a virtual Ubuntu using VirtualBox. I'm still looking into all the +'s and -'s that would go along with this. Either way the reformat will give me a chance to really test my hard drive and I'll probably run a MemTest before I even begin the reformatting process. Thanks for all the help.

I successfully ran a scan yesterday after rebooting into Linux and deleting the before mentioned Temporary files. I'm not quite sure what was accessing those files but, I do know it wasn't Firefox, Opera, or Comodo. Mbam didn't report any viruses. Do you still advise I run the ESET scan?

It crashed again. Hopefully the log helps.

Forgot the log: ComboFix.txt