Jump to content

guitareth

Members
  • Posts

    14
  • Joined

  • Last visited

Everything posted by guitareth

  1. Many thanks Porthos. It's a shame that the Malwarebytes staff member Zynthesist neither responded to my comments or had the decency or good sense to reply with as helpful a response as you. He just went straight to the brief factual response which was very unhelpful for non-technical customers like myself 🙄. I would hope that Malwarebytes staff will recognise this and make an effort in future to post more helpful responses - as indeed TeMerc has done by at least linking to a report. I have now asked my hosting provider to address this issue. Furthermore - in case MalwareBytes are interested - I can confirm that I have still not received ANY email notifications to any updates on either of my posts relating to this matter (and again I have checked and confirmed that my antispam and antivirus apps have not blocked any such emails).
  2. As nobody has responded since Monday to my original posting I am forced to re-submit it as a new topic! Very frustrating! Anyway, I refer you to my original post and thread at
  3. I just saw your response as I logged in to the forum today - as I was concerned that I had not as yet received any update. So I have two further comments: Why did I not receive an email alerting me to your response on Friday? I am following this topic and have received email notifications from malwarebytes to another recent issue I reported - so I don't understand why no email notification was issued for this one. And yes I have checked my spam filters/folders and there is no sign of any email notification from you. Your blunt response "The IP 92.204.218.140 is blocked for recent port scanning brute-force attacks" may be factual, but it is completely and utterly unhelpful to me as a non-technical person. I have to ask- what has caused that and what can I do to fix it - or more specifically, what should I request that my hosting provider does to fix this? Please respond ASAP, and please try in future to be more helpful in your responses. Gareth
  4. We are a website development company and we developed the website at https://www.jeangreenhowe.com/ (IP address: 92.204.218.140 ). We host it via a reseller hosting package with Tsohost.co.uk. It has not been updated for some weeks and was all working fine, but as of today my Malwarebytes Premium v 4.5.0 on my Windows 10 PC has started blocking it via my web browsers (Firefox and Chrome) saying it's blocked due to being "Compromised" - see attached screenshot. I also found I could not access the site via FTP for same reason. I disabled Malwarebytes and have checked the site files manually and cannot see any suspect files. I have also scanned the website using the following malware scanning websites and ALL of them report the site is clean (URL includes scan results in some cases): https://www.virustotal.com/gui/url/a887ba0168109267450b4e43d7e957eda8cc1c4d32b16c436481061aa988c380 https://sitecheck.sucuri.net/results/https/www.jeangreenhowe.com https://securityscan.getastra.com/malware-scanner?site=https%3A%2F%2Fwww.jeangreenhowe.com%2F https://www.siteguarding.com/ https://quttera.com/ https://scanner.pcrisk.com/ I therefore assume this is a false postive by Malwarebytes. Can you please therefore urgently updated your software to stop this site from being wrongly blocked. Thanks Gareth
  5. Oops I see what's happened. For these most recent responses I logged in on my phone and have used an old username. You will find my recent posts about this issue against username Abnet.
  6. Search my posts and you'll see that I reported I was suffering this problem in this thread, and in another thread specifically about the problem with Excel files.
  7. No. Sorry just assumed not fixed yet when someone was still reporting the problem.
  8. Ridiculous that this issue has not been resolved by Malwarebytes after all this time 😒
  9. Hi Borislav That's great. I cannot thank you enough for all your help with this. Have made a wee donation via PayPal. Thanks again. Gareth
  10. Hi Borislav All seems good now. And I've been using Firefox for around an hour this morning and its not crashed. So did the log indicate that it had processed your script OK? And if so, do you think that's my PC all clean again? If so, appreciate if you can answer my question s in my post of yesterday at 09:58 AM. Cheers Gareth
  11. OK, followed your instructions. Just to highlight exactly what happened in case it has not processed your script (I assume the log will confirm that to you): 1. Before dragging the file into Combofix, I disabled my Antivirus software (ESET NOD32) and Windows Defender, and closed down browser and all other progs. I know you did not specify to do so again, but thought I should to be on safe side. 2. I then dragged the text file I'd created into the Combofix icon and it started up. 3. A window popped up saying some Windows controller or similar could not run - but maybe this was just coincidence - I closed that window. 4. Combofix then gave message that it could not run cos of other progs running and I needed to restart my PC for it to run. I did so. 5. On restart of PC, Combofix did not automatically run, so I disabled my Antivirus and Windows Defender as before, plus killed as many other running processes as I could from Task Manager. 6. I then dragged the script into Combofix again. This time the Combofix window opened but first thing it said was that there was a newer version of Combofix available - did I want to download it? I agreed to that. It downloaded the new version then continued to run. I saw it go through setting up a restore point then went away for a short while. When I came back it was closing its DOS window and restarted my PC itself. 7. On restart it showed standard messages as before and then said it was creating the log. 8. I've attached the new log file. As I say, my only concern is to whether amongst all that it actually processed the script in the text file I dragged into it - or whether it just ran Combofix as standard - but I'm hoping you can tell from the attached log. Just let me know what I need to do next. Thanks again Gareth Combofix_Log2.txt
  12. Looks hopeful. Combofix reported it had found rootkit activity then insisted PC be restarted to complete the scan, which it did. I attach copy of Combofix log. The blocked URL popups are no longer appearing when I use Firefox. However, Firefox crashed again within couple of minutes of opening it for first time - it's been crashing regularly since this problem all started - but maybe that's just coincidence? Just checked and Windows Update is functioning correctly now also. From the log report are you able to confirm... 1. Has the rootkit or whatever been fully removed from my PC? 2. What exactly was it that my machine was infected with? 3. How/where I may have got this infection? I am super-careful about opening files, dodgy sites etc. and this is first time I've ever had an infection like this in 13 years of using PCs (I run a web design company so am online all day almost every day) so would like to know how I may have been infected. Is there anything else I need to do? What about reinstall of Java? Thanks so very much for your help so far. Combofix_Log.txt
  13. Hi Borislav Thanks for such a quick response. I've followed your instructions. When I ran Malwarebytes' Anti-Malware at the end of the process it again found no infections, but here's the log, plus it and other logs are contained in zip attachment. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4309 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 13/07/2010 21:28:04 mbam-log-2010-07-13 (21-28-04).txt Scan type: Quick scan Objects scanned: 152217 Time elapsed: 10 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Files.zip
  14. I'm having similar problems to http://forums.malwarebytes.org/index.php?s...rt=#entry283326. Yesterday when I started up my windows Vista PC, when it came to the user login window there was an error box titled Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.