Search the Community

Hello, I have a system running Win 10 and Malwarebytes Home Pre. It appears when I am on the Yahoo email page I randomly get redirected to securessl-dl.com, which is immediately blocked by Malwarebytes. A full scan of the system has not found any malware or other issues. Win Defender and Kaspersky scan also does not find anything. This is the report: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/8/19 Protection Event Time: 7:25 AM Log File: 74f317e2-1340-11e9-b068-94c6916e2bf1.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8678 License: Premium -System Information- OS: Windows 10 (Build 17134.472) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: PUP Domain: securessl-dl.com IP Address: 18.235.178.113 Port: [63289] Type: Outbound File: C:\Program Files (x86)\Internet Explorer\iexplore.exe (end) Anybody see anything like this? Thanks, Larry

Hey all, I have a plugin for Internet Explorer that I need to run in order to watch legal video streams. Unfortunately, I can't run it while Malwarebytes is running because the browser crashes and Malwarebytes gives me the reply you can read in the attached file. Can anyone explain how to exclude this addon so I can watch the video streams? I don't want to exclude IE altogether because I don't want to be exposed to malware. Thanks! error.txt

Hi Team My websites like https://www.changehomepage.net/, https://www.commerce-microsoft.com/, https://www.fixfirefoxerror.com/, https://www.incredimailsupports.com/, https://www.microsoft-number.com/, https://www.thunderbirdsupport.com/ are now malware free. All the information given in the websites are true and very useful. Kindly white-list these websites ASAP. Thanks & Regards Ron Weasley

Same problem here. Any results? ---------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/27/18 Protection Event Time: 8:21 AM Log File: 06c7bc0a-3187-11e8-8fa3-40b03415914b.json Administrator: Yes -Software Information- Version: 3.4.4.2398 Components Version: 1.0.322 Update Package Version: 1.0.4490 License: Premium -System Information- OS: Windows 10 (Build 15063.966) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Internet Explorer (and add-ons) Protection Layer: Application Hardening Protection Technique: Attempt to execute VBScript blocked File Name: C:\WINDOWS\system32\VBScript.dll URL: (end) Already tried --> FRST64, AdwCleaner, Sophos Virus Removal Tool with no results, zie logfiles att. Disabled all add-ons in IE with no results Is there an solution for this? Regards, AvL FRST.txt Addition.txt

Every time I open a new page in Internet Explorer I get a Malwarebytes pop up that tells me "Exploit automatically blocked". This happens for every page including blank pages since 9/17/17 and is getting really annoying! Below is the report text, any help would be appreciated. -Log Details- Protection Event Date: 11/17/17 Protection Event Time: 10:07 AM Log File: 02064c3e-cba9-11e7-a8f9-0250f2eb72f3.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3282 License: Premium -System Information- OS: Windows 8.1 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Internet Explorer (and add-ons) Protection Layer: Application Hardening Protection Technique: Attempt to execute VBScript blocked File Name: C:\WINDOWS\system32\VBScript.dll URL: (end)

Hello all, My moms laptop HP Pavilion g7-1117cl is running slow especially while on Internet Explorer 11. The most she uses it for is on Pogo.com games. i have run the following items: tweaking registry cleaner CCleaner ATF cleaner TFC windows defender microsoft security essentials malwarebytes super antispyware Also did a check on drive c disk defragmenter and it is 2% fragmented. I also did a disk cleanup and no real improvements have been made. I uninstalled IE 11 and restarted the computer, it went back to IE 8, the games on Pogo and all websites loaded great and fast. I reinstalled updates for IE 11 and it went back to the slow speeds. Also it is now showing drive E as 0 bytes full and 0 bytes space available. Autorun doesnt pick up on one cd that we have tried so far. The laptop is windows 7 home edition 64 bit. I did run the threat scan and have posted the log below for malwarebytes. Any help is appreciated and would like to thank-you in advance. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/6/17 Scan Time: 4:45 PM Log File: threat scan log.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2523 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: joy-HP\joy -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 349942 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 17 min, 58 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)

Hi My MWB management server has emailed over a notice about an exploit on a client.. but I can't see particularly what it was unhappy about. The user was trying to use IE to navigate to a URL we use each month.. the user didn't log into the website behind the URL and closed the browser. Could someone tell me what the anti-exploit took exception to? Below is message and attached are the MWB Server log for that client; certain details redacted.. Alert Time: 7/24/2017 12:27:14 PM Server Hostname: SECURITY0 Server Domain/Workgroup: ****************** Server IP: 192.168.100.101 Notification Catalog: Client Description: Exploit threat detected, see details below: 7/24/2017 12:25:09 PM MIR-HR 192.168.100.47 Exploit attempt blocked BLOCK cmorley Internet Explorer C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Attacked application: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE; Parent process name: iexplore.exe; Layer: Application Hardening; API ID: 900; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Total count: 1. SecurityLogs - MIR-HR.csv