AllyLane Posted December 2, 2019 ID:1348356 Share Posted December 2, 2019 Hi Fabulous MWB Team :) Could you please check my system over? New computer but suddenly I cannot open a couple different websites that I visited last week but I know should be 'safe'. These are sites based here in Australia. I have checked with the merchant and they have no known issues with their site. My Antivirus (Kaspersky) blocks the sites from opening with the message as per below: Access blocked The requested URL cannot be provided Object URL: https://www.lights2you.com.au/ Reason: the object is infected by HEUR:Trojan-PSW.Script.Generic I have had the same problem on three different browsers - IE, Firefox and Chrome. Firefox in particular was behaving strangely. Tried to uninstall/reinstall but would not run at all, so I have removed it totally for now. Logs are attached. Thanks so much! FRST.txt Addition.txt MWB Threat Scan.txt Link to post Share on other sites More sharing options...
nasdaq Posted December 2, 2019 ID:1348441 Share Posted December 2, 2019 Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Remove this program in bold via the Control Panel > Programs > Programs and Features. App Explorer (HKU\S-1-5-21-342898083-3662286053-1871714754-1001\...\Host App Service) (Version: 0.273.3.707 - SweetLabs) <<<>>> Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The Computer will restart when the fix is completed. It will create a log (Fixlog.txt) please post it to your reply. === Please post the Fixlog.txt and let me know what problem persists. fixlist.txt Link to post Share on other sites More sharing options...
AllyLane Posted December 3, 2019 Author ID:1348568 Share Posted December 3, 2019 Thanks nasdaq. All done, log is attached as requested. The same problems I listed above still persist. Fixlog.txt Link to post Share on other sites More sharing options...
nasdaq Posted December 3, 2019 ID:1348611 Share Posted December 3, 2019 Hi, Try this: Microsoft Edge: How to Clear Browser History and Cachehttp://acer--uk.custhelp.com/app/answers/detail/a_id/38047/~/microsoft-edge%3A-how-to-clear-browser-history-and-cache If the problem persist let me know if you can or cannot open the sites using an other browser. Link to post Share on other sites More sharing options...
AllyLane Posted December 3, 2019 Author ID:1348732 Share Posted December 3, 2019 Thanks. I have cleared cache in both browsers (IE and Edge), am still not running Firefox so have not tried. The website is still blocked. I have attached a report from my antivirus program to show you the error logs. Starting to think this is a false positive. When I disable Kaspersky, but leave MWB running, I am able to open the website on both browsers. Kaspersky Report.txt Link to post Share on other sites More sharing options...
nasdaq Posted December 4, 2019 ID:1348803 Share Posted December 4, 2019 Hi, Could this save the day. Malwarebytes for Windows antivirus exclusions listhttps://support.malwarebytes.com/docs/DOC-1123 Link to post Share on other sites More sharing options...
AllyLane Posted December 6, 2019 Author ID:1349121 Share Posted December 6, 2019 nasdaq, I have been in touch with Kaspersky, and this has nothing to do with a conflict with MWB. It turns out that the website is actually infected with a malicious tool. This tool, whatever it is, appears to have downloaded to my system. I am now seeing a lot of hanging, slow shutdown, and programs crashing for no apparent reason. My system is definitely infected. Could you please help me to clean things up? Link to post Share on other sites More sharing options...
nasdaq Posted December 6, 2019 ID:1349191 Share Posted December 6, 2019 Hi, Check this Edge Syncing. If the problem persists and you are Syncing Edge with other devices reset it. https://www.tenforums.com/tutorials/36286-turn-off-sync-favorites-reading-list-microsoft-edge.html === If the problem persist run this program. --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. ======= Run the Farbar program one more time and post fresh FRST.TXT and Addition.txt log for my review. Link to post Share on other sites More sharing options...
AllyLane Posted December 9, 2019 Author ID:1349596 Share Posted December 9, 2019 I don't sync Edge across any other devices, but I have disabled it anyway. Logs are attached. ReportRogue.txt FRST.txt Addition.txt Link to post Share on other sites More sharing options...
nasdaq Posted December 9, 2019 ID:1349683 Share Posted December 9, 2019 Hi. Your logs are clean. Did the RogueKiller save the day? Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 5, 2020 ID:1354121 Share Posted January 5, 2020 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts