Jump to content

Star Trek Adventures Website - PDF Builder Fails, False Positive


Recommended Posts

 

https://sta.modiphiusapps.hostinguk.org/index.html

 

 

This website worked yesterday.

 

Why is this website suddenly so blacklisted I can't even download PDF's made from its site?

 

Please fix, white list this site already. Even turning off protections solves nothing.

 

I am not pleased at all, this website is literally a gaming tool for GM's and Players to build PDF files to easily print and use. I cannot use it if your DAMN program blocks it all!

Edited by AdvancedSetup
disabled live hyperlink
Link to post
Share on other sites

  • Root Admin

That IP points back to no listed domain but it does show that many don't trust it

https://www.virustotal.com/gui/url/494fcbcda02351942682591a101984e9a6a013ca9cf71261d44bc0cb53251c01

 

 

 

You can find Scan and Protection logs within the Malwarebytes 4 program in the following location

 

image.png

 

RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged

 

image.png

 

If you click on the View option you should get something similar to the following with other options available.

 

image.png

 

 

 

 

Link to post
Share on other sites

  • Root Admin

The IP for that website shows as the following

Address lookup
canonical name     sta.modiphiusapps.hostinguk.org.
aliases     
addresses     79.171.39.13

https://www.virustotal.com/gui/url/8a5ea1042fcfac4781781ef10cb786ab4486bd9fa9cdf0402df45c81feb7f4bf?nocache=1

 

 

It does not show as: 192.243.59.20

 

Edited by AdvancedSetup
updated information
Link to post
Share on other sites

  • Root Admin

Please just relax and let us help you. This is not a valid site and is blocked on purpose by many companies.

Your computer potentially has a bad cookie or redirect or some other type of infection more than likely. We can help you track it down and correct it but it will take some time and patience on your part.

Let's start by getting some other logs to see what might be going on with your system

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

Link to post
Share on other sites

  • Root Admin

192.243.59.20 is not an internal IP

These are the Private IP addresses

10.0.0.0/8 IP addresses: 10.0.0.0 – 10.255.255.255
172.16.0.0/12 IP addresses: 172.16.0.0 – 172.31.255.255
192.168.0.0/16 IP addresses: 192.168.0.0 – 192.168.255.255

https://www.arin.net/reference/research/statistics/address_filters/

 

Link to post
Share on other sites

  • Root Admin

Please go to Control Panel, Programs, Programs and Features and uninstall the following

 

Bonjour
Java 8 Update 241

 

 

What is this network entry? It is not normal

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CMWFP => ""="Driver" <==== ATTENTION

 

This file does not belong in the root of the folder. It should be in it's own folder

C:\Users\Ryan\WDMyCloud_win.exe

 

 

Once you have addressed the issues above please run the following fix

 

 

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.  C:\Users\Ryan\Downloads\FRST64.exe
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

NOTE-3: As part of this fix it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

Link to post
Share on other sites

On 10/13/2021 at 6:35 PM, AdvancedSetup said:

What is this network entry? It is not normal

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CMWFP => ""="Driver" <==== ATTENTION

 

This file does not belong in the root of the folder. It should be in it's own folder

C:\Users\Ryan\WDMyCloud_win.exe

 

Unable to Address at this time. How do I get to your fixlist file state?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.