Izzwizzy Posted January 24 ID:1613545 Share Posted January 24 Hello, I have these daily Liveupdt.com potential thread blocked that pops up now and then when I visit sites like Twitch and Twitter/X and a few others for the past months or so. What does it mean and how can I get rid of that? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 24 Root Admin ID:1613549 Share Posted January 24 Hello @Izzwizzy and Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Thank you Link to post Share on other sites More sharing options...
Izzwizzy Posted January 24 Author ID:1613562 Share Posted January 24 Hello and thank you! I've attached all the scan results, I hope I've done it correctly. AdwCleaner[C00].txt Scan report.txt FRST.txt Addition.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 25 Root Admin ID:1613637 Share Posted January 25 Thank you for the logs @Izzwizzy Please temporarily disable the Microsoft Controlled Folder Access under the Windows Defender Security settings, which will block many attempts at trying to clean the system. Then run the fix below Please run the following fix NOTE: Please read all of the information below before running this fix. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Once the fix has been completed, please attach the file FIXLOG.TXT to your next reply Farbar program: FRSTEnglish.exe Save the attached file: FIXLIST.TXT to this folder C:\Users\izzyw\Desktop\ NOTE. It's important that both files, FRSTEnglish.exe, and fixlist.txt are in the same location or the fix will not work. Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it. Run the Farbar program with Admin rights and press the Fix button just once and wait. The fix may possibly take up to 60 minutes to complete If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log named Fixlog.txt in the same folder you ran the Farbar program from. Please attach that log on your next reply. NOTE: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. NOTE: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications may be automatically closed. Also, make sure you know the passwords for all websites as cookies may possibly be removed in some cases, but not all cases. NOTE: As part of this fix, it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix. The following directories are emptied: Windows Temp Users Temp folders Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Discord cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. fixlist.txt Thanks Link to post Share on other sites More sharing options...
Izzwizzy Posted January 25 Author ID:1613761 Share Posted January 25 Hello, Here is the fix log file. Fixlog.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29 Root Admin ID:1614526 Share Posted January 29 Please run the following @Izzwizzy Dr.Web CureIt! Please download the Dr.Web CureIt! anti-virus utility https://free.drweb.com/ You will need to send them an email to obtain a link to download the scanner, please do so The downloaded file will normally have a unique name such as: q7a9tr4p.exe Close all open applications and locate the downloaded file and double-click to run it The program will take a moment to launch and bring up the License and Update screen Place a check mark to agree to the terms and then click on the Continue button Click the underlined link Select objects for scanning On the top left click the Scanning objects that should automatically check all objects Click the small wrench and make sure there is a check on Automatically apply actions to threats Then click the large button on bottom right Start scanning Once the scan has completed there will be a link named Open report click that and a log named cureit.log should open in Notepad The log is saved in the folder named Doctor Web in the top of your user profile folders Please attach that log on your next reply Link to post Share on other sites More sharing options...
Izzwizzy Posted January 29 Author ID:1614537 Share Posted January 29 34 minutes ago, AdvancedSetup said: "You will need to send them an email to obtain a link to download the scanner, please do so" I can download it straight from your link, do I still have to email them for a link to download the scanner? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29 Root Admin ID:1614539 Share Posted January 29 If you can download without sending an email, please do Link to post Share on other sites More sharing options...
Izzwizzy Posted January 29 Author ID:1614547 Share Posted January 29 Sorry, I couldn't edit my last reply but I did have to send an email to get the link, anyways there were no threats found with this scanner either. cureit.log Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29 Root Admin ID:1614597 Share Posted January 29 Please download Firefox if needed and set it to be the DEFAULT browser. Then using Firefox as the default browser are you still having this block alert on any site? Link to post Share on other sites More sharing options...
Izzwizzy Posted January 29 Author ID:1614636 Share Posted January 29 Yes, but this time I've received two different block messages on the Firefox browser that I've just downloaded and the only tabs that I had open were Discord and TwitchTV Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29 Root Admin ID:1614639 Share Posted January 29 Exit out of and Disable running both Twitch and Discord temporarily Then let me know if you get the block or not Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29 Root Admin ID:1614640 Share Posted January 29 Basically both of those applications can have users posting links to junk, spam, trash, malware, etc. and Malwarebytes is doing it's job blocking it. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29 Root Admin ID:1614641 Share Posted January 29 Please post back the logs from today You can find Scan and Protection logs within the Malwarebytes 4 program in the following location RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged If you click on the View option you should get something similar to the following with other options available. Link to post Share on other sites More sharing options...
Izzwizzy Posted January 29 Author ID:1614645 Share Posted January 29 I've only had the browser version of Discord and Twitch open on Firefox and not the aplications. Detection log 1.txt Detection log 2.txt Link to post Share on other sites More sharing options...
Izzwizzy Posted January 29 Author ID:1614656 Share Posted January 29 Here are a couple more blocks while only watching Twitch on Firefox. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 30 Root Admin ID:1614662 Share Posted January 30 It doesn't matter. Again, Twitch and Discord are open public applications that thousands of people get infected from every year. I can post links to malware all day long and Discord and Twitch are not going to block it. As long as you continue to use these applications I highly advise you to keep Malwarebytes real-time protection enabled. It will help keep you from getting infected. It's doing it's job. If you shut down ALL browsers and messaging, and email and simply browse the Internet you should have no block alerts. Link to post Share on other sites More sharing options...
Izzwizzy Posted January 30 Author ID:1614663 Share Posted January 30 3 minutes ago, AdvancedSetup said: If you shut down ALL browsers and messaging, and email and simply browse the Internet you should have no block alerts. But how am I supposed to brows the internet if I shutdown all browsers? And, can my computer get infected just by watching Twitch streams or browsing Discord because I haven't been clicking any links, it just happens randomly. Is normal to get these block alerts and should I ignore them? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 30 Root Admin ID:1614664 Share Posted January 30 Sorry, I mean, Shut down from Discord, Twitch - do not go to those sites When not on those specific sites I bet you're not getting detections Link to post Share on other sites More sharing options...
Izzwizzy Posted January 30 Author ID:1614668 Share Posted January 30 Oh, you mean that Malwarebytes detects some of the suspicious links that are posted on Twitch and Discord and it blocks them even when I'm not clicking on them or even seeing them. Link to post Share on other sites More sharing options...
Root Admin Solution AdvancedSetup Posted January 30 Root Admin Solution ID:1614672 Share Posted January 30 Yes, they're in/on the page of the site and so we detect it and block it. It's not stopping Discord or Twitch from running. It's just stopping bad links from them. Just trying to get you to run without them so you can see that yourself. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 30 Root Admin ID:1614687 Share Posted January 30 Unless there is some other issue I think you should be all good. Please let me know if you need anything else or are still having unresolved issues 1 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 31 Root Admin ID:1615165 Share Posted January 31 We're glad that we were able to assist you. The following information will help you to keep your computer and data safer as well as improve your overall privacy Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site. https://www.howtogeek.com/780233/best-password-manager/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download https://patchmypc.com/about-us Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin Cybersecurity basics & protection Everything you need to know about cybercrime https://www.malwarebytes.com/cybersecurity Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Hopefully, we've been able to assist you with correcting your system issues. Thank you for using Malwarebytes. Please tell your friends and family if they too need assistance with malware removal If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you 1 Link to post Share on other sites More sharing options...
Recommended Posts