Jump to content

Malwarebytes premium


Recommended Posts

@IgorCasoni

I do see you are being hammered by inbound blocks.

Inbound blocks can be stopped by having a router between your internet provider's modem and your computer.

The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. 

The Real-Time Protection of Malwarebytes for Windows is actively doing its job to protect the system.

 

It also looks like you tried to clean install or repair Malwarebytes. You can't do that with the optional Tamper Protection is active.

Link to post
Share on other sites

Thanks for trying to help me...

But

These files are NOT inside my c: disk.
I UNhide all folders/file and make a search from c:
Windows don't find them.
 

Add the following files:

  • C:\Windows\System32\drivers\mwac.sys
  • C:\Windows\System32\drivers\mbamswissarmy.sys
  • C:\Windows\System32\drivers\mbamchameleon.sys
  • C:\Windows\System32\drivers\farflt.sys
  • C:\Windows\System32\drivers\mbae64.sys
  • C:\Windows\System32\drivers\mbae.sys
  • C:\Windows\System32\drivers\farflt11.sys

My MBM is a Premium
image.png.07693039322bb31e2afde51ec49947ba.png

Link to post
Share on other sites

  • Root Admin

Please do the following

 

Disable-Fast-Startup
https://forums.malwarebytes.com/topic/299350-disable-fast-startup/

Show-Hidden-Folders-Files-Extensions
https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/

 

Then open an elevated admin command prompt. Then copy and paste the following into the command prompt console and press the Enter key

DIR /A C:\Windows\System32\drivers\MB*.SYS

 

You should get something similar

C:\Windows\System32>DIR /A C:\Windows\System32\drivers\MB*.SYS

 Directory of C:\Windows\System32\drivers

09/16/2024  12:30 PM           158,640 mbae64.sys
09/16/2024  12:30 PM            21,480 MbamElam.sys
09/16/2024  12:31 PM           239,568 mbamswissarmy.sys
08/27/2024  10:22 AM           462,848 MbbCx.sys
               4 File(s)        882,536 bytes

 

 

 

I'd have to double-check on the far*.sys files to see if they're still being used

 

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.