Jump to content

Search the Community

Showing results for tags 'cmd'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hi, and thank you in advance! after researching for days i finally just recorded the pop up to see what it says. As I seen on here people had the same problems. I was going to attempt to FRST myself and thought it was just copy and paste the whole logs into the fixit file LOL I figured better be safe then sorry and have an expert do it. I have already done malware bytes scans, ADWcleaner scan(i think i went out of order but still have log) and have my FRST.txt and Addtional.txt logs all my folders and files are unhidden someone please make a fix it file for me please
  2. Hi Whenever I try to run certutil command to calculate hash of files, or even certutil only, cmd closes and malwarebytes exploit protection comes up. Here is the video of it: 2016-12-29_17-07-48.mp4 Thanks, -CKing
  3. How do I stop Malwarebytes blocking batch files I have written myself? Adding an exception does nothing
  4. Hi guys, I'm testing the new Beta and I have necessity to install it via command line quietly, can you please give me which parameters I have to add to install it? Thank you
  5. We are experiencing the same issue as documented here below: https://forums.malwarebytes.org/index.php?/topic/178193-solved-error-0xc0000018-when-starting-apps/ The fix suggested is to remove MBAE and install version 1.08.1.1189. I don't want to downgrade my client... We are currently running version 1.08.2.1045. This problem is intermittent and after several (sometimes 7 or 8) reboots, the problem goes away temporarily. Please advise on how to correct this (on 175 remote laptops) without downgrading the client. At this point the only option I have is to disable the MBAE service, but I don't want to remove protection completely.
  6. Hi. I'm Sturm. I just joined and have been using Malwarebytes for years now. I have been having this issue with a cmd.exe window appearing a few minutes after booting. The window actually appears twice on startup, around 15 seconds after the first one, and does not contain any text. It is simply a blank window, and the text on top just says "Cmd.exe". I have no idea what this is, and it only appeared four weeks ago. With the help of a friend, I discovered it had something to do with my IP being renewed and released upon startup, and even doing it hours after that. I cannot find the root source of it, however, and I fear it may be some form of Malware, although I haven't heard of anyone else having an issue like this. I scanned with Malwarebytes, and nothing significant came up. All that was found was some old files and keys from Adware I long since gotten rid of. I initially thought it was my adapter that was causing this, so I swapped it out and put in a new one. To my dismay, nothing changed. Interestingly, the cmd window appears only once (instead of "flashing" twice) without an internet connection. Today, I installed Process Explorer to hopefully discover some more information about the mysterious cmd windows. I found several suspicious things. I thought that Mobsync was the cause of it, but this turned out false. I then suspected LMS.exe and UNS.exe, because upon the cmd appearing, they seemed to also appear, with Google Update triggering before them. I disabled all three, and nothing changed. The only file left that is of interest so far is Conhost.exe or maybe WmiPrvSE.exe (the latter because I did see it temporarily highlighted green several times when the popups appear). I have three copies of Conhost.exe by default according to Process Explorer. When I open Cmd.exe manually, they expand to include another copy. When the popups happen, they expand the same way, but I am unsure if it is the "same" copy I saw when I opened Cmd manually. What does this mean? Am I infected? I don't see anything malicious as of yet, but it is very frustrating and I want to get to the bottom of it, before it turns into something else. It has the ability to force me out of a game when the popups happen. I'm not sure if this is a normal property of Cmd.exe or unique to my issue. I am sure, however, that Conhost.exe does have something in common with the popups. I just don't know what.
  7. Good morning all. I have a problem with our AD server at my place of work. We've just dealt with what appeared to be a Conficker infection (how is that still getting around? I could've sworn we were fully patched) however it seems now, whenever I log in directly to the server, NOT when logging in to a workstation, the server opens a CMD window and attempts to download an executable file from a server in China via FTP, however it never actually downloads the file. The server is also restarting at around 12:10am every day, even though there is nothing set in Task Scheduler to cause this. Could anybody help me to finally remove this? Many thanks Luke Harrison (P.S. Please fine enclosed a screenshot of the attempted file download)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.