Jump to content

Search the Community

Showing results for tags 'malware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 462 results

  1. Hijack.Userinit Basically I picked this up somewhere and I have used Malwarebytes to try and get rid of it. However it comes back when restarting. I have also tried adwcleaner and it still comes back. It has been messing around with google chrome to the point where it is unusable and it has been making my system really slow. I am running windows 10 but it just won't go. Can anyone help me before this gets worse?
  2. Hi guys Two days ago a problem accured when this chrome extension appeared and whenever im trying to search something on google it will search it with YAHOO SEARCH and often redirect me to windows reimage repair download links. This chrome extension has no picture and is called ''Max Video Player'' and is not removable. Even after installing Adwcleaner and SpyHunter and running them, this extension keeps coming back. SpyHunter will also crash. But i think this happened after i installed some free game from the internet and when i ran the setup from this ''game'' it opened three cmd bars and added three symbols that said ''Play Crossout'' and ''Iphone X'' and more ads. I'm annoyed and want a solution :(((
  3. Two days ago my computer started running really slow, so i did a scan with Windows Defender and found nothing. So I ran malwarebytes and it found 2 Trojan.Roraccoon's. Went through the process like normal, select the two malware and click quarantine selected. Malwarebytes says it quarantined them but needs to restart. Restart computer and when i run the threat scan again they are found again. I ran FRST and attached the FRST.txt and affition.txt and also attached the export log of my last scan. Im hoping someone could help me please Thank you James FRST.txt Addition.txt report.txt
  4. Hello, i have problem with powershell.exe it slow down my pc, but i dont know what to do to delete him, can anybody help me please? I saw few topics and i installed frst64 in attach are logs. Thank you. Addition.txt FRST.txt
  5. Hello, Could you help me with this... Thanks a lot hijackthis.log
  6. Hey guys, I need help removing what I think is an SvcHost virus. I recently started having adware tabs pop up on my PC and then after searching for solutions found that whenever I opened a Malwarebytes (or similar website) page, my browser would immediately crash. This happens in Chrome, IE, and Tor. I found this thread which seems to be a very similar virus and after reading a few others, I downloaded MalwareBytes, Rkill, adwcleaner, FRST64, tdsskiller, and aswMBR. (I'm typing this on my other PC btw. Downloaded the files on it and emailed them in a .RAR to my desktop.) This lead to me finding a few things: -I restarted my PC and immediately opened the Task manager to find an unnamed task using 50+% of my CPU. If I look at its properties, it says it's Svchost and is located in SysWOW64 where it takes up 44kb. -I can kill this process, but it doesn't stop the virus from opening apps or closing browsers. -I do not have permission to delete the application from SysWOW64. I need "TrustedInstaller" permission, which I know can be a legit Windows thing. -The MB3-setup exe will not run. -If I run Rkill then attempt to run the MB3 exe, it logs the following: -I deleted the INetCache folder which appeared to be empty. Nothing changed. -adwcleaner and FRST64 won't run. -tdsskiller doesn't find anything -I ran aswMBR and my PC blue-screened with the following support info This is where I am currently and I would appreciate any help anyone can give me.
  7. Ever since the latest update, everything Malwarebytes refuses to work on my computer anymore. I am stuck in a loop where my computer asks to be restarted every-time I reinstall the program. (It asks to restart even before the installation progress bar ever moves). I tried the support tool, and it automatically goes into error. I am told that this is due to a virus or a malware, but that is as much help as I got with this problem.
  8. Back on August 17, I installed Malwarebytes on my machine since I was having performance issues. The scan found 16 threats on my PC, and removed them as such. Even after this scan though, and several others, Windows Powershell is still performing some suspicious activity. Malwarebytes will occasionally notify me of an outbound connection to "wentz.pw" that Powershell keeps attempting to make. This is classified as "riskware", but I'm concerned since I can't get rid of it. Attached is the log for the most recent connection attempt. blocklog.txt
  9. I have tried almost everything, I could think of please help, I need Aura
  10. Hello everyone, Well, as you may have read from the title my computer have been infected by the KMSpico malware and consequently, dozens of trojans, viruses, etc. have been installed. The reason why I installed KMSpico is quite obvious... so let's skip that part, I've already learned my lesson. Now, I installed Malwarebytes and run an analysis. It detected 658 threats, so you can imagine how unsafe I felt after that even though they've been removed. What I'd like to know is if you could guide me on how to make sure my machine is indeed completely clean from all the trash that was installed, e.g. cryptocurrency miners, adware, browser hijackers, and other potentially unwanted programs. Here I'll attach the results I've got from Malwarebytes: malwaredetection.txt, malwaredetection2.txt. Thank you in advance for your help, Regards
  11. My windows pc has been infected with a virus in the folder C:\Windows\System32. my default window antivirus could not detect this virus but then i installed the free version of AVG which was able to detect this virus but every few days this virus reappears and i have to remove it again. From my research and little bit of knowledge i think this is related to some kind of cryptocurrency mining. Any guidance on this topic would be appreciated Original Filename: diskdriver.exe Type of File: Application(.exe) Description: disk io driver Location : C:\Windows\System32. size : 1.97 MB (2,069,504 bytes) size on disk: 1.97 MB (2,072,576 bytes)
  12. Hello, I am very new to the malwarebytesforums and it is admittedly a little bit late to be searching for help, but this infection has avoided everything in my power. About four days ago, I acquired a new steam game, but it kept crashing to desktop upon launch. Although the fix was simple (Update graphics drivers), I saw a "Mod" by someone online that'd fix the issue. After downloading and running the file, it gave me an error, so I closed and deleted it, and didn't give it much thought. Little did I know I started going down a slippery slope. About an hour later exactly, norton starts giving me this: There are attempted attacks ranging in intervals of 10 minutes to 2 hours (Not shown here for the reason explained below) Firstly, I apologize, my Windows install is in Spanish, it can't be helped, but I don't think it will affect the removal process. Secondly, the attack always originates from a (What i assume must be) a regional location file within the SysWOW64 folder. I HAVE tried to delete the file folder highlighted below on red (Last attempt today no, which solves the issue for about 4-8 hours. It always comes back. Scans using Zemana, Malwarebytes, Roguekiller, Norton PowerEraser, and the like, return empty. I have also tried running TDSSKiller, but the files it found are either redundant (Civilization V uninstall files and the like) Or Kernel and system drivers which I am too afraid to delete. The only thing I have not attempted is the FRST tool as I dont know how to create a fixlist, and I am afraid of what it might do to the system. I am attaching the FRST.txt and Addition.txt files from today here for review, however. Thank you for reading this far, I'll patiently await your response! Addition.txt FRST.txt
  13. Hello everyone. I installed Adware Doctor from the mac app store thinking it was a legitimate application. I ran it and it removed my browsers' extensions, cookies, and caches, something I could have done manually. I researched the app and found out it is a junk application that poses a security risk. I've watched YouTube videos that claim the application steals browser history and app store searches, retrieves all your application and processes information, and sends it to a Chinese server. I quickly uninstalled the application, turned on my mac firewall, and changed my admin account password. I also installed malwarebytes, ran a scan, and it showed my mac was clean. However, I am worried about what the developers could do to my mac with the data they retrieved. What I want to know is: am I ok? If not, what else should I do to be safe? Links to YouTube videos: https://www.youtube.com/watch?v=cBI5FvOFLls https://www.youtube.com/watch?v=nZ7CVIy5Tq8 https://www.youtube.com/watch?v=IdDE9IPPGJA
  14. I have just installed malwarebytes Premium Trial 3.5.1 and the programme scans the computer and locates over 788 threats, but during the heuristics analysis it gets stuck. It appears to be a similar problem to https://forums.malwarebytes.com/topic/147143-mb-gets-stuck-at-heuristic-analysis/ That article is from 2014, so I'm thinking it might be dated. I have run the adwcleaner which did remove some threats. I have already run mbam-clean-2.3.0.1001 and reinstalled malwarebytes a couple of times, but it always gets stuck in the same spot. Your help is greatly appreciated. mbst-grab-results.zip
  15. I'm a recent subscriber to Malwarebytes Premium. Today I noticed some odd behaviour of my laptop with Windows Defender not updating, and some webpage links not working like they should. I ran a Malwarebytes Scan that found no infections. I decided to look through my settings and found under the tab 'Éxclusions' that a 'Clearload.bid' was an exclusion, with the exclusion type as a webpage. A search of Clearload.bid identified it was a malware. I then removed it from my exclusions. Checked my 'Protection' settings and found that rootkits and scan within archives had changed, I activated these settings and ran another scan. This again found nothing, however I'm not confident this is all I should do to ensure my system is clear of this malware. I attach a copy of my most recent scan report. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/1/18 Scan Time: 8:16 PM Log File: f6bf1cc6-9573-11e8-8211-dc0ea1a5545e.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.391 Update Package Version: 1.0.6153 License: Premium -System Information- OS: Windows 10 (Build 17134.191) CPU: x64 File System: NTFS User: LAPTOP-ASIO-UND\craig -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 279400 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 23 min, 46 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  16. So i was running a adw cleaner and it decteced PUP.Optional.SofTonicAssistant. It said it was a registry keylogger and i cleaned it up and repaired it, but it wont go away. After that i ran a malwarebytes scan and it picked up nothing. ANy pointers?
  17. So i download this software window 10 activator and then suddenly my antivirus detected malware and now my laptop is slow as f. so can someone help me i tried to scan like 3 time with the use of malwarebytes but still i dont think my laptop is safe, can someone pls help me with this, what do i need to do?
  18. Hey, I'm more than a little panicking at the moment. I downloaded a copy of Premiere Pro like 30 minutes ago, which I've found out obviously isnt Premiere pro.. Im doing my malwarebttes scan right now and the current threat count is at 152... It says the identified threats are a mix of files and folders, most being called trojan.yelloader. Its popping up windows of ads 8 at a time and its playing through the speakers repetitively and I really need urgent help with this. The popup windows are called "fnrmavndt"
  19. Hi Everyone! Why Malwarebytes has blocked "grupomissael.com" and suggested not to continue to this website. How did it know that? Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/23/18 Protection Event Time: 4:07 AM Log File: c839747a-8e14-11e8-8387-68b599e07ea6.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.391 Update Package Version: 1.0.6011 License: Premium -System Information- OS: Windows 10 (Build 17134.167) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: www.grupomissael.com IP Address: 23.229.216.196 Port: [56495] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  20. A couple of days ago, I woke up to find out that whenever I google something, the link goes cse.google.com/... I know that this is because of a malware and that it should be removed, I've tried Malwarebytes, Hitman pro, Zemana, but nothing seemed to work. I also made sure that I uninstalled any recently installed softwares, but the problem persists. Any help will be much appreciated!
  21. The Following email is being sent from one user on an exchange server, I have run multiple scans and now running the Anti-Rootkit not picked up anything so far. Email: Please do not click the link: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Subject: Invoice is available No-046242 for month Afternoon, A invoice for you will be available on this link in your account during next 3 days. ==> hxxp://stafffinancial.com/For-Check/ Thank you, <Name of Sender> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Can Anyone help, I am actively looking into my self now: Kind Regards BluespotSam
  22. Hello, For past 1 month i am getting G.exe / UnKnown Application preventing shutdown message in both my standard and admin user login accounts in Win 10 PC. I have licensed version of malwarebytes (Premium and AdwCleaner) and they all run clean without any issue. Norton doesn't return any issue. https://forums.malwarebytes.com/topic/226720-gexe-removal/?page=3 Following from the above thread, i have been able to use GUIPropView and able to see a lone "g" . What is annoying is i used all my past skills using dos, procmon and Process Explorer(sysinternal) to find this PID/Handle but they all return empty. I can't figure out from where this nasty thing is originating from since Process and Instance FileName are reported empty from GUIPropView. Please help in fixing the UnKnown application preventing shutdown issue in my PC(Last option if any before factory resetting my PC) Thanks, Appukuttan
  23. Scanned my computer with the free version of Malwarebytes and had Pup.Optional.Reimage. Quarantined and tried to delete, but was there when I rescanned. Tried to delete it manually, didn't work. Tried Zemana, didn't work. Tried Adwcleaner, didn't work. The file is located at C:\\USERS\MYUSER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PREFERANCES. Please help, I've got a project due in two days and I'm prioritizing removing this over doing that.
  24. My computer has new ads popping up in new tabs every 20 minutes or so in Chrome. I can't run MalwareBytes, RKill, or Farbar unless it is in SafeMode. MalwareBytes detects RiskWare BitCoinMiner, but after quarantine and deletion, it reappears on reboot. I know I have utorrent installed and I am 95% sure that's what has caused this issue...will never use again. Please HELP!!! Addition.txt FRST.txt MalwareBytes Scan Log.txt
  25. Hi, I've been using MalwareBytes Free on my computer for a number of years, never had a problem and only use it for the bare basics - only 'safe' websites (Wikipedia, Facebook) and don't use it a great deal anyway. Did a scan this morning and it detected "MachineLearning/100%anomalous detection" - interestingly I had run a scan earlier without the internet connected, but after I connected the internet and ran the scan again it found it. I've since quarantined and deleted the file, ran another scan and all seems well - I'd just like to know what it was and whether it was a real problem or a false positive. I did a large Windows update (1803) last night and wonder if that's related? I have looked over this forum and seen that this detection has come up a number of times for people developing their own software, however I am not a software developer and had nothing on my computer that an average user wouldn't have. I understand that MalwareBytes is using new detection systems to stop malware, and so hopefully this is a teething problem rather than a real concern. I'm pretty savvy about computer safety, but still I'd rather be certain that everything is OK. I'm attaching the exported report here. There are no other visible signs of infection (slowing down, redirects etc). Thank you! MB Report.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.