Jump to content

Search the Community

Showing results for tags 'malware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 379 results

  1. A few days ago Malawarebytes Premium began blocking this outbound connection (see .png): Domain: drivethelife.com IP Address: 54.183.15.164 Port: 50817 Type: Outbound File: C:\Windows\System32\svchost.exe I checked processes running and found four files with this file name (see .png). Any suggestions on how to remove the correct file and get rid of this malware?
  2. Hello! My mom has a HP laptop running Windows 7 Pro. I believe it has been infected with virus/malware that causes every exe to run Windows Media Player. All the exe icons are also replaced with Windows Media Center icons. It is also impossible to run any exe from USB, as the same thing happens. I ran Farbar Scan (log attached). The Farbar RST that I used did not have the check box for "Addition.txt", so I am not 100% sure if all the needed info is attached. Please let me know if you need something more. Handful of Thank Yous... FRST.txt
  3. I recently started seeing this process on my task manager use a huge amount of resources (RAM, CPU, and GPU). I've tried using MBAM/Chameleon scans, MBAR scans, ADWcleaner, RKill, Hitman Pro, Zemata, and ESET but it reappears after every reboot. It will also not end the task from inside task manager and I cannot access the file location. Im the only user on this machine, and an admin by default.
  4. So recently avast told me that it blocked a malware from a certain website which is called the malware JS:Miner-C now avast said it has blocked it after that i scanned a full check of malwares and eventually avast did found it so i delete and remove now im also running a manual check like checking tasks,processes, and services now in the details in task manager when i check it theres 2 csrss.exe running even though there is only 1 user i check the properties theyre both identical starting from date created and extension etc now i check system 32 and to my relieve theres only 1 csrss.exe now 2 part question and also before everything i already scan with malwarebytes but the program said no issues were found remind you that the malwarebytes scan is before avast scan and both of the scan is on normal boot instead off safe mode 1) Is My Possibility of Infection still high? and if so what is the best methods u can do to eliminate this miner? 2) Is Anyone have an idea of the severity of the malware like does it steal my credentials? or does it expose me to other malwares? if anyone can answer this i say Thank You in Advance
  5. Hi, This morning we had an employee open a phishing email and subsequently open one of the two attachments that came with it. When they opened it nothing appeared to happen, so far as they could tell, but they got in touch with us here in the IT department as it seemed odd to them. As soon as we saw the email we could see that it had flags all over it. Anyway we have ran scans and been in touch with our email spam filter guys and they came back to us saying that it was phishing for credentials and possibly more. The laptop is now disconnected from any network and all logins have been changed that the end user would have used. What can we do now in this situation as we ran it through virustotal.com and it showed as not being caught by anything and also only appearing today? Any help you can bring to us here would be very much appreciated.
  6. Please help me remove malware from www.allofmyinterest.com
  7. Please help me get my website back in safe browings list www.allofmyinterest.com the web folder is empty, why am I getting this error still
  8. I had this issue 2 or 3 weeks ago. Malwarebytes constantly popups blocking a few different (what appears to be) adware issues, such as drivethelife and onclickads. There's a 3rd one that shows up sometimes but much more rarely. My Avast antivirus couldn't find any issues, and running a scan on my lifetime license MWB gives a message that there are no threats found. I have a temporary license on HitManPro and it seems to find tracking cookies but nothing to do with adware (from what I can tell). I uninstalled Malwarebytes and reinstalled it but lost my license key for about 10 days. During this time, I had no popups about these infections. I restored the key yesterday and started getting these constant annoying popups. I verified my installed programs and see nothing that seems related. All installed programs are normal Microsoft and other regular updates to my apps. I see nothing that seems related in my running processes, either. So how do I get rid of these popups? If there really is an infection (despite Malwarebytes telling me there isn't one), how do I get rid of it? Please help ASAP. I can't focus on my work with these popups annoying me constantly.
  9. I recently used my friends flash in my laptop, after that I found some malware named exactly like my files so I tried to delete them but they came back again. after sometime it started infecting my other files my applications don't run their size turned into 0 KB. I tried to scan with avast, AVG and Malwarebytes but NO THREATS FOUND. I tried with windows defender the threats are found and I THINK deleted but my files size are still 0kb plz...... help......me....!!!!! sorry about my bad English....
  10. Hello there, One of my machines using running on Windows Vista SP2 has a semi-serious problems, even i cannot name it. This is the final chance for me to figure out whether i'm safe or not. Here is the issue. I came across a malware a few years ago which is infected my machine through a non-secure JAVA web applet. After this infection, i immediately took some actions and tried neutralizing malware and cleaning as well, i also used Malwarebytes 1.x and 2.x series. After some years have passed, i still noticed that the nasty and non-existent registry entry of this malware is still visible by regedit, and GMER. I had no abnormal activity since then, and tried numerous rootkit removers listed below with following results: - GMER: Shows hidden driver service highlighted red but unable to remove / disable because it's not existed in fact (IMHO). - Sophos Anti-Rootkit: No malware is found, system is clean. - BitDefender Anti-Rootkit: No malware is found, system is clean (scan took very short though, not sure why). - Kaspersky TDSS Remover: No malware is found, system is clean. - Rootkit Hook Analyzer: No malware is found, system is clean. - Symantec TDSS Fix Tool: No malware is found, system is clean. -...and finally Malwarebytes Anti-Rootkit BETA along with Malwarebytes Premium (3.3.1) edition: System is clean, no malware is found. Although almost all of major removers say that the system is clean, i'm so picky that i have no idea why regedit and GMER display the presence of malware (PragmaXXXXX - random numbers), especially regedit shows error immediately when i click on this key as if it does NOT exist, but i can't do anything even i try a lot of methods including running regedit under SYSTEM account, running offline registry editor using recovery disc, and using command prompt. It seems a kind of very strange glitch in registry file, and it cannot be removed there eventhough the entry (PramaXXXXX) is shown. I'm attaching all the screenshots that would help on describing the issue, along with FRST log, addition.txt log and MBAM Anti-Rootkit log file. I'd be so grateful if there is any additional steps to take other than formatting the whole drive, as i have a lot of documents and installations with senstive configurations. Thanks in advance! Addition.txt FRST.txt system-log.txt
  11. Hello I need some help getting rid of an unwanted malware that took over the search engine on my chrome. It seems to be from yahoo but it is a malware. Reading other posts I saw that I needed to post my own topic so here I am. I will attached a screenshot of this nightmare thanks in advance.
  12. Hi, I recently installed malwarebytes back in October. I had someone help me clean up my laptop and was good to go up to now. My computer turns on, it is slow to load. However, when I try to open up any documents, it completely freezes. Ctrl+Alt+Delete doesn't work to pull up task manager. When this started happening, I went to malwarebytes to start a scan. It got stuck in "scanning" in the middle and just stayed in that one spot "scanning". I force closed my laptop, turned it back on and opened Malwarebytes first this time. The dashboard showed that web protection was off. When I went to turn it back on, it switched back off immediately. Then I got a pop up that I wasn't protected. I then tried to do another scan and Malwarebytes was frozen. It wouldn't even close. I had to force close the laptop again. The only thing that works to a degree is my internet and I am afraid to use it for anything because I know my laptop is not protected. How can we fix this?
  13. Hi all, In the past weeks I have had a surplus of different BSOD's. 0x00000024 - ntfs.sys 0x00000001 - tcp1p.sys (2 times) 0x0000003B - Ironx64.sys 0x0000007E - at1kmdag.sys 0x0000007F I am unable to run malwarebytes, neither as an admin nor in safe mode nor from the file itself. When I change the name of the executable file it immediately says that MBAM stopped working. I removed it just now and the file mbshlext.dll remains. I am unable to open sysnative bsod collection app even if I disable my Norton security. I have been able to scan with FRST and the files are attached. I have run chdsk and scannow in cmd and there is nothing wrong here. It mostly crashes on high performance games like Elder Scrolls Online or Rust, but also sometimes randomly. I have updated all my drivers and cleaned out all the hardware to rule out overheating, fans are working fine as well. I have already cleaned the registry with Eusing Free Registry Cleaner. Addition.txt FRST.txt
  14. Hello, I have a problem everytime i start my pc ad.fly popup shows on my default browser I've ran a full scan on malwerbytes,kaspersky,uninnstalled cracked games and utorrent,unninstalled suspicious programs,disabled suspicious startup programs,tried other browsers,set other default browser. I've tried almost everything. Could you help me somehow.
  15. Hello, I recently logged into my computer and malwarebytes said it was out of date. I had to turn off the self-protection module to update and then malwarebytes was removed from my computer. I have since reinstalled it, but it will not boot unless I am in Safemode(which I currently am). I ran Rkill along with malwarebytes and they have both detected nothing, but I cannot understand what would cause the program not to function otherwise.
  16. Hello! So I completed multiple scans of malwarebytes antimalware to get rid of a trojan malware that's been copying files everywhere, and I've now come up with the result of the internet being blocked when safe mode is off, and windows defender doesn't seem to work. A file or two comes up on every new scan, but doesn't seem to be going away. The file attached is the latest scan, which caught a few files. Looking at task manager on regular boot, an application called "Spine" seems to come up a lot, and any change I got at deleting it ended up in it replacing itself with every reboot. Help with this would be greatly appreciated! Thank you! log.txt
  17. Having problems gettind rid of viruses with malwarebytes and other programs, also i cannot connect to internet, but i have a established connection. Addition.txt FRST.txt
  18. Heya, So lately I've noticed that our computer has one PUP file in the Google Chrome directory that keeps popping up. I can delete it, but whenever we start Google Chrome it reappears in scans. When I delete it, Google Chrome shuts down. Last time I ran a scan and it seemed that our PUP file has multiplied itself, at least I suspect that (there where 75 PUP files suddenly). After deleting these, they haven't showed up again. Nevertheless, because of this I really want to get rid of that one single PUP file that keeps reappearing whenever I open Google Chrome. Its name is PUP.Optional.Trovi. Do I need to uninstall and reinstall Google Chrome to get rid of it? Thanks in advance!
  19. I'll keep it short and sweet. I have obvious malware, specifically 'Windows Process Manager', six instances running in Task Manager. Pretty sure the guilty files are 'nikrhdx.exe' of which I see multiple instances in Details tab of Task Manager. I've ran Malwarebytes Anti-Malware, as well as the Anti-Rootkit beta. The anti-malware came backclean, but MBAR comes back dirty each time, even after reboot. I am currently running RogueKiller, and when it finishes I'm going to run FRST then run FRST again in RE. I've gathered that those things and their logs will be needed for you guys to help me. Please help, I use this computer for not only running videogames, but also creating games in Unity and I can't even run 7DTD more or less properly create with Unity with the drain to my already old system.
  20. Help my friend got malware he got malwarebytes and it founs 6 malware and only showed 5 Below are details Riskware-Fota Provider Trojan-Pinoy App Shop,E Warranty,Cherry Play,Cherry Fun Club Need help on how to remove them!!!! He had a lot of popups and redirects at random times Iam a concerned friend
  21. Hi, Recently ended up with a solid amount of malware (worst was programs called anonymizergadget, emigrates, and uninitiated) which took control of my chrome and created popup ads, etc. etc. Cleaned it up and all looked good until I noticed Windows Process Manager (32 Bit) was using anywhere from 10-40% of my CPU at any time. When I go to the path it takes me to \Appdata\Local\avaorlt and denies access, unable to interact at all. Properties in task manager names it as wmnteal.exe. Did a scan with FRST, the two files are attached, along with a screenshot of the process in task manager. FRST.txt Addition.txt
  22. Recently my computer has been infected through I'm sure something I have downloaded yet I was not fast enough to catch it and my computer is suffering. This seems to be a similar situation to a forum post I read up on to find out what is happening to my computer. I have a fairly high end computer in which I should not have any lag whatsoever no matter what application(s) I am running but as of late my computer struggles simply with google chrome. I checked out my task manager to see what process was taking up almost 100% of my CPU and RAM and it was "Windows Process Manager (32 bit)" and when I expand it its about 6 processes all under the same name and when I open details it is a process sbaeouh.exe that cannot be stopped no matter what and when I try to open file location I am denied access. Screenshots are attatched below as are my FRST and Addition txts. Please help! Thanks! -Jarrod FRST.txt Addition.txt
  23. When I click a link from a known website, Malwarebytes blocks the page as malicious. The report says it is an outbound connection to an unknown page, text below: ------------------------------------------------------------------------------------ Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/28/18 Protection Event Time: 11:59 AM Log File: c6ba1b10-0465-11e8-91f7-f48e38e7fcd9.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3808 License: Premium -System Information- OS: Windows 10 (Build 16299.125) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Unspecified Domain: africangrey.top IP Address: 162.244.35.33 Port: [57365] Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end) ---------------------------------------------------------------------------------------------------------------- Has anyone seen this before or these types of blocks? I have had it happen in two different websites with this "Domain: africangrey.top" Any help would be greatly appreciated Gary labnol link generated a malwarebytes block - Jan 28 2018.txt
  24. If someone can offer some helpful advice i would greatly appreciate it. I own paid subsricptions to McAfee, Webroot, Bitdefender, Malwarebytes 3, and now ESET, and all since October of 2017. Something is not right. Period. My computer keeps telling me its fine but after what ive been through i dont trust or believe it. I'll try to make this short but its difficult and this is was i believe to be true to my heart and its gonna sound crazy but idc at this point. So on Oct 7,2017 i got into bitcoin. I used Bittrex as my exchange. Well like 3 weeks later I found out that i was a victim of a phishing site for Bittrex. I was devastated. I kept wondering why things were different for me than my friend; passwords wouldnt save; ip not recognized. So submitted a form to google with pictures,screenshots, the whole nine yards. They took about 90 days to get back to me so in the meantime i made another google account ok, and got Mcafee. Microsoft as well, new account. They lock you out for 30 days to verify" btw. Anyways Mcafee remote accessed my computer and installed the software and rana virus remover right. like 3 weeks later still getting same thing so i decide to step it up a notch and buy webroot total protection. Again same thing started to happen. It was good for a few weeks then started acting up again. And when i say acting up i mean mostly my passwords; like nothing ever worked for more than a day! And typing glitches;and screen flickering here n there. So now im like ok? I'm paying good money here and still problems? it must be me, let me let a professional handle this. So i bought Bitdefender and spent almost $200 to remove, install, and set-up a whole anti-virus for me. They guy was on my computer all night for like 4 hours; Remote Access. BTW it was DEC 24, My Christmas present to myself lol. Anyways i was happy,i'm thinking wow! I got all my accounts, and i have many, protected and this runs so smooth on all my devices! I thought it was working. Until i started realizing very strange things. For one my windows was Not the same anymore. It was running as a developer and it had/has all these different settings that i never had before. I promise I felt like someone was on my computer with me all the time. I even covered my camera, cuz I felt uncomfortable leaving it on and it got so bad with my accounts that i ended up buying a new laptop only to find out that soon as I signed in to microsoft it started again. So now im sick!! My Acer is reseted/wiped out. My accounts are in the cloud somewhere with all my....everything! And i got a new Asus that's doing the same thing!! But this is where it gets even better. My Galaxy S7 started acting up. Doing all kinds of things on its own. And my Tab3. So just like my laptops i try to master reset it too and thats where things hit the fence. It was NEVER the same. Just like my laptop. New APK, SDK configurations; new build versions, new google play store, new samsung this n that. the FCC number wasnt the same as the box anymore. and the software was literally written and peronalized by someone who sure a heck wasn't me. I even went to T-mobile to show them how my phone wasn't even letting me master reset it; boot was so weird looking, and they couldnt event tell me what they were looking at. Geek squad at best buy too. So they said it might be the "wanna cry virus". Some clever ass ransomewear, and tbch thats exactly how i felt at this point. Like crying. So i did some research on it and the geek squad advised me that basically im f***ed. "Get all new devices and change ur network and all that" is what i was told. sooooo guess what comes next? yup! I did just that. Changed my modem, Router, changed my username, password, already got new computer, now a new phone ughh. Got the Samsung Note 8 and Alcatel tablet. Now i have 2 laptops, 2 phones, 2 tablets; Stressed and frustrated i literally brought in the new year unable to access ANY of my google,microsoft, samsung, or school accounts. My life is being taken over by something and i couldnt understand why me? i have nothing! So i thought the nightmare was over with the new devices and new accounts but sadly it continued. I was done. I said f**k it. If i lost everything i might as well go ham myself and try to firgure out what happened or why? So I started to google every single file i thought was suspicious and educate myself on all this developer stuff i would have never learned on my own, and i realized that i had 24 hours to make changes to my accounts before they rested again. Literally I spent my days and nights just changing settings and taking screenshots and backing up whatever i could because the next day it would be gone or not granted access. Well in my investigating I come accross Emails sent by "me" that werent me, accounts opened up that i never opened, I found my old acer running programs all on its own like a ghost was on it, android studio, developer apps; so so much stuff. My google activity had tabs from samsung site requesting my device specs and software downloads. So i came to the conclusion that this isn't a dam virus, someone is remotely accessing and controlling my devices! I was so fricking mad i took whatever files i had copied at some point and posted them up on a blog screaming for help and notfiying google that someone was doing this to me, called the FTC and filed an identity theft complain. And of course next day i came accross a file here in malwarebytes which was an all data file or xml file, something like that i cant be sure with all the files i saw my apologies, but the person was talking about something they found and were in the process of fixing. And so last but not least this is the purpose of me posting this.... I truly believe that someone from logmein, teamviewer, fastsupport, bitdefender, blockchain, or Microsoft took advantage of and violated my rights when they remote accessed my computer and satyed on my accounts. I believe that the reason they did it was to take my authentication certficates and windows information to obtain private keys that no one would ever have access too unless i gave them access, to steal my crypto wallets. I also believe that this person is a highly skilled developer who thought he could pull a fast one on me, underestimating my persistence and will power to not let things go, and that when he realized i was on his tail and that i have no means to stop until i expose him, got nervous and began to wipe out everything that traced back to him. I know for a fact that he used my microsoft account to access my google accounts, which gave him access to my network account and samsung accounts, and that everything i went through was just to cover his tracks. I know it sounds crazy but this is what i believe and i believe i got a crap load of proof that what im saying is in fact true. Now i just need the right individual who could make sense of whatever data i have collected becasue I surely cannot. But i do know that i got something. Now My phones are starting to come back to normal. My passwords havent been resetting so much. I do have access to my laptop but its still a huge mess and im afraid that im running out of time before things "fix themselfs" and all the evidence is gone. I want to catch whoever did this. I want to stop them from taking advantage of people and stealing from them. Im a mother of two, i work 6 days and go to school at night and i dont have money to buy new devices and phone and all of that!! Its terrible that someone could be so disgraceful. Right now i have malwarebytes and ESET but i need help! I need so much help setting up my computer to a normal device like it always was and i need help verifying what these files are and if they are wrong doing. Maybe im just paranoid. Or maybe i just got a bad virus or something. I hope that there's a perfectly good explanation for this, i do. But I just have a funny feeling that this is bigger than that. I have seen and went through too much to believe otherwise. So Please can someone offer me their advice or guidance. I dont have windows 8 anymore. i have windows 10. the build is different now that it was when this all happened and like i said i feel hes trying to erase everything. I called and some of my accounts have noooooo record of me anymore and i have stacks of papers saying otherwise! its crazy. please....someone
  25. My malwarebytes satrted to hog ALL of my memory, over 10GB and rising, soon hunderds of GB's and i have 8 for RAM. It doesn't want to scan, it doesn't want to enable real time protection anymore AND it auto starts itself every time i shut it down. It's literally become malware itself, what the censored is this? YES and i have tried malware clean install here
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.