Jump to content

Search the Community

Showing results for tags 'malware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello, I have been using my computer with out issues, and still without any performance ones. Although I have been experiencing lots of suspicious things on my pc happening, i don't know if they really are caused by malware but i would like to assume so. None of my scanners pick up anything they always come up clean, I use malwarebytes premium as well as the full version of superantispyware. And windows defender is enabled, windows 10. So what i have been encountering is an icon popping up very quickly and then disappearing on my taskbar. the icon doesn't show more than the blackbox and the blueline underneath before it disappears but will tab me out of a game etc. Also my taskbar and desktop icons flash/refresh randomly sometimes but only flash once. Also i started getting audio pops randomly but prob just headphones maybe. And the next one is my cursor, when it changes from hovering over text to something i can click it will sometimes glitch and bulge in size. I can also see a second text cursor pop up on the right side of the glitching cursor in some cases. I would be willing to send a video from my phone of it happening if needed. My pc runs fine though, but i do idle around 30% of memory used it could be the malware but I'm not sure. Just really looking for someone to tell me what they think and maybe help me fix the issues.
  2. A month ago I connected a flash drive to my laptop to transfer files from it to another PC. The flash drive showed duplicate files which I tried deleting to no avail. Apparently it was malware or virus which then infected my laptop. In a short space of time my applications and programs stopped launching and the pop up message eg "C:\Program Files (86)\GlassWire\GlassWire.exe is not a valid Win32 application" would pop up. I then checked the files and found every exe file was now 0kb. Office programs open briefly then a pop up message "Microsoft Office has encountered a problem with licensing and will need to close. If this problem persists,uninstall and reinstall your product." After much labor in online forums I downloaded Malwarebytes Anti-Malware and did the scans. It Identified some 63 threats and I "quarantined" them. My problem still persists though after using FixExec i re-installed about 2 programs including Firefox which now work. I can't practically do this for all exe files which are still at 0kb. Can anybody help. I'm really desperate. I'd appreciate all the help I can get. Addition.txt FRST.txt Malwarebytes threat report.txt
  3. I had ran a rootkit scan got 3 winzips. I removed these and after doing so malwarebytes has been having problems contacting the license server, it asks me to check my network settings. I could restore them but i have read their are no necessary rootkits for malwarebytes to run and this only happens on one of the two computers i have malwarebytes installed on.
  4. Hello, I noticed the following has been added to the malware bytes context menu in they system tray. It looks like the malware is trying to make it easy to add it to the exclusion list... smart.. evil smart. How can I remove this? Version below. The alerts are from blocked URLs.
  5. Bitdefender always removes the same thing after a restart "Item was deleted. Threat name:Generic.Application.CoinMiner.1.CE277487. Path:C:\Windows\System32\diskdriver.exe.
  6. Hello, I have recently discovered this virus through my task manager that is called Windows Process Manager 32 Bit and it has been killing my cpu performance and eating my battery life. I have researched for hours and hours to solve this problem and I realized that I cannot remove it on my own and I need help. I have malware bytes installed and I have attached my malwarebytes scan report. I have also downloaded the FRST program and attached my FRST.txt file and the addition.txt file. I would greatly appreciate any help ASAP. Thank You scan log for Malware bytes.txt Addition.txt FRST.txt
  7. Hello, So ive been furiously researching and trying to get rid of some malware (Ad by Advertise) i noticed on my Mac and I can't get rid of it. I downloaded malwarebytes and got zero hits at all. downloaded another program Antivirus Zap from app store and it found 3 items, deleted them all, and adware still there. I then noticed that if I opened chrome on a different chrome user account i had no adware at all and i was fine. I tested this further and opened a fresh windows server and downloaded chrome and then signed into my chrome account and WALA got adware. So basically I know for a fact 10/10 that its associated to my google chrome account. I even deleted every none essential chrome extension. The only ones left are from the chrome webstore which I assume to be safe (please correct me if this is an incorrect assumption). Which the exception of weird extensions I don't even know how malware would go about linking to a chrome account like that, and further more I have no clue how to delete or address it. Please help. Any advice would be fantastic. Even as i type this, random words on the page have been turned into adware links.
  8. First off, some background- I started this topic as i have been running into issues over the last few days. It started when a virus embedded in the most recent version of Display Driver Uninstaller (DDU) was downloaded to my Computer (Windows 10 x64- running only Defender and free version of malwarebytes, at this point in time). I tried to move file to desktop- took a minute (hmm). Then decided to Place in my Extra Apps folder (w/ MWB, + couple others). Got locked on transfer screen (hmmmm), Tried to move to Recycle Bin, same thing. went to to file location, finally got it to move into recycle bin (i think that's how it went down?), ran CCleaner... A while later before bed, i opened windows security center, and noticed it said it had detected a threat. Ran scan.... Detected Win32/vigram.a (showing the transfer path i described above)... Removed... Ran multiple full, quick, offline scans immediately after. I then vigram.a i also scanned the desktop folder w/ MWB (no threats found), and then moved MWB out, MWB right then MWB displayed a message for new update available, which allowed me to start the 14 day trial over- which is great!! It's just weird that i never got the message before- honestly, might be nothing, given that i haven't used it in a while. Since then, I have noticed a couple of things (spurattically/randomly)-- Screen kinda will do a flicker/refresh thing when i open some applications (file viewer/MWB/Chrome/etc..) Not always though. It seems slightly slower?? more like random hiccups, and weird screen glitches with my background slides- randomly stuttering btw slides, and once, weird problems with icon images on taskbar glitching out when i hovered over them; etc... Just seems off. I have been hyper vigilant though- so that may be an attribute. ANYWAYS, I now have kaspersky w/ malwarebytes and uBlock origin, and nothing has been detected until today when i decided to try out AdwCleaner, and 17 things were detected... # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-22.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-23-2018 # Duration: 00:00:03 # OS: Windows 10 Home # Cleaned: 17 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\johnt\AppData\Local\Host App Service Deleted C:\Users\Public\Desktop\..\App Explorer ***** [ Files ] ***** Deleted C:\Windows\System32\Tasks_Migrated\App Explorer ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\App Explorer ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Deleted HKCU\Software\Host App Service Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5} Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474} Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer ***** [ Chromium (and derivatives) ] ***** Deleted Amazon Assistant for Chrome ***** [ Chromium URLs ] ***** Deleted Ask Deleted AOL ***** [ Firefox (and derivatives) ] ***** Deleted Amazon Assistant for Firefox ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Followed by... # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-22.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-23-2018 # Duration: 00:00:00 # OS: Windows 10 Home # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ########## Then after opening chrome, later, and came up with 3 more detections (have a feeling these are false positive??).... # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-22.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 04-23-2018 # Duration: 00:00:13 # OS: Windows 10 Home # Scanned: 40705 # Detected: 3 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** PUP.Optional.AmazonBrowserBar Amazon Assistant for Chrome Idk, if my first problem, and this are related at all, but there it is... Resolution: Has this resolved my problems? Am i safe, or what else should i check or do, to make sure? Sorry, about the long post. Any help/input is welcome. Thank you for your time!
  9. hello i am working on windows 10 my CPU and memory are constantly working on 99% to 100% and they are highlighted in red when i open task manager nothing shows to have this huge impact ive tried virus scans , malware scans, and nothing seems to be working , i think it is some malicious malware please help mee i downloaded Malwarebytes anti malware and scanned my computer and it only found one threat which it eliminated but it didn t resolve my problem of very high cpu and memory now i am running another virus scan maybe it ll detect something PLEASE HELPPP i really need to fix my pc
  10. I get this pop-up every 30 to 1 hour , i need to get rid of this problem asap without getting to reinstall my windows or factory reset, it interrupts everything, from games , to programs on fullscreen, its making me desperate.
  11. Goodday, Our site service-ict(.)nl is blocked due to malware. Also all the subdomains are reported as malware. The error report: -Systeeminformatie- Besturingssysteem: Windows 10 (Build 16299.371) Processor: x64 Bestandssysteem: NTFS Gebruiker: System -Details van geblokkeerde website- Kwaadaardige website: 1 , , Geblokkeerd, [-1], [-1],0.0.0 -Websitegegevens- Categorie: Malware Domein: service-ict.nl IP-adres: 46.249.42.96 Poort: [50796] Type: Uitgaand Bestand: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Whats is wrong with my site? And possibly, how can i fix it? thanks in advance
  12. Sorry if this is the wrong forum to post this in. This is my first time posting on these forums. I was wondering if there's a way to confirm if a USB flash drive is free of viruses, malware, and/or ransomware? I used this USB flash drive back on Feb. 23rd with a computer (Windows XP) that was a part of a network. The server was infected with Ransomware and all the files on the shared network were encrypted on Feb. 25th. Supposedly nobody used any of the computers on the network on the 25th, so I suspect that the infection happened earlier and activated the Ransomware at a later date (I don't know if this is even possible). I always remove the flash drive from the computer when I'm not using it, however, since I don't know when exactly the infection occurred, I really don't know if it was infected or not. The tech that was hired was unable to decrypt the files and couldn't contact the hacker to pay the ransom, so we ended up replacing the computer with Windows 10 and restoring some of the files from an older backup. There are files I'd like to transfer from the flash drive to the new Windows 10 computer (Computer #1) and to an older spare computer running Windows XP (Computer #2), as the backup the tech used did not have copies of these files. After avoiding the flash drive for weeks, I decided to test it out on Computer #1 (Apr. 3rd), since I thought Windows 10 would be more secure. After plugging it in, there was a notification saying "There is a problem with this drive. Scan the drive now and fix it." I ran Windows Defender and the scan detected "no threats" on the USB flash drive. I also ran a full system scan and it was also clean. Since then, I have been saving documents to the flash drive and opening files on it (always while using Computer #1), but I've refrained from copying the flash drive's files to Computers #1 and #2 because of a lingering fear of infection. Every time I plug it in, I always get the same notification to scan & fix it, but every time I scan it with Windows Defender, no threats are ever found. It's been over two weeks now since I've tried inserting the flash drive and nothing bad has happened to Computer #1 (or the rest of the network for that matter). I've avoided using the flash drive on Computer #2, because I worry Windows XP will be more vulnerable or the infection will only effect XP but not 10. Questions: 1) MAIN QUESTION: Is the USB Flash Drive safe to use (free of Ransomware, Malware, Viruses, etc.)? 2) Does Ransomware usually wait a period of time before activating or take awhile to encrypt files? 3) Are Windows Defender and Avast Antivirus even capable of detecting Ransomware or am I wasting time running scans with them? 4) Have I made a big mistake by opening files on the flash drive with Computer #1, and spread malware on the network? 5) Does Ransomware even make copies of itself and spread like viruses do? EDIT: Another thing I noticed is that the Flash Drive is supposed to have a size of 16 GB, but according to Windows Explorer, its total size is only 14.9 GB. Is this just false advertisement of the product, or is something wrong with the flash drive? Notes: USB Flash Drive: SanDisk Cruzer Glide 16GB Computer #1: Windows 10 Computer #2: Windows XP (Service Pack 3) Windows Defender: Updates automatically (up to date) - for Computer #1 Avast Antivirus: Updates automatically (up to date) - for Computer #2 * The USB Flash Drive is usually plugged into a computer for 2 hours or less. I very rarely leave it in for a long duration. Thanks for your help, T-Ruth
  13. At least once a minute, for 15 minutes, from 11:27 to 11:42 local time, MalwareBytes notified me that it was blocking an outgoing connection to howlong.top at the IP address 109.206.182.9 and the port 60089, referencing that the connection was coming from Chrome and telling me the website was being blocked for malware threats. I've been using the premium trial of MalwareBytes for a bit now, and it expires in about 3 days. I performed a manual scan that found nothing as soon as I realized something may be wrong, and after it concluded, I got about 1 or 2 more notifications that the site had been blocked, but it has now stopped while I've been writing this. malwareblock.txt scanreport.txt Addition.txt FRST.txt
  14. As I said in the title, a blank process in consuming arount 50-60% of my CPU. I tried with lot of antivirus to fix this issue but can't solve the issue. But sometime it doesn't appear after signing in my OS. please help me with any possible solution asap.
  15. I'll be very glad if someone can help me. My computer freezes but I can move the mouse and also takes very long time to respond after clicking something. It also makes buzzing noise when I move the mouse and increases when scanning with antivirus. It started after changing my hard drive and installing a new windows at a computer repair shop. Although I hadn't used it for a long time after getting it back from the computer shop. P.S.- I doubt that they had provided me with a old HDD. Please let me know if any information is required.
  16. I recently got a bad virus that seems to be going around right now. There's multiple instances of Windows Process Manager processes open and when they are, firefox often lags and freezes for a few minutes and my programs open slowly. I ran malwarebytes and a couple other anti-viruses a couple days ago and thought I had gotten rid of it, but the wmcagent was still there, and now the Windows Process Manager processes are back and its just as bad as it was. Cant open file location as it says permission denied but I see the folder in C:\Users\User\Appdata\Local named msblgav where it's coming from but I can't delete it or modify it. Please help. I have malwarebytes but it isnt removing it.
  17. Hi Everyone, When I shut off my computer, I'll often get a message saying "G.exe is preventing your computer from shutting down". I searched the net and found out that it was considered a trojan. In trying to remove it, I've followed the instructions from this forum thread that's now closed. I've posted the relevant logs below. I'd appreciate it if anyone could offer some guidance on this. I've run full McAfee, Malwarebytes, and Super-Antispyware scans and they've come up empty. I also noticed an unfamiliar "rerun (32-bit)" process running in my task manager and it takes up about 20% of the CPU usage. Not sure if it's related, but I figured I'd add it in. Thanks everyone for any help. Big Sky Tech AdwCleaner[C01].txt malwarebytes-report.txt Addition.txt
  18. Hello all, Everytime I open chrome I get a notification telling me that malwarebytes has blocked "api.testrequest.info" and there is usually a 1-4 after api. I have scanned with malwarebytes and used adwcleaner but the problem still persists. Anybody got an idea of how to fix this?
  19. PC got infected with an extremely hard to remove malware. It keeps creating a fake conhost.exe file in Windows/SysWOW64, as well as fake Adobe folders in AppData/Local. No rootkit/AV/Anti Malware program has been able to detect it. It starts up shortly after the PC boots, and its presence is known as soon as MalwareBytes blocks the RiskWare.BitCoinMiner process while doing live scans. The source of this process still cannot be found/cleaned, only the BitCoinMiner process it starts up every hour or so. It will close a majority of programs that run with cmd prompt, will close the browser when trying to search for specific keywords, and tries to blue screen if the user attempts to close or restart the PC. It doesn't seem to run in safe mode. After the malware "starts", FRST keeps getting closed whenever I try to launch it. Should I try to get the logs as soon as my PC boots (before the malware has a chance to start up), or should I get the logs in safe mode? Any help is appreciated!
  20. Hi, I managed to download a bitcoin miner while downloading mods for GTAV, and no matter how many times I scan using malwarebytes it won't go. After the system restart it persists and slows my PC down so much that it struggles with even CS:GO. I can't download FRST or RogueKiller because as soon as I type it in any browser, the browser closes as if the malware is closing it before I can use either tool to kill it. Please end my suffering lol
  21. I had problems that had prevented me from installing or using any anti-virus software. I had to run a special build of Malwarebytes anti-rootkit from here to solve that problem and install Malware Bytes. Here's the forum where I posted my problems and was helped. I was redirected to this post and was able to do the threat scan; however, whenever I click on the link for the Farbar Recovery Scan tool, my browser closes. I am using Microsoft Edge as I had to uninstall both Google Chrome and Mozilla Firefox when they faced numerous problems and refused to open. I was strongly recommended to post here despite having Malware Bytes running on my computer. Here are the logs: quarantine log.txt threat log.txt system-log.txt mbar-log-2018-04-09 (12-49-04).txt mbar-log-2018-04-09 (17-18-19).txt
  22. Hi, I believe I was recently infected by a virus of some sort. Since a few days ago, my laptop (Microsoft Surface Pro 4) has been playing up: 1. A lot of the time, it will be running on 80-100% CPU and the laptop will be extremely hot and the fan will be very loud. When I check to see what it is that's using up the CPU it is mostly 'svchost.exe' in a folder called SysWOW64. 2. The laptop has become very slow as well and it will take a long time to open folders, etc. 3. Sometimes the laptop will crash and a blue screen will appear saying 'CRITICAL_PROCESS_DIED' and it will restart 4. I have malwarebytes installed, and when I start up the computer a lot of the time a box will pop up in the bottom right corner saying that a website has been blocked even though I haven't even opened the internet yet. The domain is 'de-mi-nis-ner.info' which seems dodgy. Please help, I don't know what to do. I have scanned it many times with Windows defender and Malwarebytes and they have both said there are no viruses. Thanks in advance!
  23. Hey Winterstar, I am having the same issue, started today. I had about 10 notices today all outbound, I am fairly good with computers, and could not find an infection on my machine. I will keep an eye on this post, maybe someone will have an answer.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.