Jump to content

Search the Community

Showing results for tags 'malware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 418 results

  1. Hello, I am very new to the malwarebytesforums and it is admittedly a little bit late to be searching for help, but this infection has avoided everything in my power. About four days ago, I acquired a new steam game, but it kept crashing to desktop upon launch. Although the fix was simple (Update graphics drivers), I saw a "Mod" by someone online that'd fix the issue. After downloading and running the file, it gave me an error, so I closed and deleted it, and didn't give it much thought. Little did I know I started going down a slippery slope. About an hour later exactly, norton starts giving me this: There are attempted attacks ranging in intervals of 10 minutes to 2 hours (Not shown here for the reason explained below) Firstly, I apologize, my Windows install is in Spanish, it can't be helped, but I don't think it will affect the removal process. Secondly, the attack always originates from a (What i assume must be) a regional location file within the SysWOW64 folder. I HAVE tried to delete the file folder highlighted below on red (Last attempt today no, which solves the issue for about 4-8 hours. It always comes back. Scans using Zemana, Malwarebytes, Roguekiller, Norton PowerEraser, and the like, return empty. I have also tried running TDSSKiller, but the files it found are either redundant (Civilization V uninstall files and the like) Or Kernel and system drivers which I am too afraid to delete. The only thing I have not attempted is the FRST tool as I dont know how to create a fixlist, and I am afraid of what it might do to the system. I am attaching the FRST.txt and Addition.txt files from today here for review, however. Thank you for reading this far, I'll patiently await your response! Addition.txt FRST.txt
  2. Hello everyone. I installed Adware Doctor from the mac app store thinking it was a legitimate application. I ran it and it removed my browsers' extensions, cookies, and caches, something I could have done manually. I researched the app and found out it is a junk application that poses a security risk. I've watched YouTube videos that claim the application steals browser history and app store searches, retrieves all your application and processes information, and sends it to a Chinese server. I quickly uninstalled the application, turned on my mac firewall, and changed my admin account password. I also installed malwarebytes, ran a scan, and it showed my mac was clean. However, I am worried about what the developers could do to my mac with the data they retrieved. What I want to know is: am I ok? If not, what else should I do to be safe? Links to YouTube videos: https://www.youtube.com/watch?v=cBI5FvOFLls https://www.youtube.com/watch?v=nZ7CVIy5Tq8 https://www.youtube.com/watch?v=IdDE9IPPGJA
  3. I have just installed malwarebytes Premium Trial 3.5.1 and the programme scans the computer and locates over 788 threats, but during the heuristics analysis it gets stuck. It appears to be a similar problem to https://forums.malwarebytes.com/topic/147143-mb-gets-stuck-at-heuristic-analysis/ That article is from 2014, so I'm thinking it might be dated. I have run the adwcleaner which did remove some threats. I have already run mbam-clean-2.3.0.1001 and reinstalled malwarebytes a couple of times, but it always gets stuck in the same spot. Your help is greatly appreciated. mbst-grab-results.zip
  4. I'm a recent subscriber to Malwarebytes Premium. Today I noticed some odd behaviour of my laptop with Windows Defender not updating, and some webpage links not working like they should. I ran a Malwarebytes Scan that found no infections. I decided to look through my settings and found under the tab 'Éxclusions' that a 'Clearload.bid' was an exclusion, with the exclusion type as a webpage. A search of Clearload.bid identified it was a malware. I then removed it from my exclusions. Checked my 'Protection' settings and found that rootkits and scan within archives had changed, I activated these settings and ran another scan. This again found nothing, however I'm not confident this is all I should do to ensure my system is clear of this malware. I attach a copy of my most recent scan report. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/1/18 Scan Time: 8:16 PM Log File: f6bf1cc6-9573-11e8-8211-dc0ea1a5545e.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.391 Update Package Version: 1.0.6153 License: Premium -System Information- OS: Windows 10 (Build 17134.191) CPU: x64 File System: NTFS User: LAPTOP-ASIO-UND\craig -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 279400 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 23 min, 46 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  5. So i was running a adw cleaner and it decteced PUP.Optional.SofTonicAssistant. It said it was a registry keylogger and i cleaned it up and repaired it, but it wont go away. After that i ran a malwarebytes scan and it picked up nothing. ANy pointers?
  6. So i download this software window 10 activator and then suddenly my antivirus detected malware and now my laptop is slow as f. so can someone help me i tried to scan like 3 time with the use of malwarebytes but still i dont think my laptop is safe, can someone pls help me with this, what do i need to do?
  7. Hey, I'm more than a little panicking at the moment. I downloaded a copy of Premiere Pro like 30 minutes ago, which I've found out obviously isnt Premiere pro.. Im doing my malwarebttes scan right now and the current threat count is at 152... It says the identified threats are a mix of files and folders, most being called trojan.yelloader. Its popping up windows of ads 8 at a time and its playing through the speakers repetitively and I really need urgent help with this. The popup windows are called "fnrmavndt"
  8. Hi Everyone! Why Malwarebytes has blocked "grupomissael.com" and suggested not to continue to this website. How did it know that? Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/23/18 Protection Event Time: 4:07 AM Log File: c839747a-8e14-11e8-8387-68b599e07ea6.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.391 Update Package Version: 1.0.6011 License: Premium -System Information- OS: Windows 10 (Build 17134.167) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: www.grupomissael.com IP Address: 23.229.216.196 Port: [56495] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  9. A couple of days ago, I woke up to find out that whenever I google something, the link goes cse.google.com/... I know that this is because of a malware and that it should be removed, I've tried Malwarebytes, Hitman pro, Zemana, but nothing seemed to work. I also made sure that I uninstalled any recently installed softwares, but the problem persists. Any help will be much appreciated!
  10. The Following email is being sent from one user on an exchange server, I have run multiple scans and now running the Anti-Rootkit not picked up anything so far. Email: Please do not click the link: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Subject: Invoice is available No-046242 for month Afternoon, A invoice for you will be available on this link in your account during next 3 days. ==> hxxp://stafffinancial.com/For-Check/ Thank you, <Name of Sender> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Can Anyone help, I am actively looking into my self now: Kind Regards BluespotSam
  11. Hello, For past 1 month i am getting G.exe / UnKnown Application preventing shutdown message in both my standard and admin user login accounts in Win 10 PC. I have licensed version of malwarebytes (Premium and AdwCleaner) and they all run clean without any issue. Norton doesn't return any issue. https://forums.malwarebytes.com/topic/226720-gexe-removal/?page=3 Following from the above thread, i have been able to use GUIPropView and able to see a lone "g" . What is annoying is i used all my past skills using dos, procmon and Process Explorer(sysinternal) to find this PID/Handle but they all return empty. I can't figure out from where this nasty thing is originating from since Process and Instance FileName are reported empty from GUIPropView. Please help in fixing the UnKnown application preventing shutdown issue in my PC(Last option if any before factory resetting my PC) Thanks, Appukuttan
  12. Scanned my computer with the free version of Malwarebytes and had Pup.Optional.Reimage. Quarantined and tried to delete, but was there when I rescanned. Tried to delete it manually, didn't work. Tried Zemana, didn't work. Tried Adwcleaner, didn't work. The file is located at C:\\USERS\MYUSER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PREFERANCES. Please help, I've got a project due in two days and I'm prioritizing removing this over doing that.
  13. My computer has new ads popping up in new tabs every 20 minutes or so in Chrome. I can't run MalwareBytes, RKill, or Farbar unless it is in SafeMode. MalwareBytes detects RiskWare BitCoinMiner, but after quarantine and deletion, it reappears on reboot. I know I have utorrent installed and I am 95% sure that's what has caused this issue...will never use again. Please HELP!!! Addition.txt FRST.txt MalwareBytes Scan Log.txt
  14. Hi, I've been using MalwareBytes Free on my computer for a number of years, never had a problem and only use it for the bare basics - only 'safe' websites (Wikipedia, Facebook) and don't use it a great deal anyway. Did a scan this morning and it detected "MachineLearning/100%anomalous detection" - interestingly I had run a scan earlier without the internet connected, but after I connected the internet and ran the scan again it found it. I've since quarantined and deleted the file, ran another scan and all seems well - I'd just like to know what it was and whether it was a real problem or a false positive. I did a large Windows update (1803) last night and wonder if that's related? I have looked over this forum and seen that this detection has come up a number of times for people developing their own software, however I am not a software developer and had nothing on my computer that an average user wouldn't have. I understand that MalwareBytes is using new detection systems to stop malware, and so hopefully this is a teething problem rather than a real concern. I'm pretty savvy about computer safety, but still I'd rather be certain that everything is OK. I'm attaching the exported report here. There are no other visible signs of infection (slowing down, redirects etc). Thank you! MB Report.txt
  15. Hi. I have high ram usage at times, I mean 70-90% and I think it's connected to malware and Malwarebytes can't pick it up, but when my windows has been up and running for few hours, it shows 2 malware threats are detected, but even if I quarantine them and delete them, nothing works, they just keep coming back. I have also tried to use ADW cleaner multiple times without any luck too since it's all come back a few minutes after windows has loaded. One thing to note is that Chrome is only using 4-5 GB of ram which is okay, but the task manager shows over 70% even at sometimes 90% so there might be something running in the background which is hidden. I really hope we can fix this since this really destroys my PC experience and I can't wait to get down to bussines. Thank you. FRST.txt Addition.txt
  16. Hey guys, I noticed a strange folder in my temp folder called BCLTMP containing subfolders with the names of my browsers. Inside of these folders are files that contain my saved favourites, visited urls and searches. After deletion of the BCLTMP folder it appears again after a while, sometimes after a day, a week or a month. After scanning my PC with all the tools I have (which didn't find much and didn't stop the folder appearing) I decided it might be normal.. Then I bought a new laptop which showed the same behavior within the same week I bought it. Nothing was installed on the laptop, no usb used, it had only been connected to my router. I have connected other laptops to my network in the past which showed the same behavior. Could this BCLTMP folder which seems to track my browser history be spyware/malware? No one else seems to have the folder. I am using Windows 10 pro on both devices. I tried scanning with malwarebytes, roguekiller, adwcleaner, eset sysrescue, exterminate it, spydllremover (which reports hidden rootkit, with processID, hidden), superantispyware. tdsskiller won't boot (redownloaded, same result) and comodo CCE crashes the computer and then refuses to boot. Note that the laptop with the BCLTMP folder is a clean windows 10 install with no installed software. My router reports synflood attacks from within and outside of my network, and it's firmware has been reinstalled by the isp just to be sure. Not much else to see there. How can I figure out what is happening to my devices, and what this folder is for?
  17. Hello guys. My name's is Rob, and i have a big problem. My computer is too slowly and i don't know why. I have tryed MalwareBytes AntiMalware Premium but, he find 0 threats, MalwareBytes Adwcleaner 0 threats, and EEK too... By The Way, my computer sometime have a "freeze" for five or two seconds, when i play, when i use the browser. Two years ago i used Iobit, or something like this, and i use this software to help my system but he have damaged my computer and i kick him from my computer. Right now, my computer suffer lag,freeze, and CPU go 100% when i run word, chrome, in conclusion any program -> CPU 100%. Maybe Chrome Infected? Malware/Rootkit in my computer?? IDK... My pc is original , and i have an original key, maybe i need format? I have BitDefender Free Antivirus. And at the end, i can't use sfc /scannow or scandisk , because my disk is already in use ALWAYS and i can't use sfc /scannow etc... Three years ago, i had a rootkit infections, (20+ rootkits) , i find it with Avast Antivirus. Sometime, i go in C: and i have 180GB, i refresh and i hav 170GB, and other bugs.. i dont know whats happening ... I attach FRST.TXT and ADDITION.TXT. R0b FRST.txt Addition.txt
  18. Every time I restart my PC, I get a notification from Malwarebytes that a 'website was blocked due to malware'. It claims to be an outbound connection affecting the file 'powershell.exe'. The website is f.top4top.net. Malwarebytes identifies this as malware but it is not a program I can remove and I have never visited that website. I'm looking to sort out whatever the issue may be here. The logs can be found below. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/8/18 Protection Event Time: 4:25 PM Log File: 137327b6-82ed-11e8-8c03-1c1b0d993f99.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.374 Update Package Version: 1.0.5823 License: Trial -System Information- OS: Windows 10 (Build 17134.112) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: f.top4top.net IP Address: 185.186.244.145 Port: [49871] Type: Outbound File: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (end)
  19. So i have Installed malwarebytes,its been 6 days using the trial.So the problem is this pops randomly every time for the last couple of days - Website blocked due to riskware - .This pops up sometimes when my pc is idle, sometimes when I am playing online games, sometimes browsing, sometimes watching movies etc. It's always this random IP that i don't know. This pops literally randomly and in the advance tab of the report where it shows what file it is,it shows nothing.I don't understand this. This triggers sometimes a single time, maybe sometimes 3 in a row, sometimes a single time and hours later 2 times.Its so random. Please help me what this is,and pardon me for English and my lack of knowledge in this department. Here is the long - Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/15/18 Protection Event Time: 7:08 AM Log File: a54c4798-87cb-11e8-b338-382c4aba6654.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.391 Update Package Version: 1.0.5907 License: Trial -System Information- OS: Windows 10 (Build 16299.492) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: RiskWare Domain: IP Address: 212.83.190.122 Port: [445] Type: Inbound File: (end)
  20. Hello all, my first time posting in this forum, sincerest apologies if this is the wrong place to post this. My computer has been infected with something that causes gambling/bitcoin websites to pop up randomly. It also causes anti malware programs to close and malware related web searches to be closed as well. I have conducted scans in safe mode with Malwarebytes, spybot and avast free antivirus to no avail. Hope that this forum will be able to help me ? Thank you!
  21. Yesterday, I have downloaded some program via the internet and something unwanted program called All radio came up and I cannot delete it. I already tried to scan using Malwarebytes but nothing works. This thing makes my computer slower and sometimes opening unnecessary programs. Please help:(
  22. After I downloaded pokki start menu and scanned it with adwcleaner several times and deleted it. I went to my start menu and saw start menu no pokki just start menu my laptop labeled it new so I went to downloads it automatically closed I went on chrome typed malwarebytes it closed what do I do!?
  23. Hello. I Am Having Some Trouble Getting Rid Of This No Good Adware Pokki Start Menu.When I Downloaded The Pokki Start Menu I Thought It Was SafeWhen I Looked Up Pokki The Google Results Showed How To Delete Pokki Virus I Took Action And Downloaded Adwcleaner It Found It I Scanned 4 Times Then adwcleaner dissappred right out of the blue with out permission I clicked the windows button and I saw Start Menu And I learned the virus was still there I went to task manager no results of pooki I went to files to open up adwcleaner than it closedthere is no more Pooki but the start menu is still there how do I uninstall EVERYTHING by the way pooki is not in the uninstall place. What softwares can I use to get rid of it or anything. P.S. I scanned and adwcleaner detected pooki then deleted than disappeared without consent I did not even notice
  24. How do I make sure my computer is safe after downloaded malware? Windows defender found (Trojan:Win32/Fuery.B!cl) when I stupidly downloaded something, quarantined it, and then I deleted it. I checked my Storage and found a new app, then uninstalled it. Then downloaded Malwarebytes to make sure it was gone, details: -Log Details- Scan Date: 7/2/18 Scan Time: 11:17 PM Log File: 06afd75a-7e78-11e8-a07b-4ccc6a9054e5.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.374 Update Package Version: 1.0.5739 License: Trial -System Information- OS: Windows 10 (Build 17134.112) CPU: x64 File System: NTFS User: DESKTOP-ETDTBVM\Ray -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 321870 Threats Detected: 7 Threats Quarantined: 7 Time Elapsed: 1 min, 22 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [220], [236865],1.0.5739 PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [220], [236865],1.0.5739 PUP.Optional.Conduit, HKU\S-1-5-21-1056684928-3674633434-835679265-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [220], [236865],1.0.5739 Registry Value: 2 PUP.Optional.Conduit, HKU\S-1-5-21-1056684928-3674633434-835679265-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [220], [236865],1.0.5739 PUP.Optional.Conduit, HKU\S-1-5-21-1056684928-3674633434-835679265-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, Quarantined, [220], [236865],1.0.5739 Registry Data: 1 PUP.Optional.Conduit, HKU\S-1-5-21-1056684928-3674633434-835679265-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [220], [293058],1.0.5739 Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 PUP.Optional.Conduit, C:\USERS\RAY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1MB3KCI5.DEFAULT\PREFS.JS, Replaced, [220], [301520],1.0.5739 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  25. I have a pretty nasty malware issue. It disables me from installing malwarebytes and similar antiviruses. It also stops me from opening certain websites. Does anyone have an idea of how to fix this? I hope someone has an answer...
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.