Jump to content

Search the Community

Showing results for tags 'malware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. To anyone who can assist! I have come across an issue with my internet being increasingly slow. Upon further investigation, and using Malwarebytes excellent detection software, i have found that malware (pup bikiniland, pup ask) being continually being reinstalled and present every time i reopen chrome. I have tried resetting the "account sync" for Chrome per the instructions of the post that solution regards, to no avail. Attached are multiple scans done that were outlined in the post created indicating how to inquire for assistance. "scan.txt" indicates a scan done without the rootkit scan function enabled, and "root.txt" indicates a scan done with the rootkit scan function enabled. Blessings! Ryan S. FRST.txt scan.txt root.txt Addition.txt
  2. Good morning I wanted to consult with a member of malwarebytes to help me with a problem that I have had for a long time, it is that I have a virus that is installed only on my cell phone even after having restarted it from the factory, what happens is that applications are installed With names like Calendar, Settings, Game store and the one that always appears and apparently is the strongest one called gooysf, apart from this, the browsers only open to a page called hastopic.com and also to the playstore to applications Like alibaba, when I try to type on the keyboard sometimes it closes on its own and when I want to see all the apps I see that there is an app called settings that apparently works in the background and it also pauses the videos that I see, finally all this is It installs in the files of the system folders with names like qwusz ayzx and many (I got to delete 46) also it slows down the phone and turns it off by itself or leaves it inoperative forcing me to restart it forcibly, my t Elephone is a zte blade a315 with android 6, I would appreciate your help
  3. Can anyone tell me what are challenges of Ransomware? Please help me i need challenges of ransomware
  4. Hello I just downloaded malwarebytes to try it out since we use it on our company laptops but I wanted to install it for my personal PC as well but since downloading it I have been getting constant prompts about a Trojan detected site from syswow64\ipconfig which just appears to be a standard windows file to get machine information the export of the alert is posted below as well as a screenshot of the popup. The IP Address from that screenshot (to my knowledge) is not my machines IP address. Your assistance is much appreciated. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 10/24/20 Protection Event Time: 7:48 PM Log File: 64f22c62-1653-11eb-b626-00d861c20f84.json -Software Information- Version: 4.2.1.89 Components Version: 1.0.1070 Update Package Version: 1.0.31948 License: Trial -System Information- OS: Windows 10 (Build 18362.1139) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\SysWOW64\ipconfig.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: IP Address: 217.8.117.53 Port: 3590 Type: Outbound File: C:\Windows\SysWOW64\ipconfig.exe (end)
  5. Since the last week, after I was trying to install a software, I landed up at the wrong website. While everything seemed normal, it wasn't, the download installer was certainly a scam. It didn't install anything in-fact, my antivirus is consistently detecting an intrusion attempt titled - "Miner.Bitcoinminer Activity 7" every 10-30 mins. I use Norton 360. I have tried everything in my power and based on similar threads in the forum. I used Norton Power Eraser, Adwcleaner, RogueKiller, nothing seems to work. The warnings persist. My laptop is also getting more heated than usual. The source of the intrusion seems to be from a folder \DEVICE\HARDDISKVOLUME9\WINDOWS\SYSWOW64\WCN\S-1-5-77\TIWORKER.EXE. I have attached the recent history logs from Norton. I request someone to please help me remove this. Nothing seems to work, and I won't be able to make any payments with my PC till this gets sorted. Recent History.txt
  6. So as i was using MalwareBytes my device found 43 detections as it was sending them to quarantine it was stuck on removing 4 out of 43 it has been 4 hours since and it still hasn't been removed , i have 4 gigabytes of ram and no background applications were running . So can anyone help me?
  7. Hello! I recently had a bunch of trojans downloaded to my computer from some fake software. Thankfully, I was able to delete and recover my computer back to "normal" after downloading Rkill and running Hitman Pro regularly. A few months have past however, and every once in a while I'll get another trojan or rootkit unknowingly downloaded to my computer. I run Rkill and Hitman Pro everyday just to check and it makes me wonder if the hacker on the other end has given up lol. Anyway, Rkill has found that there are some windows protocols that are turned off such as Windows Antispyware and malware being turned off, and Windows automatic updates. Also, there are a few resparse points and junctions that it has found as well. Attached is a text file from it's findings. Let me know if you can help in any way! Thanks! Rkill.txt
  8. Hi, Our business website https://wlpayments.com has been marked as malware containing trojan. Our customers are seeing the block notice whenever they are using the malwarebytes products. With this our customers are reluctant to visit the website and we are loosing business. Please look into this as soon as possible and let us know. Thanks,
  9. So it seems I have some sort of malware on my Google Chrome on Mac. I'm pretty new to this so please bare with me. For example When I search a random search in Google Chrome this URL briefly shows: http://www.google.com/url?sa=D&q=http%3A%2F%2Fsearch.operativeeng.com%2Fcps%3Fq%3Dwhere%2Bare%2Byou%26_pg%3DD5AF862B-7C24-5787-AF3D-AEAFF9F8B205 I am then redirected to Yahoo's search engine even though Chrome had always been my default. When I go to Chrome settings I see this search engine listed but there is no remove option. Chrome://management shows my computer is being managed by an outside source (this is a personal laptop). Going to chrome://policy shows this as default search provider http://search.operativeeng.com/favicon.ico I ran a Malwarebytes scan, it identified three threats and I quarantined and then restarted. However the malware is still on my chrome. I am wondering if it is embedded into my gmail account somehow. Thanks for any suggestions, just worried they could steal my passwords/financial information somehow.
  10. I recently detected a malware by the name of crytominer( it was detected and assigned the usual generic name by malwarebytes) and quarantined and deleted it. I just wanna make sure that any traces of it are not there anymore. I recently ran (post detection of malware) malwarebytes and adwcleaner and did not get any detection
  11. I decided to download MALWAREBYTES and run it. It identifed lots of threats (all related to PUP.Optional.ASK PUP.Optional.Babylon and also PUP.Optional.Conduit) and quarantined them all. They were all located at the carpets \AppData\Local\Google\Chrome, etc... I ran another MALWAREBYTES scan but the malware keeps regenerating every time I open chrome! It keeps founding over and over again those 6 threats. After long time of using my pc if I run a scan it shall find around of 20 threats. I've deleted all my cookies and history and settings and extensions from chrome but nothing helps, got the BitDefender antivirus but that one doesnt even detects the 6 threats malwarebytes founds. Can you please help me get rid of the MALWARE?
  12. Hello, I recently had an infection and did all I can to get rid of all the malwares I had in my computer. I did a scan with Malwarebytes and got rid of all of them, but everyday, a few trojan keeps coming back, and i don't know what to do to stop them from coming back. I hope you guys are able to help me, tell me if you need specific informations ! Because I don't know what to show. Thanks.
  13. I am using windows 7, and almost minute by minute, a notification in my lower right corner appeares from Malwarebytes saying Website blocked due to trojan. the website is 76236osm1.ru and the file is C:\Windows\SysWOW64\msiexec.exe this is a msiexec trojan but i cannot remove it. malwarebytes doesnt detect it. the ip of the website didnt change yet i am seeing the same one verytime. Help me please with issue...
  14. I have been working with MB and they are not getting back to me (submitted my logs 16 hours ago). I think this is a false positive but need to be sure (I have seen this come through as a false positive before). Anyone else seen this? I saw last week this was an issue but this came through Sunday. Maybe carry over? Trojan.Dropper Quarantined C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe Trojan.Dropper Quarantined C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.35.452\GoogleUpdateSetup.exe
  15. I have been experiencing 100 disk usage now , I don't know what's the cause. I've been trying things to fix the 100% disk usage but it comes back again. Then I figured I'll uninstall unused applications on my Laptop. Then I found the gpedt.msc 1.0 - Richard . I'am unable to uninstall it. because it is a verified publisher: Microsoft Windows ( see attached image). I'am in the process of scanning everything on my Laptop using Malwarebytes because Kaspersky Internet Security didn't find anything. Should I proceed with the Farbar Recovery Scan Tool steps ? Please , I need help
  16. I have been experiencing 100 disk usage now , I don't know what's the cause. I've been trying things to fix the 100% disk usage but it comes back again. Then I figured I'll uninstall unused applications on my Laptop. Then I found the gpedt.msc 1.0 - Richard . I'am unable to uninstall it. because it is a verified publisher: Microsoft Windows ( see attached image). I'am in the process of scanning everything on my Laptop using Malwarebytes because Kaspersky Internet Security didn't find anything. Should I proceed with the Farbar Recovery Scan Tool steps ? Please , I need help
  17. Hello, today, I wanted to install a game, long story short, it came with a virus, it came in a zip file, I ran the executable and it installed me 2 programs: "Garbage Cleaner" and a disk cleaning program, I already knew it was a virus in that moment, I deleted it, checked the task manager, many processes with random names were open, I tried to delete as much as posible, but there were 2 files I couldn't, I ran the Windows defender scan (back then I didn't have malwarebytes) and it said it didn't detect any threats besides the exceptions (I didn't add anything to the exceptions), so I checked the exceptions and found many programs that I couldn't remove from the exceptions: https://i.gyazo.com/d941cb222177cd751fca0d7db7938229.mp4. I tried editing the registry, but it didn't let me remove the files from the Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths directory, so I tried running multiple scans with many antivirus programs (avast, emsisoft, kaspersky, etc) and the only one that detected something was Malwarebytes, I quarantined the items and deleted them, but the virus is still there, the exceptions are still there, my PC is running really slow, heating without doing anything and my Chrome browser shows third-party ads when I search for something in Google (they are not chrome ads). Here's the file that contained the virus: https://landtoumodo.ml/89b848616374564be015cad52bb0bc25GyP/gY2yQ6H39ALLsTgmZjVSID7kb/5Du6BEj7F3dILfLgc=/435EERoU/setupdf.zip I would really appreciate if you could help me with this issue.
  18. Hi. I've been noticing high CPU temperatures and fan speeds on my laptop (which I recently cleaned and reapplied thermal paste to). Every time I open the Task Manager, the CPU usage is on 50 - 90% for a moment but immediately drops down to 5 - 10%. I'm suspecting this is a bitcoin miner virus, mainly because the symptoms are identical to what was described in this thread. Should I follow the same steps given to the person in that post? Thanks in advance for any replies. (My system is an XPS 15 9560, Intel i7 7700HQ, Nvidia GTX 1050, 8Gb RAM, Windows 10 Version 2004)
  19. Everytime I started my pc, I noticed a thread named g****.tmp.exe appeared in the running thread. I suspected this is a malware infection. I attached the scan results from Farbar Recovery Scan Tool and the tmp.exe below. Please help, thank you. FRST.txt Addition.txt tmp.zip
  20. The other night I tried to visit a site, but Panda Dome would not let it display and reported it as a virus because of a redirect (see attached items). Now I am getting the issues on other pages. I thought it might be malware and have used all the apps, but am unable to find anything on my system. Do you know what could be causing this issue? Blocked Items.txt
  21. I recently opened a Microsoft Word document i was sent my someone who i didn’t know very well. When i opened it my mind began racing as to why he would want me to open this... that’s when i got to googling and found out about “Malicious Macro’s”. That’s when i decided to have a look at my Task Manager, there i found a file called “Launch” in my Start-Up. I disabled it right away and then began finding more and more suspicious things running that i knew were not previously there. One was called “Coordinator.exe”. As i started digging more clicking on “Open-File-Location” i found a folder full of at least 100 python scripts... in my panic i deleted almost everything i suspected to be malicious... i found dozens of DAT files and text documents which are mostly appearing in Temp folders in Users>Local>Temp and Windows>Temp. The DAT files are all just named a random assortment of characters and the text documents are all called the name of my PC and then random numbers, these text documents are being dumped into Temp hour after hour and contain a sort of Log looking thing? However i don’t know what it is logging... I also found a file called “ZoomInfoContactContributor” blah blah blah.. I believe this to be a part of the malware as i have never used Zoom before. I did a google search and found that it could be malware, you can see it for yourself here: https://www.hybrid-analysis.com/sample/0ac026cc1f7a108f5fd908f7703d8af1d14735cff2556f230f902990321563b7?environmentId=120 although i could not really make sense of it. I have also done a MalwareBytes scan (with Rootkits box checked) and it found 0 Threats in an 8 hour scan... So what i want to know is... did i disrupt this malware in my tangent of deletion? or could it still be present somewhere undetected? Thanks in advance.
  22. My iphone has been making calls by itself around the same time (11:00am) by itself to numbers not in my contacts, every morning for the past 4 days, sometimes two numbers a day. I can tell they have all been local numbers by the area code but i have no clue how this is happening? Any ideas/fixes?
  23. Today I installed an app from outside the play store named Amoled live wallpaper from yhe website apk4free.net (full url : https://apk4free.net/amoled-livewallpaper/), this link tricks you into downloading mobidash which is 6.8 Mb something. So I downloaded and installed the adware thinking it was amoled lwp and guess what!? it was not showing either in my apps screen or my application manager, however all thanks to malwarebytes, malwarebytes found it and uninstalled it, it was even not being shown as a blank app in my application manager, I did everything to find it. So I just want you guys at malwarebytes to know that this adware no longer shows itself in the application manager. It has evolved. I'm using a galaxy note 10 lite android 10. Thanks, awaiting your reply. Please do assure me that the malware or adware had reaaly been uninstalled by malwarebytes from my smartphone. Please download and inspect the file from the respective link I provided above.
  24. hello first of all please dont judge my english 😅 so the thing is i used a program that was recomended by malwarebytes in a topic i found, and malwarebytes found some but not all and i wanted to ask you guys for help this is what the program found. so what should i do reinstall my pc ,or are these threats deleted ? because i see partially 😯 msert.log
  25. Hello everyone, I am a long time user of MalwareBytes Free and believe it good practice to run a good AV and Malware tools as standard PC security. I am raising this query because i have seen anomalies over a long time (over a year) and am now thinking it could be the security products. I run the latest Avast Free AV and Malware Bytes free along with Hotspot shield free VPN. i regularly do Avast boot time scans and Malware Bytes HDD scans in windows. After these scans occasionally i see odd issues ranging from file associations reverting back, occasional application reinstalls and like today outlook not opening due to a corruption in the Avast add in. A Avast reinstall fixed this. If anyone can advise me on: 1) Do i need separate AV and malware protection? 2) Does Avast free AV and Malware Bytes free work together? 3) If MalwareBytes does not work well with Avast free AV can any good AV be recommended. Any help is appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.