Jump to content

Search the Community

Showing results for tags 'malware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 222 results

  1. Good morning everyone, I'm new in this forum, I really hope you can help me. Yesterday I've find something strange in the behaviour of the PC: Windows Defender doesn't find any problem but when I open its history it crashes. I've find the name of the maleware before the last crash (Trojan:PowerShell/Mountsi.A!ml). Running MalwareBytes I've found some malewares so I eliminate them but the problem is still there! Thanks.
  2. Hello. Since I updated my windows 10 (this morning), Malwarebytes keeps showing a pop-up of "Website blocked due to phishing" And this is - it. And these are the advanced "info" - Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/6/20 Protection Event Time: 8:45 AM Log File: e7aa89d8-bf4b-11ea-af68-00d861d43d5b.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.972 Update Package Version: 1.0.26459 License: Trial -System Information- OS: Windows 10 (Build 18362.900) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\System32\PING.EXE, Blocked, -1, -1, 0.0.0 -Website Data- Category: Phishing Domain: window-updates-service.com IP Address: 151.106.15.12 Port: 0 (No malicious items detected) Type: Outbound File: C:\Windows\System32\PING.EXE (end) I want to know if it is a real problem or it is not. If it's safe for me to add a web exclusion for the site or not. Thank you for your time.
  3. I was recently on opera and noticed a search bar pop up on the top of the screen, when you click on the search bar it takes you to a fake search engine and whenever you search something it takes you to a yahoo page I figured it was malware so I even downloaded Malwarebytes right off the bat and ran a scan. Nothing was found. I found the malware in control panel and deleted it but it is still there. I've re-ran Malwarebytes and nothing is found but I can't find a way to prevent this search bar from appearing on the top of my screen. Any thoughts on what I need to do?
  4. Hi, I had been having awful trouble for a while with webpages not loading "resolving host" issues, in multiple browsers. I thought it was chrome so I changed to the new Edge chromium After searching for answers I came across a number of people having the same problem and the cause seemed to be Malware bytes and mainly real-time protection. I turned real time protection off, and have now run for two weeks with a 99% improvement, I wondered if you could check for me. Last week I collected the log reports to upload here (attached) I think I also had trouble when running the free version though, Im not sure I wondered if you could confirm this and what to do about it, I paid for a premium subscription on 3rd april 2020 but was running free version before Many thanks for any help mbst-grab-results.zip
  5. The program isn't showing up as the Free or Premium version, I bought a key but whenever I try to activate it it can't connect to the license server. I reset all the firewall settings but it didn't work. Here are the grab results from the support tool. mbst-grab-results.zip
  6. So I unfortunately encountered a malware when I tried to download a game from unknown sources. It was the SAntivirus one and it even installed the SAntivirus Lite on my laptop. I detected it and uninstalled the app and after that even used malwarebytes to check for potential threats and quarantined the Trojans and PPUs detected. But my laptop is still slowing down to the point where it takes almost twice/thrice the time to open up application and boot. I would really like someone's help. It you want I am ready to run scans and share the same here. I fear I might not have access to the scan result of when I removed the SAntivirus malware but I will have to check. I am obliged to anyone who helps me
  7. my dekstop has been infected by tojan.agent, i already use both malwarebytes and adwcleaner. but on adwcleaner, i cant delete the trojan.agent on c:\windows\rss folder. im still using my windows defender, and the virus still apearing everytime i turn on my dekstop. i dont have any idea to do now, can someone help me? thankyou!
  8. Now this happened about 3 months ago I have long before reset my PC to windows 10 by now but for some mysterious reason my ABV.bg email has been repeatedly getting hacked every time! even tho last time I changed my password to be unique combination of 30 symbols and letters including the secret question and answer. Its still getting mysteriously hacked and at this point its obvious the information is being leaked from my PC so the trojan/keylogger/hijacker or whatever has not been removed even tho I did repeated Malwarebytes scans and I even scanned with Bitdefender in boot environment still no such luck! Yesterday I saw about total of 74 SVHOST.exe processes in my task manager and I don't wanna say all of them are viruses but I doubt windows needs that many processes to run! So something is definitely up here! As for the virus I had in February that hijacked my browser immediately after I found my email hacked I checked my Temp folder and what do i find multitude of unknown files scattered on about I put them all in a 7zip archieve in case I need them to be give them to a professional for analyzing etc! The hacker had even hijacked my wifi (I even found some chinese characters within the wifi app pointing at some access point in some chinese province) I am pretty sure so at this point I am not even sure if its DNS hijack or browser hijack...or whatever hijack the trojan just keeps appearing and this time he seems to be not leaving any files on HDD so I am not sure if its using fake windows processes or services I need to get rid of the malicious files before trying another clean system install... The FRST.zip logs I have provided are from Safe mode scan today in Windows 10 I included some older ones too from previous months! FRST.zip temp folder viruses package.7z FRST 09th-05 Logs.zip FRST 27th-04 Logs.zip
  9. here's the logs you need. i have no idea where i got the RAT from since i didn't download anything sketchy. I did a full system reset with settings to try and get rid of it but apparently they can survive those so i want to get rid of all rootkits/ rats/ hidden malware in my pc. thank you in advance! Addition.txt FRST.txt malwarebytes log.txt
  10. Im not a malware expert but it seems it have infected the windows installer msiexec.exe and sending or receiving data through internet to a domain "4nbizac8.ru" , malwarebytes categorizes it as an adware and blocks it. But the malware keeps repeating itself every 4-5 seconds it cannot be stopped. Malwarebytes keep notifying that it successfully blocked it every 4-5 seconds. I ran the scanner multiple times but it cannot fix it, its up to date. Here is the log : (end)
  11. Hi, so one day I was playing Minecraft and almost took a break but somebody was moving my mouse! So I went into airplane mode and scanned around but didn't find anything. I reset my PC with settings and I read that RATs can survive resets so I want to get my system rid of all rootkits and RATs and hidden malware.
  12. Hello, I have problems with g****.tmp.exe, it use RAM and CPU in process. I read some topic in forum and know i need Fixlist.txt checked by some of you. Here are my file after run FRST64, hope someone can help me. Thank you in advance! Sorry for my bad grammar English. Addition.txt FRST.txt
  13. After launching game it crashed, after I tried to delete the folder it was open in another application. Using Process Explorer I found that it opened a schtask.exe. I looked in Task Scheduler and found a GoogleUpdateTaskMachineUAC that hasn't run yet, but it was linked to a file in Roaming/d_temp/sevices.exe with the game's logo. The game was scanned by ESET nod32 before I ran it. Malwarebytes free didn't detect anything neither did the Rootkit protection or the windows security.
  14. I was invaded on my Mac running Catalina 10.15.5 by MacKeeper. Everyone thinks it's just a virus scanner app that has bad code but the company is worse than what it appears. I will attach some files that they took over to take full control of my Mac and wanted 200 to go on it with their techs and "clean" the viruses and malware that I had. When I told them no I got the full brunt of their invasion. They quickly ran a js file that installed their ransomware before I could disconnect my mac from the internet completely. I then spent a day tracking all the files and broke them into readable code so I could see what it was doing. Here was my first clue that I wasn't getting my Mac system drive back. This is from the System/Driverkit/Runtime/.../kernal/.../info.plist: Note that it changed the package type to 'FMWK' and the signature is '????'. I went looking for files installed by FMWK and found it had rewritten the code in my grammar checker for chrome to include thousands of lines of code. It took over root and all the groups. It added it's own acct and changed the root/admin password so I couldn't undo their program or kill it. It had a line of code in it that basiclly said, "if any of my files are changed or missing to add them back right away." I did try a lot of deephack moves on their code but it would just put itself back. It added hundreds of files in all different types such as js, php, xml, css, de, oss, json, h, c, html, intime, py, ssh, and more. They wrote files into the usr/local/opt, opt/x11/bin, lib/ext, lib/apple, sys/vol/data and added a burred directory called /zz/. They captured my fingerprint reader because I have all my passwords in a safe. This they used to control what I could get to and do. They added com.apple.lockoutagent and webpack bootstrap so neither I nor Apple support could use the system recovery section to rewrite the system. The grammar file base app was called Grammerly_popupeditor-denali.js. so I took it that they were from India. And I could go on for a long while about the code I found in these files but I couldn't do anything about it. I finally gave into the fact that they had won the battle and I totally cleaned the system drive and wiped my Mac til I knew it was clean. Then I used an external boot drive to reinstall the system. It's a good thing they couldn't get to my apple id password or my icloud id because they trashed my TimeMachine backup drive too and made it a mess. I had a couple of long days and nights breaking down what they had done and to what extent then reinstalling my system. I'm writing this account of their activities so other will be ware and maybe someone higher than me (Apple) will put them on the blacklist. Yes I did have Norton installed and it would have stopped them but they thought of everything and erased the main .exe file before they installed all this mess. Of course I could not reinstall it or any other app too. There are names for people like this that I won't say. I just hope someone shuts them down before we loose a government computer or something else important. It has taught me a valuable lesson in cybersecurity and that is to do better at it. They will get theirs someday. I found them out and so will others. Please put them on the blacklist Apple.
  15. Hello! I deleted my trash the other day and has happened to me twice that some random files re appear in trash after deletion, does this have to di with malware or just a simple bug?
  16. Hello there, I have a dell vostro 5568. I had to get the motherboard changed and now the board is from dell 7460. I get this message at start up :- Alert! TPM device not detected. I checked the boot menu and under the security tab there is no option related to TPM. The problem: I cannot run anything as admin. I have just one user account and that is the admin. Whenever i download any exe file, i am unable to install it. I tried changing the user account settings, but it wont let me change the default settings to let third party apps get installed. I tried using safe mode but the antivirus wont work because of BFE is turned off error. Please help me. Either this is virus or TPM. I dont know.
  17. Hi, I had overheating problems in my windows 10 laptop for about a week. I updated my bios and upon restarting, a window popped-up, with a certain WINRMSRV asking for permission through my firewall. I got suspicious and i run a malware scan with malwarebytes, who found 31 menaces and currently 27 are quarantined. Windows firewall and windows security are not working right now (I didn't realize they had been disabled, I see a blank page when opening windows security) , as well as AdobeReader, which I now uninstalled. I would like to know if I can delete these files from quarantine and how can I restore the applications that are not working right now: what happens if I delete the quarantined menaces, given some of them are under system32 folder? I can upload the findings log if is needed Thank you to whomever helps.
  18. Hello. I fell for something today and got a bit screwed, I've had my PC crash twice and I'm a bit worried because Malwarebytes hasn't found anything and something else fishy is up. When the first crash occurred there was like this womans photo plastered on the "crashed" screen, never seen that photo in my life lmao. If you look at my screenshot, when I open the program, it shows that everything is enabled but my taskbar shows the ! sign and shows that protection is not enabled - very odd. First time this has happened too. I uhh.. uninstalled the frowned upon executables. Any help would be nice, thank you for your time. scan.txt Addition.txt FRST.txt
  19. Computer infected with Trojan Virus and Malware My computer has a problem as it has been infected with Trojan virus and malware and adware the name of the virus is(TROJAN.PHISHING.ARK!eml) this name was there when windows defender did offline scan .as well and the keys are not working the desktop icons are not appearing and I can't use the desktop itself and even the local C drive is also affected in user data now how to repair the computer computer desktop icons are not appearing since many days as well as the keys are not responding itself even after pressing F8 the task manager shutdown itself nothing. Actually actually I had installed two apps that is reimage repair and internet download manager for downloading my online lectures then because of this virus entered and the bottom task bar in desktop is always loading and only the wallpaper is shown with no desktop icons and I even tried several times restarting via CPU button . I can't use the desktop. I have a doubt that my computer has been formatted by this virus. When i knew about the virus i installed malwarebytes (Anti virus programmee) and I used to quarantine the virus files and delete them and Windows defender has said it partially removed the Trojan. No icons on the desktop. THE ARROW IS LOADING ALWAYS THE BLUE CIRCLE IN THE BOTTOM ICON BAR. Please resolve this issue as fast as possible
  20. Some weeks ago I realizad my Malwarebytes date is wrong. On "next scan" it says 01/01/21 and last scan says it was on 31/12/20. In the little icon at the top of the Mac screen says that scans are being done daily but when I check reports I can see that suddenly scheduled scans are not being performed. I deleted the app and downloade it again and I think it's working fine now but I still would like to know why this happened, I am a bit worried. Thanks
  21. Hi all, First time with this type of trouble and I've come across this forum via a Google search which I had started reading through this thread here: I will try to do my best here in understanding and communicating with the everyone and your knowledge. Thank you in advance for any help. I'll try and keep this simple and broken down into what I know. To start I am running Windows 10 on a Cyberpower PC that I purchased about 3 months ago. As briefly as I can be I use this PC strictly for iRacing and use only a limited number of applications that run along with it. I use Chrome as a web browser which is pretty much just familiarity and a preference. This whole adventure started when the command prompt opened on me in the middle of a race. I noticed in the task bar following this race that Internet Explorer and Chromium were there. Not thinking too much of it as this was the first time it happened I unpinned them and continued what I was doing. This happened again several hours later and I got to investigating this Chromium deal. I am now familiar with what it is and how it works and I also learned more about Electron and how it operates some of the apps I use such as Discord and Simracingapps. More familiar with how this all comes together I continued with trying to get these apps removed. Im almost positive I had uninstalled Chromium via the command prompt and a hidden folder in This PC>Windows(C:)>Users. I also took a second look at SAntivirus which is my fault for not noticing sooner and I found out all about that.. I followed instructions to remove SAntivirus by rebooting in "Safe Mode with Networking". The following step is to download and install Malwarebytes. As there seems to be no way to connect via WI-FI in this mode (which is currently all I am able to use) I downloaded on my Surface and tried to install but it still needs to download during this time so I could not do so. I went on to the next steps as they were 2 more removal softwares so I figured leaving one out would be just fine. These were HitmanPro and then Adwdefender. Following the instructions to reboot after the Adwdefender scan all I booted to was a black screen. I restarted using the power button on the tower out of frustration at this point with this already being a 4 hour headache. When I powered back on I navigated back to where I was given the options that included "Safe Mode with Networking" and others. Since I was familiar with that one during this process I chose it. Boot to black screen. Reset again and believe I chose the startup troubleshooting after finding it and chose some type of boot recovery. This is where i was starting to see red so I cant remember exactly and I dont want to really do much else on here using that route unless instructed to do so. But that sounds about right. This went through and finished and the pc booted and I am at my desktop and logged in. Now whatever it did to recover gave me a sigh of relief but now I have the apps that I originally started this process to try and remove(Chromium and SAntivirus)back again along with 2 or 3 others that I have decided not to use and had previously uninstalled. All I want is Chromium off of my computer for good. I'm sick of saying the word. I'm sick of looking at it. SAntivirus Realtime Protection Lite off my computer for good. I'm already planning on being more vigilant for these things as the SA snuck in thetr on me. Also using all three of these softwares in the future to help me do thst... if Malwarebytes doesn't hang up on installing that would be great too. Seems I'm at a point here where I can try this all again with some of your help. Thank you for your time, Ryan
  22. Anybody have any suggestions? This thing is altering all antivirus and malware removal or blocking downloads. Factory reset doesn't get rid of it. These are from Farbar but nothing else will get rid of it. Addition.txt FRST.txt
  23. Recently I suffered an attack on my PC. I ran windows defender (the default option in Windows 10) and it identified a Trojan. This attack among other things, deleted a bunch of my files. I decided to try malwarebytes and it quarantined a bunch of files. However, I am constantly receiving notifications every minute about a website that malwarebytes is blocking time and time again. I am uploading a screenshot of this notification. What should I do to fix this? An unrelated question would be, can a trojan read pictures and identify words on a picture? Thanks!
  24. In Google Chrome on win 10 I cannot remove an extension for "SearchSpace" It says that my "browser is managed by your organization" which is not true at all. I own and am the sole administrator of my pc. The only 'organization' that it could remotely be referring to said he has no idea what it is and offered that it is some sort of adware... info that appears readily in a google search. Of course I went to Google who response is below but that did not work either as it said that I was not connected to a necessary domain that Group policy could not be changed. Google's response is below (see the black box response screen snip below (I had tried obvious things like uninstall download fresh chrome, use Malwarebytes, etc) I need assistance in removing this unwanted unauthorized possibly malicious bug.... Please help me... thank you in advance Hi Robert, Thank you for reaching out to Google Support. My name is Cece, and I will be further assisting you with your inquiry. If we can’t find a solution, I will collect feedback for our developers and give you any external resources that you might be able to use. From my understanding you are seeing " Managed by organization : even though your PC is your personal. I do understand your concerns you may have for this issue, and I will do everything in my power to help isolate this problem as I know how alarming it can appeal as. To resolve this issue on Windows: Download the Chrome policy remover. If you see a message saying that the type of file can harm your computer, click Keep. Right click it and select Run as administrator. Click Yes at the confirmation prompt and allow the process to complete. If you see a message saying that Windows protected your PC, click More info > Run anyway. I would also recommend that you carry out the following steps: (Windows only) Install and run the Chrome Cleanup Tool (Tell me how). Scan your computer for the unwanted software using recommended removal software: Windows: Malwarebytes, AdwCleaner, HitmanPro. Mac: Malwarebytes. Uninstall unfamiliar or suspicious extensions (Tell me how). Uninstall suspicious programs from your computer: Windows: Tell me how. Mac: Tell me how. Reset your browser settings. You can reply to this email to get back in touch with me, if you have any further questions, or concerns I can address for you. We are always here to help. Google appreciates our member's feedback. You may receive an email survey after a day or two about your recent support experience. We would love to hear from you!
  25. Dear Support Team, MWB have blocked some suspicious outbound connections (Related logs attached, I don't know how to provide a global log of all threats). After doing some research it seems that the responsible is a malware that got into the system after the execution of MCLeaksAuthenticator.exe. Could you please support me to get rid of it? FRST and Addition log attached too. Furthermore, I deleted the executable file and haven't tried to execute or download it again ever since. Thanks! Addition.txt FRST.txt MWBLog.txt MWBLog2.txt MWBLog3.txt MWBLog4.txt MWBLog5.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.