Jump to content

Search the Community

Showing results for tags 'MALWARE'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello, I installed Malwarebytes free to run a scan. These same 10 issues keep reappearing after I have already quarantined and deleted them multiple times. I'm not adept at computer security, but I am wary of these issues as they may pose a threat to my privacy. Findings From Scan.txt
  2. Hello, I just ran a full scan on my system, and the results returned a file located in my Binding of Isaac's game files as, "Malware.Heurisitc.1003." I believe this is a false positive, but wanted to get some help in determining this anyways to be on the safe side. I've attached a screenshot and an export of the scan's report below. If I could have a staffer or tech look at this and get back to me soon, I'd appreciate it. Thanks for your time, and I hope to hear from you very soon. Isaac Malware.txt
  3. I found that my youtube account search history is suspicious and some scam videos are played (i attached all screen shots). I think I got this malware when i try to download a cracked game and also i am attaching that virus files in zip and its password is 1896, also those videos are already watched and i cant find anything while scanning through windows security so if any one know solution to remove these malware please help me out. 3DSMAX_activated.rar
  4. I just got infected by miner or malware as tittle said.My cpu goes high untill i turn my task manager.I cant open any antivirus software sites because of the infection (including malwarebytes).Any solutions can help me to get rid of this malware infection?
  5. Hello, Well I've Created This Topic To See Which Is The Highest Number of Infected Registry Keys, Folders, Files etc. I'm Really Careful With My PC As A VB Programmer. My Highest Is 5 (3 Folders; 1 File, 1 Reg. Key) And Of Course I got Rid Of Them Thanks To Malwarebytes Anti-Malware . My System Hasn't Been Infected For 5 Months. But, Some Friends of Mine Are Not Careful At All, The First One I Visited Scored 372 (Full of Trojans, Rootkits etc.) and The Second One Scored 653! (Thanks To God Only 3 Trojans Found, The Rest of Them Were PUPs) And The Last One 582! (Every Type Of Malware Was In His System, I'm Surprised It Could Boot!!). Well, What's Yours Highest Infection Score?
  6. I have reoccurring malware returning in the form of Google Chrome Extensions. Titled 'Ultra' and 'Mouse' they keep getting detected by Malwarebytes and their root files are continuously quarantined, and back again time after time. I need assistance permanently removing this malware. Below I have attached a log of the most recently quarantined files. Thank you in advance. malware.txt
  7. I need help! I was trying to open a document from some company which I mistakenly trust, and it was an scr file. When i opened it nothing happened and then when i tried to google it i found out that it's dangerous file. I installed some anti-virus just now but someone said i should not do anything and unplug my net and get professional help.
  8. I have been using the premium version for about two weeks and this has never happened, but now today I entered to my email and suddenly malwarebytes started blocking every google service, like youtube, google search and even gmail I already installed adwcleaner and also scanned my computer with malwarebytes premium and I got nothing relevant. scan results malwarebytes 10-51-am-09-21-22.txt AdwCleaner[C00].txt AdwCleaner[S00].txt
  9. Hey. So, this has just happened randomly right now, I opened Google Chrome and I was met with tons of Malwarebytes notifications blocking Google related websites due to malware. Most of these websites don't have domains, they just have IP addresses. But, if they do have domains it's just google.com, accounts.google.com, etc. I've been using my computer and Google Chrome all day and this has just happened now. I've attached 2 images, 1 showing my detection history and 2 showing an example of the pop-ups I'm getting. Elise
  10. Today whenever I have had numerous pop-ups saying a site is blocked. Not sure if all the same (I will check) but it says Client.I.googl.com with IP 142.256.46.78 Is Google tracking what I am doing?
  11. Hi , first time user on here and I really hope that someone can help me. Every time I open up a browser rather it's Google chrome, Firefox or ECT, I get the same RTP detection happening event details malware. It just started today. Everything was fine until I woke up and noticed the notification keeps popping up. I mainly be on YouTube so it was very weird. Then I decided to open another browser up and the same thing started to happen. Can someone please help me with my problem. Thank you!
  12. Hey! Id highly appreciate some help. Yesterday i noticed that something changed my base search tool in firefox, then i noticed that i have a web companion on the computer that i had no idea about, looked suspicious, removed it instantly without any problems. Then went to windows defender to check for threats, and i was notified that the "IT Admin" in the network modified the access to it. - i didnt download anything for months atleast - im not watching *things* on weird, half-legal sites full of ads and popups. - no school or work account/network connected -I tried everything that i found on the internet, nothing helped me so far. - i tried microsoft safety scanner - no virus found - malwarebytes : no virus found - avast: no virus found - edited group policy, regedit, fixed hidden UI stuff, didnt work - tried all the powershell and cmd things with scanning, repairing, healthrestore, everything. Tried to get new files for windows defender and merge them. - tried these in safemode, unlocked the hidden built in admin account, tried all the above mentioned things, nothing worked. At this moment Malwarebytes protects me in theory, but if i turn it off i still have no access to windows defender virus and threat protection. And at many settings in the system it shows me that i dont have the rights to modify them. (In safemode i have access to virus and threat protection, but if i try to start it, it starts, but makes no progress at all.) What should i do? Id prefer not to reinstall the whole computer, since i have a lot of stuff on it and no place to save them to, also, getting all the softwares, drivers, etc back would be a pain.
  13. Me again with the same problem, but more cautious with this situation Well, it turns out that this rootkit has changed the access logic to a file/folder location Going from this F:\Los archivos\Shiro\Error1\Nueva carpeta 2\Nueva carpeta 1\Nueva carpeta 2\Nueva carpetads 1\Nueva carpeta 2\Nueva carpeta 3\Nueva carpeta 1\Respaldo\Escritorio\ \jjjjjjjjjjjjjjjjjjjjjjjj\beat\things\johnis\got_the.htm\Nueva carpeta 1\todooo\1\Nueva carpeta\15.1.2022 To this F:\LOSARC~1\Shiro\ERRORN~1\NUEVAC~2\NUEVAC~1\NUEVAC~2\NU3CD5~1\NUEVAC~2\NUEVAC~3\NUEVAC~1\Respaldo\ESCRIT~1\9DEC~1\JJJJJJ~1\BEA157~1\things\JOHNIS~1\GOTHER~1.HTM\NUEVAC~1\todooo\1\Nueva carpeta\15.1.2022 Well, knowing this, I would like to clarify the following I have this problem on a removable hard disk The hard disk has damaged physical sectors, so the maximum that can be done and allows, is to move, copy and delete files, but being damaged, such a simple process of copying 1GB to another location, instead of taking 20 or 40 minutes which is normal, it can take up to 15 hours or even a whole day That said, doing a scan with the programs that are always mentioned in these situations, is impossible due to the deteriorating processing of the hard drive I know that the hard disk is infected, but the malfunction is not due to this rootkit and I know that I should not run any .exe as it is infected, the rest of the files are not and can be saved. By the way, this problem is only the file location path, but the name of those folders are normal. While the folder is named "Los archivos", in the path it comes out as "LOSARC~1" The question I have is, how to fix the file location logic? I have this problem on my PC, but in a smaller amount I am making a backup to clean the files, the malware is always contained in a process that I suspend, so it avoids contaminating other processes and neither propagate In these years I have understood how this malware works, how it works, what it does, how it spreads and how it acts, so I can contain it, but currently, it is impossible to destroy it since the windows logic is damaged I will reinstall windows with the patches that AdvancedSetup told me and I will take many precautions to avoid another infection Here is a brief introduction to this topic in my previous topics: https://forums.malwarebytes.com/topic/280985-the-powerful-trojan-sality-sinkhole-v2
  14. I am unable to open Malwarebytes, Avast, VirusTotal, McAfee(Would never use), Kaspersky, etc. I have downloaded Malwareytes of Techspot to get around this issue, I have removed around 30 trojans, malware, and backdoors but I am still unable to open the Malwarebytes main website. I try updating the Malwarebytes application but it says it cant connect, Malwarebytes also detected that the Windows Update had some issues and when I checked the windows update said, "Something Went Wrong. Try to reopen Settings later." Something had installed 7Zip 2 days ago which I have removed. My youtube account had also been hacked and a "Valorant Hacks" video was posted on my channel (this is now unlisted). How do I fix this, and is it some malware causing this? I had just recently reset my windows from a different malware attack because I have not restored my subscription for an Anti-Virus. Update* After trying to use the support tool to update Malwarebytes it cancelles after it finishes updating.
  15. Find attached file. Original download site http://forums.winamp.com/showthread.php?t=458120 winamp59_9999_rc1_full_en-us.zip
  16. Hi Malwarebyte Forum, Just before anything else i just want to thank anyone for spending your time to read this post. I Just wondering if someone can help me with my current issue where someone remoted access my laptop, trying to use my paypal while i'm away from it. I'm not sure how long this person have acess to my laptop or if he have install anything malicious on my system but the one thing i know is that malwarebyte detect that someone trying to use Netsupport Manager specifically "Client32.exe" to remote acess my laptop. I came to this conclusion because this is not a new issue on this forum because i stumble upon an old posting: To futher give you guys more context to this issue malwarebyte also notify me ever 5-10 minute that my computer is pinging or somone is pinging my computer from this specific domain and IP through "Client32.exe". Here the attachment that i follow from the last posting about thiss issue where i need to provide a few attachment which i will link down below. Addition.txt AdwCleaner[C00].txt FRST.txt Malwarbytes Scan.txt
  17. This virus or malware I have keeps running a cmd panel and closes my chrome tabs. After that my default search engine switches to bing. I've ran multiple virus scanners and one of them said it might be a DNS Hijack. I've tried a ton of things. I've ran adwcleaner and it seems to not find anything. I did microsoft offline scanner which cleaned it for a few minutes, then it just came back. adwcleaner dosen't recognise anything for some reason. I've even deleted it from task manager and control panel. I don't know what to do and I feel it might be taking my information or trying to send me to a phishing website. adwcleaner found 8 total detections and quarantined and cleared them. I don't have the log for the detections but I think I remember a PUP file in there, but it could've been unrelated.
  18. All this started when i was looking for cheats/Trainers for a game i was playing. Turned out that trainer was a malware. This malware redirects all my Chrome search bar searches to http://ursearch.net. which according to Google is a malware redirect. I have done everything YouTube videos have told me to do. The solutions i looked online always lead me to download or buy dubious software (Spyhunter, Hitman Pro etc. ) which , as you guessed it, does nothing to remove this malware. Yes i have Windows Defender and MalwareBytes which are useless so far. What makes this malware unique is that it sticks to my Google account. I have cleaned the cookies, history, autofill, passwords, extensions, basically every human trace on my google account in Chrome browser. I have even uninstalled and reinstalled Chrome. But no matter what, my clean uninfected Chrome browser gets infected the moment i login with my google account. I am sure this is not a device issue, since when i login to chrome at my work place computer , the malware comes along. The same with laptops. I could come to your house, login to your Chrome browser with my account and bring this malware to your device. How can i remove this? Is deleting my google account the only solution?
  19. Hi, This is going to be a long description so please bear with me. Yesterday(On 30th May 2022) at around 5 pm, I downloaded a software "GCleaner" which turned out to be a Malware app. I immediately disconnected my internet after I realised that it's a Malware. My anti virus didn't detect it earlier. But after some time, when I connected my internet connection, I started getting a notification from my antivirus saying "Threat secured, We've safely aborted connection on 104.155.207.188 because it was infected with URL:Blacklist" and my pc got into an unending restarting loop. It's stopped restarting when I deactivated my antivirus and disconnected the pc from internet. Then I searched for the malicious app in the control panel but it was not listed there. I searched on Google regarding this malware and found that it's probably a rootkit malware. I found some relatable posts in the community asking us to install FRST64, AdwCleaner, Malwarebytes. I installed all those apps and run FRST first and In the FRST and Addition files, I found that exactly at 17:07 some files were created in my pc which are highly questionable. I then ran Malwarebytes and found some malwares detected in my pc. I quarantined them and ran the scan once again. I didn't detect anything this time. After that I ran AdwCleaner and found out that there some PUP.Optional.Legacy Trovi.com virus in my Chrome browser. I tried quarantining them. I showed that the virus has been removed but when I scan again, I found out that it's getting detected once again. So, I had to manually remove it. After all these steps, I ran FRST again. But I found the questionable files were not removed. This time I tried removing them manually in the explorer. All but 2 of those files were removed. One of the file was 4y63267.sys and it was situated in the System32\drivers folder. This file is read and write protected so it doesn't delete even using cmd in safemode. Everytime I tried deleting, it shows Access is denied. I even tried TronScript, Unlocker and boot disks to delete it but this file isn't even detected there. Another file is in System32\Tasks\Service. Please help me remove these remaining 2 malwares. I am attaching all the latest scan reports here: Addition.txt FRST.txt Malwarebytes Report.txt AdwCleaner.txt
  20. Hopefully someone can help me to determine if my computer has a security issue. Yesterday morning, Malwarebytes blocked 25 attempted outbound connections during a time that I wasn't using my computer. Info: File: C:|Program Files (x86)\Google\Chrome\Application\chrome.exe Category: Malware Port: 443 IP Address: 143.198.230.234 Type: Outbound Connection Here is the detailed log information. Any help would be greatly appreciated. Thanks. -FinnyD Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 5/30/22 Protection Event Time: 9:30 AM Log File: d7aa8012-e035-11ec-86fd-08d40c8bc701.json -Software Information- Version: 4.5.9.198 Components Version: 1.0.1689 Update Package Version: 1.0.55574 License: Premium -System Information- OS: Windows 10 (Build 19044.1706) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: IP Address: 143.198.230.234 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  21. As soon as I insert my hard drive (corrupted with some pirate softwares but cannot delete, too slow), it installs the same pirated software directly onto my Applications folder, every time without fail. Then my cursor kind of becomes laggy and some bits on my google chrome (scroll, select and etc) gets modified on its own. Right now, it's fine since I've disconnected the hard drive forcefully. I'm not so sure how to go about this since it stores many of my important history of work, other files and so on. Will I even be able to retrieve those files- or will I ever be able to fix this corrupted hard drive ever? Previously my macbook pro was incredibly slow until I found installd on Terminal, running the CPU up to 235% or something similar like that and everything was fine after having had it force quit. I also wonder if your product can detect any mac bootkits/rootkits. If they exist also on mac os.
  22. Lately, I installed a shady .exe. My info was all stolen, but i have changed all my account passwords so I think I am fine currently. But lately like every 12 hours im getting a RTP detection like Riskware, Adware, Trojan. I need help.
  23. Hello, I have just done a malware scan where 8 items were detected but few of them failed to be removed. I want to remove all of them. Below I have attached the scan Report. Scan Report.txt
  24. Can anyone confirm that MWB premium protects from the infection methods mentioned in the articles quoted here. I am most concerned about the "file-less malware" that can hide in the Windows event logs, and gets executed and is then obfuscated. I understand from the Kaspersky article that it often starts with the download of an infected RAR file, so hopefully the first stage can be easily covered? Here is the initial article: https://www.techrepublic.com/article/kaspersky-fileless-malware-windows-event-logs/ This one is the in-depth initial report from SecureList that it references: https://securelist.com/a-new-secret-stash-for-fileless-malware/106393/
  25. Hello. I never thought it would happen to me but guess it did. Yesterday afternoon i turned on my computer only to get greeted by a popup after it would boot into windows. The popup stated: "You are about to be logged off. Windows has encountered a critical problem and will restard automatically in one minute. Please save your work now.". I am quite experienced with using computers but not that much around this malware/virus category, i knew that it was some sort of malware from the start, the source of it i am unsure of though, mostly because i havent been downloading anything or opening any weird emails, i dont really get those anyways for the past weeks. I do have BitDefender installed but i had no help from it or any sort of prompt regarding this issue. After 1 minute the system either reboots and gives me the same error over and over again or logs me off and then i get the windows screensaver having to reboot manually in order to try again. During this time i cant open anything, task manager or any sort of program, nothing. Canceling the restart with commands doesnt work either. Also during this 1 minute, the options "Restart" and "Sleep" are greyed out, i cant press on them. What i truly find weird is that sometimes instead of getting me straight to windows i get asked for a password although i never set a password. Funny enough the password is "pass" but the problem is that by the time it actually gets to the desktop the minute passes and it restarts. It is worth mentioning that the first couple of reboots i did NOT get that lock screen asking for a password. After around 6/7 restarts it happens. Also sometimes it appears sometimes it doesnt. I am currently running Windows 7 because the hardware inside is meant to be machine that can play 2000's games without any compatibility issues. I am aware support for Windows 7 is over and that Windows 10 is safer. As far as i know any MalwareBytes software cant run off an usb drive, please correct me if i am wrong, i am willing to try it because it had helped me in the past. I will list what i have tried so far and did not work: None of the Safe Modes works, i get the same popup foillowed by the restart Opening task manager and it crashes like all the programs that i try to open In the 1 minute that i have find the "Auto-restart" option that Windows has and uncheck it and it doesnt work Most CMD lines that i tried do not work or aren't able to be completed due to the limited time I have tried booting the Kaspersky Rescue Tool which scanned all the drives in the computer, found some viruses, removed them and the problem persisted I have tried booting the Avast Rescue Disk and it didnt boot at all I have tried using ESET SysRescue Live tool and out of all the tools i used this one seemed to take a deeper look trying to find malware, i have used it mostly on the C drive and part of the second 2 drives and it had found nothing, the problem persisted I am currently using Avira Rescue System i have started a whole computer scan and i will check it when i get home although my hopes are pretty low at this point I cannot run any exe on inside windows, all the software that i have specified above were directly installed on a usb drive as an .iso. I am looking to either fix it temporarily and installing windows again when i have some time on my hands and finding out more about this issue if possible in order to well learn more about this part of computers and how how to avoid it.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.