Jump to content

Search the Community

Showing results for tags 'hacked'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 25 results

  1. My computer appears to have been affected by a horrible case of fileless malware, enabling RDP services which may have installed a Clover Bootloader, android emulation Hyper driver, as well as phpmailer. Those are just what I saw from the browsing history. I cannot enable IPV4 DNS to communicate directly with the router. Each time I install any kind of software it spawns more processes and embeds itself further into the OS. I believe there a reverse proxy that’s routing it somewhere, I just can’t figure out what rules are causing it. The issue is very persistent, and whatever malicious toolset was used was used on two previous PCs and rendered them inoperable. The PC being used now is three or so weeks old, and is on its second Windows install. Recovery will not work and resetting does not work. The good news, if there is any, is that the file dates on this is the same as the initial set from last year so whatever is going on has not been updated since then. There are a lot of powershell manifest files on the C drive, various installed programs without installation files, and the /fixboot operation does not work. The Dism.exe seems to exacerbate the problem, as well as SFC. I’ve tried to update the drivers from the manufacturer’s site, but they do t seem to be able to coexist with whatever (software or hardware emulation?) is already installed and operating on the PC. It also appears to be grabbing other devices locally close by that aren’t on the LAN like the phone, TV, MacBook, etc. Accounts created and logged into the past few weeks have had settings changed, so there’s a keylogger as well. It looks like it started with a DLL hijack/proxy, then privilege escalation. The easy answer is obviously to wipe the machine, but I’ve tried that with a Windows USB. It doesn’t remove everything completely. It still uses the drivers and many of the programs from the previous version. It also maintains the Registry, which is likely the root cause. It’s pretty overwhelming, and I’m not sure where to start. Malwarebytes antivirus kicks up the CPU usage to 100%, especially when scanning the registry. It never finds anything, though. Thanks in advance for the assistance!
  2. Hello, I recently installed Malwarebytes Premium in April. I decided tonight I wanted to add the VPN. I followed the instructions to my.malwarebytes.com but there was not a "Add Privacy Protection" option on my subscription page. So I bought the VPN for 5 devices and assumed Malwarebytes would subtract the difference as it says on the website but the end result is I now have an additional Premium Account and License Key and instead of 5 Devices it is $59.99 for 3 Devices and still no VPN. Funny thing is now when I go to my subscriptions there is now an option to "Add Privacy Protection" and of course that will be another additional charge? Top it all off I a few suspicious emails one in my spam. Very strange behavior on my home PC and phone as well. Malwarebytes on my phone shows apps that have not been updated since 2008? And I'm constantly seeing some kind of Verizon stuff everywhere?? I don't even use Verizon services. There are so many things that have happened lately, I am just completely overwhelmed. Please if anyone can help I sure could use it. Thank you.
  3. Hello Everyone. I'm hacked with multiple hacking ways. A Malware infected to my Laptop with both svchost.exe and explorer.exe infection. I have deleted this for tenth times but its still downloading or creating itself. It was a hack tool for Point Blank (Its a online fps game). I downloaded it from www.sepok-cit.com . This site has too many good reviews and i believed them. Already I Tried a few ways to delte this sh*t from my computer but none of them worked. I TRIED: 1) Deleting its files (hidden files named as spoolsvc.exe , svchost.exe and explorer.exe) 2) Deleting it via regedit (from HKEY_LOCAL_MACHINE's windows and windows NT folders) 3) Killing it with RogueKiller 4) Deleting this with MalwareBytes 5) Deleting it with Kaspersky 6) Deleting it with Avast But none of them worked. I Tried also disabling Windows Update from services.msc . Its deleted in each steps i wrote but its reinstalling (or recreating idk what it does) itself everytime i reboot my laptop and SHOWING IN TASK MANAGER WHEN I LAUNCH POINT BLANK (game that i want to hack). POINT BLANK LAUNCHER is TRIGGER of it. Its origin location is Windows/Resources and Windows/Resources/Windows. PLEASE HELP ME. IM LOSING MY MIND!!!
  4. Last week our network was hacked into by an unknown party. Our firewall was open for remote connections to allow a firm that is performing major upgrades to our Microsoft Dynamics ERP software. Prior to this project, I set up a VPN connection on our Sonicwall firewall device and both myself and the local office of the firm doing the upgrades were able to log in successfully. However, the firm doing the upgrades has a team doing much of the work from India. The folks in India insisted they were unable to connect via the VPN and had to use a much less secure route. Yes, this should have been a major red flag, and I was very reluctant to allow this and suggested that I send them copied of the VMs and they work on them there, and return them when complete. Nope, we can't do that, so yes, the fool I am, gave in and allowed unsecured access. While I can't prove who logged into system, I can tell you that they used credentials that only myself, and the above firm knew. You decide ! Last Tuesday, one of the office staff tells me at 6 am that she can't get into her exchange mail and I go to log into my system to take a look and would get disconnected after a few seconds, over and over. I finally log in as the administrator and see someone logged in as me from a client that was not ours. I quickly ran to the server room and pulled the internet feed. I found they had left open multiple windows on a couple servers running commands and changing firewall rules. I also found they installed an IP scanner on one desktop and had it open as well. They successfully installed ransomware which wiped out a couple of our servers that I use for backups. Thankfully, they didn't get to all of the backups and tapes, and I was able to get us back up in a day or so. One thing that I found disturbing (well, even more disturbing) was that they uninstalled our Malwarebytes Endpoint agents, allowing the damage to be done. So, here is my question, can the Malwarebytes protection be made uninstallable or unable to be disabled by anyone, even administrators without a unique password, or special code specific to this purpose only? If not, maybe this is something that can be looked at.
  5. I am not positive but I think my laptop may be compromised. Earlier today it was running slowly so I ran an ESET scan and it discovered two viruses which it deleted. Then a short time ago when I attempted to login to my laptop my login Password was not recognized. I could only access my laptop via my pin number. Any help on this would be enormously appreciated. Thank you.
  6. Hey everyone, I've recently been hacked on a video game and I've been trying to figure out how it happened. I didn't think it was a virus because I only use my windows to play that one game and I don't do anything else on it really. It is also scanned regularly by Mcafee internet security. After this hack, I scanned my mac with Malwarebytes 2 spigots came up but after googling I don't think they were able to keylog me and get my passwords but I am not 100% sure what a spigot is. Now my windows lol. Scanned it with Mcafee one virus came up called like a JTI/Suspect! I quarantined and removed it. Scanned it with Malwarebytes and 882 threats detected many were PUPs but a lot were also called Malware. The computer seems to be running a lot faster, but I have three questions. 1. Am I safe now? 2. Is Mcafee really that trash it missed 881 threats? 3. I have also been getting a lot of attempted logins from different countries on my email when I check recent activity. None have been successful. Is that related? Thank you, everyone, and hope you're having a great Thanksgiving!
  7. Total newbie here and honestly overwhelmed with this new computer and home network... Brand new Lenovo T480 came with 10 home, wanted to upgrade to 10 pro which I had already purchased on a different machine that is no more Get in touch with Microsoft and they finally agree to do it for me without charging me the upgrade fee again. After a second the guy comes back and says that they are not able to upgrade the current 10 home on the laptop that they will have to do another install to get 10 pro ... I said fine because this was going on 5 hours with them online ...after they were done and I rebooted everything was gone, all the Lenovo stuff, apps everything (I should rejoice I know) but I wanted exactly the way I purchased it. So I overlooked it... but here comes all the problems. I can't simple things done on here and I'm afraid to put it in my network because it looks to me as if there is some kind of clone or spyware or something just doesn't feel right.... I am new to posting on here but please don't treat me like a 5 year old nor some idiot paranoid like my neighbor Twitch... Thanks for your help! FRST.txt Addition.txt
  8. Was running beta on a laptop for a while, but a few weeks ago, everytime we clicked to open a browser (in-fact any of the browsers. chrome, firefox or IE), malwarebytes exploit warning popped up. So I ran a number of full scan virus checks including the latest Malwarebytes version and found nothing, so decided to temporary disable the exploit detector. I have since discovered that this user's account was hacked on that day, I've reran the scan - nothing found and reabled the exploit detector which no longer shows any warnings. With the warnings appearing when opening a browser - what does this actually mean?
  9. Today, after installing comodo internet security, i tried opening comodo secure shopping, but it said So i cannot go any further until i terminate it. I cannot terminate it, i don't know how to. I have tried selecting "Do not allow remote connection request" setting(it was already selected). I haven't tried remote connecting to anyone over the internet recently; i can almost say never. I only youtube at most. Before this, malwarebytes and avira has not picked it up. I have been suspicious of things lately with my overall digital experience. I wish to get to the bottom of this; preferably very fast before the culprit/whatever pulls out if he/she is reading this very post. Thankyou.
  10. Hi, I believe I was recently infected by a virus of some sort. Since a few days ago, my laptop (Microsoft Surface Pro 4) has been playing up: 1. A lot of the time, it will be running on 80-100% CPU and the laptop will be extremely hot and the fan will be very loud. When I check to see what it is that's using up the CPU it is mostly 'svchost.exe' in a folder called SysWOW64. 2. The laptop has become very slow as well and it will take a long time to open folders, etc. 3. Sometimes the laptop will crash and a blue screen will appear saying 'CRITICAL_PROCESS_DIED' and it will restart 4. I have malwarebytes installed, and when I start up the computer a lot of the time a box will pop up in the bottom right corner saying that a website has been blocked even though I haven't even opened the internet yet. The domain is 'de-mi-nis-ner.info' which seems dodgy. Please help, I don't know what to do. I have scanned it many times with Windows defender and Malwarebytes and they have both said there are no viruses. Thanks in advance!
  11. There is a small dotted line at the top of my Screen just below the edge and it runs the length of the screen. Furthermore tried to upload antispyware and system deactivates and tells me that I cant continue
  12. I accidentally clicked on a shady link a few days ago and since then my computer has been acting funny. About an hour after I clicked the link , I got emails on all 4 of my Gmail accounts telling me to "resolve 1 security issue found on your account... We've upgraded our Security Checkup to strengthen the security of your account".... not sure if that's a coincidence and was automatically sent by google because they upgraded their systems, or if someone was trying to hack into my account or something.... Today, my computer restarted by itself and when it came back on it was running very slowly with physical memory running at 97% , wouldn't let me open any programs because it was just loading constantly and had two programs called HPSF.exe running at the same time that i'd never seen before.so i booted into safe mode and ran adwcleaner. It found a Pup.Optional.Legacy file located in C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\qethsoqa.default\invalidprefs.js when i try to clean it with adwcleaner, it first tells me "Caught Unhandled Unknown Exception; terminating", then it starts to clean but stops at about 30% and doesn't progress any further no matter how long i wait I ran a threat scan on MalwareBytes (free edition) with Rootkit scan enabled, but it didn't find anything. I've read that Pup.Optional.Legacy can be a keylogger, so I'm kind of nervous... Please help!
  13. My ransomware protection has been turned off and I can't get it to turn on!!! Can anyone out there help me get this problem resolved???
  14. I've been trying to disinfect/secure devices since 8/16. I've had them professionally "cleaned", wiped twice changed ISP, changed carriers, replaced router, finally disconnected home internet, and replaced devices. Yet, I am still infected. Oh, add to that ID theft, mail theft, bank fraud, credit card fraud... yep the whole shabang. Ive tried every reputable AV/AW/Security software I can find, including Malwarebytes Premium Home Edition, and Malwarebytes Antiexploit. As with every other AV/AW, it was disabled/altered so it became useless. Yesterday I discovered I have a RAT problem, along with a "Signal Catcher", and something called "Watchdog Finalizer Daemon" - this is on my new smartphone. I also have literally hundreds of active ports while my mobile data, wifi, and Bluetooth are set to off. Oh, you may need to know this, the day after I got the new phone it went into Odin mode. A warning popped up saying if i downloaded a new OS it would void my warranty, then it began to download. I couldn't stop it so i removed the battery. After putting the battery back in I booted into recovery and reviewed the logs. - I have hundreds of logs, available on request, dating back to my initial MBAAM scan in 8/16. If you would like this information I'll share it, otherwise I will patiently wait for a reply. One more, possibly important, thing... My new Win 10 computer now has a beta version of GNU Grub. I did not install it, or the other delightful programs cluttering my harddrive. I appear to be booting into a VM, and the wipe and clean install failed miserably. Thank you in advance for your assistance. traces.txt 0_dumpacore_android.process.acore.txt 0_dumpacore_com.android.systemui.txt
  15. I have been working on various console programs for clients and servers. But when I booted up my pc this day and ran one of my console applications it did nothing. A waited for a while and suddenly this popped up: Windows Error Reporting Message (WerFault.exe) Also I looked into Task Manager for something weird and I did: Modified conhost.exe So I think that a virus corrupted the console host application and broke my whole PC. When pressing cancel the last thing that pops up is this: Console Application Crash Error But without the good conhost.exe I can't do anything on my PC. Any help is appreciated.
  16. Sorry for the melodrama but I've been in an endless chase for two months throwing evwrthy I have at this. I think I have a rat and the rat has, changed service drivers to initiate small hidden or encrypted partitions on my hard drive to run, I have formatted my ssds and HD about 20 time only to end up getting the same issues, strange mislabeled tasks running, losing admin rights, having my email and account pawwords changed, I'm even installed win 10 pro to control my settings strictly only to have them taken away after connecting my pc with fresh install and formatted drives to the Internet and losing all everything once again as the screen frooze and crashed with new parimaitora of of hiring CTR alt del to log in. I also think my router is ruinned , it a fios and my cell phone are screwed after getting a new in 2 Days it's full of apps and stuff I didn't download as I didn't set up a single account yet I really on the verge of giving up, I shot heroin for 9 years and did three in prison and that was no where near as frustrating as this. This is my hobby and has help to keep my clean for years and now it's gone
  17. Hey, someone I know knows almost every move I make on my laptop, I can't seem to figure out how. Will somebody help me out with this HijackThis log? I'll wait for a moderator or someone before I post the log itself. Thank you! It'd be very much appreciated! Also, is there a way around a MAC Address filter on my router? I put one up to stop this guy from messing with my router settings and it show that he was on the network like 5 min ago, I was wondering if my MAC Address list is enough to keep that idiot out of my router settings page? Thank you.
  18. Hi So last night i was an idiot and trusted someone on my friends list on steam and so I clicked a scam link he sent me thinking it was legit. I immediately realised my mistake but it was too late as he had already had access to my account and i was kicked out of steam and couldn't log on again. I then panicked and checked my e-mail address linked to my account, only to find that all my emails had gone and the only thing left was 1 folder from years ago. I then went onto my McAfee and completed a full scan only to find that nothing was detected. Anyway I then shut my pc off because I was worried more info would be leaked to the hacker, I then went onto a different pc and changed my passwords of my E-mail address and did some research. After hearing about malwarebytes I booted up my pc and ran a scan and malwarebytes found two files and one was called Backdoor.bug and was made out to be a legit file from valve. So I was just wondering if anyone could tell me if I need to do anything else to ensure my pc is safe, I suppose I could re-install windows but is there a better option? or am I fine after using malwarebytes? P.S. I am really impressed with malwarebytes and will be purchasing premium as it saved my ass
  19. I have the Free version of Malwarebytes, while looking through the settings i clicked on web exclusions. I see 2 ip adresses that i do not recognize and i know that i NEVER added them or allowed malwarebytes to add them. I cannot remove them from the list because i have the free version. Should i be worried? Are these being skipped because they are in the list? Here is a picture of my Malwarebytes and the IP's that added themselves. Are they viruses? What can i do, i'm scared. Picture: http://gyazo.com/9c5...67aa3251f7992e1
  20. any help or insight will be greatly appreciated I got baited into getting malware on my fb account. They posted things on my friends and groups walls without my consent. I cant find this app on my app list but it can be seen on my activity log I cant delete the comments and posts made by this malware pics of the loading screen before i open my activity log on FB () and the log itself () attached this is the site where i was malwared http://claim-riotpoints.blogspot.com/ <- pc newb, downloading bitdefender and avast at the moment pls help, THX
  21. I have been running premium for almost a year with great results. The other day I received a fake Java update notice (with the Java icon and everything". I clicked okay and started installing a bunch of crap, disabled Mbam and now it won't run. Tried uninstall re-install in safe mode even purchased a new Mbam premium down load and can't install it. Multiple run time errors during install. Mbam won't launch upon completion and several redirects to fake "your system is infected ransom sites". They What to do?
  22. Desktop Compaq Presario CQ5300F, Windows 7 A client fell for the phone call, with the strong Indian accent, supposedly from Microsoft, and released control of her computer to the hackers. She does not have the recovery disks. When Windows starts, an old-fashion window - looks like XP, if not 98 or 95 - pops up asking for a password. Using Ubuntu, I was able to back up the important files, The recovery partition is present, I do not know in what shape. The client is willing to reset the computer to factory settings. When I press F11 after powering the computer, instead of bringing the Recovery Manager, I am asked for the disks which I do not have. Going to the "Rebooting to last known configuration" goes back to the same as hitting F11. The BIOS looks fine and password is not set up. Any suggestions to 1) access the Recovery Manager 2) Using Ubuntu, find the routine/code that is asking for the password and disable it 3) Or???? Note: I will be looking into "How to install Windows 7 without the Disc," however faster/easier solutions would be greatly appreciated. Thank you for your help, Franou
  23. I was directed to this forum to seek help. I got hacked on an online game(Mabinogi) and I'm not sure how. I can eliminate the possibility of someone knowing my password because I did not share it with anyone. You log into the game with ID and password, then a secondary password that you push in through clicking a virtual keyboard. I'm guessing I was hacked through something in my computer. I scanned my computer with Malwarebytes and saved the log. Do I PM it to one of you guys?
  24. new to all this, want to find out what is the best and most absolute way to know if my computer has been in anyway, shape, or form been compromised? been seeing strange things on it and strong hunch that it has. any help would be greatly appreciated.
  25. An iLon SmartServer 2.0 made by Echelon that I am managing has become extremely slow and many times unresponsive altogether. In addition to that I have found several suspicious watchdoglog.txt files in the FTP of the server -- suspicious because I don't have Watchdog on any of my machines, and I'm not sure this server comes with any Watchdog software. My fear is that this server has been hacked, or hijacked. This is a small SOAP/XML web server designed to allow remote monitoring and management of a building control network (lighting, HVAC, etc.) It supports .NET and Java development tools. I have already reset the server to factory default settings, but the old watchdoglogs remain in the FTP, and it still behaves in the same manner. At the same time I changed the FTP username and password. Pinging the server IP checks out normal, but when trying to connect in any browser it often will time out and fail to load. Intermittently it will connect, but becomes unresponsive at some point. Building IT personnel guarantee that its a solid high speed internet connection. Since this is not a PC operating on windows, I wouldn't know how to go about removing any malware or harmful code. Any guidance on finding and removing harmful code would be much appreciated. If there is a quality forum better suited for my problem, I haven't found it yet. Please direct me there.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.