Jump to content

Search the Community

Showing results for tags 'infected'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 44 results

  1. Hello, as described on the "I'm infected" topic (https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/) I did all the indications, I now need help to know what to do please. The laptop has been very slow for a long time but I want to clear everything now, basically when I make an analysis with malwarebytes or kaspersky antivirus or any softwares of this kind it doesn't find anything, but I see it: the pc is very very slow and isn't too old, on top of that it has great components (nvidia 740m, intel core i7 etc...) that's why after doing some research on the subject I think it's a rootkit. Using hitman pro too, on a random automatic daily analysis it has managed to found a threat, that I couldn't delete, that neither malwarebytes nor kaspersky found afterwards. Please help, the files asked for in the topic should be uploaded, thank you for your attention I hope the problem can be solved, thank you again. Addition.txt FRST.txt Malwarebytes.txt
  2. I recently noticed my paid subscription to Malwarebytes kept crashing partway through scans. I also have avg paid full protection and somehow I still got infected even though I’m very careful and clean. Avg cannot detect either, both on max settings. Went to safe mode, cannot run windows defender scans, cannot run avg, Malwarebytes cannot detect anything. Really need help cleaning my machine, please help!! No downloads or extra files and cannot find a virus although I’m a novice at that.
  3. HI, Few hours ago my system got infected, I have read a lot of forums and have applied many tutorials to restore it, Most of it is restored as it was earlier installing many apps and shortcuts on desktops, that thing is gone now. What left is that it has infected sysWOW64/installshield/setup.exe which was trying to connect to some mining pools, I have deleted the setup.exe by becoming the owner of files ( apparently trustedinstaller was owner) After the setup.exe was deleted, now chrome.exe tries to visit some site which is blocked by Malwarebytes. I want to completely restore the system and would request the team to help me in this matter. I have logs of Malwarebytes, MB Adware remover, Farbar recovery. AdwCleaner[C07].txt AdwCleaner[S07].txt Addition.txt Fixlog.txt MB report.txt
  4. My computer has been acting bogged down for a little while but nothing too terrible but I've recently discovered my husband may have very well downloaded some type of virus through vuze. There are a couple of .exes in the task manager I can't identify nor end or delete (access is denied) but malwarebytes is turning up nothing. I also tried to uninstall vuze and it causes the computer to completely shut down and restart itself. The .exes that I've found and can't remove are exizkpasvc.exe, upkdwag.exe (multiple of this one), and vdhipco.exe. Google searches have turned up nothing on any of them. Where should I start on removing this stuff since malwarebytes is having no luck with it?
  5. Hi, I have downloaded OSX Sierra (10.12.6) yesterday from Hackintosh website, since I couldn't download it from the App Store. The file was 5.03GB. The installation went smoothly, installer and everything looked legit. When it finished I scanned the system with Malwarebytes. When scanning I noticed it's going through some weird items, and I don't know if they are on my computer or is Malwarebytes just looking for them on the system? It only goes through those files, nothing else (like documents etc.). List of items: Trojan.SteamStealer.CSGO Adware.OperatorMac Adware.Crossrider Adware.Mindspark Adware.The Player Adware.Kilim Adware.IronCore Adware.SnapDo Adware.Linkury Adware.MixPlugin Adware.Aqualious Adware.OneSearch Adware.VNPapps Adware.ExtensionsSystems Adware.Vidx/MacVX Adware.MySearch Adware.PremierOpinion Adware.Conduit Adware.FairyTale PUP.logKext Keylogger PUP.Jawego PUP.Hotger PUP.PCVARK PUP.NikoffSecurity PUP.WebWatcher PUP.MacRemover PUP.JDI PUP.Aobo Keylogger PUP.Award Keylogger PUP.Optional.Crossrider There were few other items, but it passed too fast for me to take the names. Also, I've performed full system scan using Avast, and BitDefender, but nothing came up. Should I wipe off everything of the disk, and get clean iOS, or is the one I'm using safe? Thanks
  6. Computer is running slow, something is posting desktop shortcuts to my desktop to the point it is over filled and the icons are just stacking on top of each other, weird ? missing files and can not access my downloads or my documents. Cant seem to locate music I recorded in my D.A.W. program Studio one 2 and that is most grim. Addition.txt FRST.txt mb-grab-errors.txt malwarebytes 3.txt
  7. Hello, I believe I am currently infected as I can't open MB when not in Safe Mode (analysis carried out in Safe Mode didn't identify any threat). I managed to get FRST to work in Safe Mode and got the following files. What should I do? Please keep in mind that I can't access this thread from my infected computer so provide direct download links. Thanks! FRST.txt Addition.txt
  8. Desktop is acting weird , files are systematically disappearing , can't access My documents or My downloads among many other things and for being a brand new build (AMD FX9590 4.7Ghz with 16Gbs 2400Mhz DDR3 & NVIDIA GTX 960) it is slower than watching paint dry ?? Please advise !! Thanks. FRST.txt mb-grab-errors.txt
  9. Hiii..... I done a full scan with current anti-virus but it didn't really detect anything. So I tried to download Malwarebytes and other anti-virus'. then downloaded mbclean and it creates a log. i downloaded MBAR it says registry value appinit dlls found it caused by root kit activity,restart to remove this value, the i click yes could not load dda driver reboot to install dda driver then it says dda driver install unsuccessful and i started scan in recovery mode but nothing happens. i tried to install malwarebytes using mallwarebyteschameleon "an error occurred while creating a file in destination directory" check screenshot please check the logs frst.txt addition.txt mbcleanresults.txt mbar system log.txt mbcheckresults.zip Addition.txt FRST.txt mb-clean-results.txt system-log.txt mb-check-results.zip
  10. Hi, I've run into a Trojan that I am having difficulty removing. The issue arose after allowing my son to use my computer (first mistake). He disable protection and downloaded a program file and installed it. To nobodies surprise (except my son) the program was infected with some pretty nasty stuff. I will spare you all the bloody details and cut to the chase. I am running Windows 7 Ultimate 64. I use Malwarebytes (MWB) daily on startup and have Microsoft Security Essentials (MSE) for real time protection (I know, I know - but I don't do anything high risk online except let my son use my computer). My first action was to see what programs had been installed and to uninstall them - there were 7 programs and they all seemed to uninstall without issue. However, I could tell that something wasn't quite right. So, I tried to fire up MWB to run a scan and it wouldn't load. The infection initially disabled both MWB and MSE. After re-installing MWB the scan revealed 135 items - a couple trojans, a bunch of adwares, and several PUPs - and successfully removed them but required a restart. On restart MWB was again disabled. After re-installing MWB the scan revealed 15 items - a couple trojans and several adwares - successfully removed them and again required a restart. After this restart MWB was functioning (good sign) and the scan was clean. Whew!! Disaster averted (or so I thought). I quickly noticed that things still are not right. I tried to open Chrome and it wouldn't open. So, I re-installed it. When it opens the first website I visit when I click the login link a new tab opens to a timeshare website. I check extensions and nothing...so I figure I am still infected. I run another scan with MWB and it is clean. So, I open MSE and run a quick scan and it finds win32/Detrahere!reg - it spins circles trying to delete it for about 15min and then the computer restarts. I run the scan again and it finds the same infection...rinse and repeat 4 times and it still finds but is unable to remove win32/Detrahere!reg. Using another computer I search online and can't find anything about win32/Detrahere!reg. After speaking with a friend that is quite good with computers I decide to download HitMan Pro (HMP). I first run a scan with MWB and it is clean, then I run a scan with HMP and it finds 3 exe files that are infected with a virus, 1 trojan (not the same one) and a ton of cookies. HMP successfully deletes all and requires a restart. I re-scan with HMP and it is clean. I run a quick scan with MSE and it still finds the same trojan win32/Detrahere!reg. I open chrome and I get the same bad behaviors - I click on a menu item on one website and it opens a new tab and takes me to a facebook page for some business that I don't recognize. So, I am still infected with win32/Detrahere!reg and MWB and HMP both say that my system is clean but MSE says I have this trojan but can't remove it. Any suggestions on how to kill this one would be greatly appreciated. Thanks, Pat
  11. Hello everyone. My computer seems to be infected by something that has turned out to be very difficult to eliminate. What happens is that a weird Japanese audio is played randomly, and when checking the audio mixer I see "Host Process for Windows Service". Of course, I can mute it there, but every time it starts to play again, I have to manually mute it, which is seriously getting on my nerves. I have scanned my computer with all the advanced options from Windows Defender, and with Malwarebytes several times, I've used the Adwcleaner tool, but none of this has been able to get rid of the problem. Upon reading the instructions in this community and attaching the log files created by the Farbar Recovery Scan Tool. I really hope somebody can help me. Thank you for your time Addition.txt FRST.txt
  12. Hello... I used to solve my problems myself , or at least, find existing answers but now I am so desperate so I do this post. And meanwhile I pray to God, I hope you will be able to help me. I will fully willing to cooperate and will respond quick. So here is the deal. Obviously enough, I downloaded virus with torrent. Right away it installed a lot of stupid programs and added a lot of links on desktop, this is how I got to know it first. Second thing I noticed is that my CPU is at 90%. In usual use I don't even exceed 20 while playing. So I started research and find out it was a process svchost.exe from c:windows/sysWOW64 folder. First thing I tried was Win Defender. - Failure. Didn't even detected anything. Second thing was Avast. - Failure. Even though it detected 2 viruses, while I removed them - nothing changed. Later I was searching for other fixes and detected another behavior of this virus - when I search for adwcleaner, my browser just closes. Basically it wont let me search it. when I found in a forum link to download your soft(malwarebytes) It wont let me press it, it crashes browser again. So I wanted to reset windows 10. I have no hard drive so I could only use it through option on startup. And again - Virus didn't let me do that, casting an error on me mid re-installation "there was a problem bla bla, no changes were made". So I started windows in safe mode, then I was able to search for your soft and could download it. I downloaded adwcleaner and ran it. it found like 16 malwares. I removed them and booted in. Checked CPU - still high, and still getting blocked on web, trying to search some staff. I then read some forums topics of yours and find out about mbar. I then found out that virus also blocking adwcleaner in normal boot from starting. BUT mbar worked. I started it and it found like 3 malwares. I removed them and rebooted. After that when pc started it instatly threw an error on me about svchost crashing. There is only one option to close program. IF I do not c lose it, my cpu is normal and everything seem fine, but if I close it, PC crashes and after "repair" it gets virus back again. Now, even if I start adwcleaner or mbar, both say that there is no treats, even tho everything is the same. Please, I am standing on my knees and begging you for help... Thank you in advance.
  13. Hi, I believe I was recently infected by a virus of some sort. Since a few days ago, my laptop (Microsoft Surface Pro 4) has been playing up: 1. A lot of the time, it will be running on 80-100% CPU and the laptop will be extremely hot and the fan will be very loud. When I check to see what it is that's using up the CPU it is mostly 'svchost.exe' in a folder called SysWOW64. 2. The laptop has become very slow as well and it will take a long time to open folders, etc. 3. Sometimes the laptop will crash and a blue screen will appear saying 'CRITICAL_PROCESS_DIED' and it will restart 4. I have malwarebytes installed, and when I start up the computer a lot of the time a box will pop up in the bottom right corner saying that a website has been blocked even though I haven't even opened the internet yet. The domain is 'de-mi-nis-ner.info' which seems dodgy. Please help, I don't know what to do. I have scanned it many times with Windows defender and Malwarebytes and they have both said there are no viruses. Thanks in advance!
  14. Please help! I have an HP stream 11 and it suddenly had a message come up regarding malware?? I've tried everything I've read in forums for the last 24 and nothing had helped, it's just getting worse. I no longer I'm able to delete certain files because I don't have to permission. Malwarebytes keeps popping up with a message telling me that PUPs have blocked me from going to a site that I'm trying to go to to clean the virus. I have downloaded as many different malware removers as I can but my computer is becoming less and less usable. Please help!!! Also, every scanner/detector, comes back with a clean result as if nothing is wrong with it, but there's definitely something wrong!!!!
  15. Malwarebytes reported several times that the website ia.801509.us.archive.org. This website URL is associated with phishing and was reported by Malwarebytes as malware. When running scans, the threat does not appear. I would like help in ridding my computer of the infection. The last log from the blocked site is shown in the attachment below. Sometimes it is logged as "malware" and sometimes classified as "unspecified". Thank you for your assistance.
  16. Hi. I'm infected with riskware.heuristicsreservedwordexploit. MBAM detects it and I can delete it but when I restart my system, it comes back. Don't know how to permanentely delete it. Hope you can help me out. Thanks. MALWARE.txt
  17. As requested on https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/ find attached the FRST and Additons logs. I'm not attaching a Malware Threat Scan log since the software says there are no threats, however, every time I open Google Chrome, Malwarebytes detects this "coinhive". Thank you in advance for all your help. Addition.txt FRST.txt
  18. So recently avast told me that it blocked a malware from a certain website which is called the malware JS:Miner-C now avast said it has blocked it after that i scanned a full check of malwares and eventually avast did found it so i delete and remove now im also running a manual check like checking tasks,processes, and services now in the details in task manager when i check it theres 2 csrss.exe running even though there is only 1 user i check the properties theyre both identical starting from date created and extension etc now i check system 32 and to my relieve theres only 1 csrss.exe now 2 part question and also before everything i already scan with malwarebytes but the program said no issues were found remind you that the malwarebytes scan is before avast scan and both of the scan is on normal boot instead off safe mode 1) Is My Possibility of Infection still high? and if so what is the best methods u can do to eliminate this miner? 2) Is Anyone have an idea of the severity of the malware like does it steal my credentials? or does it expose me to other malwares? if anyone can answer this i say Thank You in Advance
  19. I accidentally clicked on a shady link a few days ago and since then my computer has been acting funny. About an hour after I clicked the link , I got emails on all 4 of my Gmail accounts telling me to "resolve 1 security issue found on your account... We've upgraded our Security Checkup to strengthen the security of your account".... not sure if that's a coincidence and was automatically sent by google because they upgraded their systems, or if someone was trying to hack into my account or something.... Today, my computer restarted by itself and when it came back on it was running very slowly with physical memory running at 97% , wouldn't let me open any programs because it was just loading constantly and had two programs called HPSF.exe running at the same time that i'd never seen before.so i booted into safe mode and ran adwcleaner. It found a Pup.Optional.Legacy file located in C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\qethsoqa.default\invalidprefs.js when i try to clean it with adwcleaner, it first tells me "Caught Unhandled Unknown Exception; terminating", then it starts to clean but stops at about 30% and doesn't progress any further no matter how long i wait I ran a threat scan on MalwareBytes (free edition) with Rootkit scan enabled, but it didn't find anything. I've read that Pup.Optional.Legacy can be a keylogger, so I'm kind of nervous... Please help!
  20. Hello, My laptop has been using it's fan quite vigorously when it's idle but I didn't take it seriously. Today I realized it is really bugging me out. When no input is given to the pc it began to spin its fans really fast. But when I move the mouse it almost suddenly stops. Then I ran Tas Manager on the screen and I waited. When the fans began to spin again I realized a process is using almost 60% of my CPU. Name of the process is "mint.exe". No luck finding any information though. Ran a malwarebytes scan and it found 1 software. "Guard.lnk" which lead me to "Guard.exe" in "C:\Users\user\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings". BTW "Internet Settings" folder is hidden. Showing hidden items didn't help. But going directly to the address let me in. Content of the folder is attached. There is a "config.txt" file in the folder which led me thinking it is a stealth miner malware. You will get when you see the config file which is attached also. If any of you guys want me to share the files for analyzing purposes I will gladly share them with you. But I want them to be gone of course. malwarebytes report, FRST.txt, Addition.txt files are attached. TL;DR: Cryptocurrency miner malware infected. Need to remove. Please help. Required files are attached. Thank you config.txt malwarebytes.txt FRST.txt Addition.txt
  21. A few days ago my system (Windows 10 Pro 64bit) was infected with with a nasty bit of malware "Windows Process Manager (32 bit)" Anywhere between 4 and 8 instances running simultaneously are visible in Task Manager, sourced to a folder in in appdata\local, called "lsdkgur". Any attempt to access this folder has failed. It seems to be mining crypto-currency. Along with this, 8 identical audio playing programs entitled "Comparison" had to be disabled from the startup settings in task manager, and any Google search is automatically redirected to an equivalent Bing search regardless of browser used. Addition.txt FRST.txt
  22. I'm experiencing a lot of symptoms on my Windows 7 Ultimate machine that lead me to believe the computer is infected. For one, I cannot start Malwarebytes, even after doing the removal tool and reinstalling. It did manage to scan once, then after I rebooted, it wouldn't start, saying "Unable to connect the service." I checked services, and Malwarebytes isn't even listed. I ran the Sophos tool from a thumbdrive, and that found, among other things, a file called raczvht.exe, and renamed it. But that file is back in Windows processes. I did the Farbar tool, logs attached. I'm also attaching the MB logs. Please help! Thank you. mbae-default.log MBAMSERVICE.LOG FRST.txt Addition.txt
  23. Good morning to all of you, I think that I got infected after using the ms toolkit, my screen got split out with wired colors but everything got back to normal after restarting it. Now it moves a little slow, could you help me find out if is anything wrong with it, please? Addition.txt FRST.txt Malwarebytes Threat Scan logs.txt
  24. On the cloud console dashboard, Infected: 1 . Now what? Where to go to see what's still showing as "infected"? The only place I found, which would be highly inconvenient as the deployment grows, is under the "Detections" left pane item, scrolling through ALL of the entries. Under Action Taken, some were "quarantined", some "blocked", and only one was "Found", just a registry value, "PUM.Optional.DisableShowMyComputer" , "HKU\S-1-5-21-2342763795-823332892-3551160719-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWMYCOMPUTER". I'm pretty sure it is benign. Yet there's nothing to click on to allow it for all endpoints like the old Enterprise for Business product.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.