Jump to content

Search the Community

Showing results for tags 'persistent'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 2 results

  1. Hello, I am having trouble with PUP.Optional.Legacy in Chrome. Tried multiple scanners, only AdwCleaner detects it I've been battling this beast for a while now. What I've done so far: I've clean installed windows twice. I have reset chrome settings multiple times. I have reset chrome sync multiple times.I have deleted cookies, preferences and all files from %LOCALAPPDATA% for Chrome. I have installed Chrome from the offline installer. I have cut the internet connection and did all of those steps again. I've narrowed it down to this: At first I thought it comes from my profile/sync. But I have done the steps below, without internet connection and it keeps coming back. It is somehow connected with the search engines/search providers of Chrome and/or Chrome settings. I can clean it with AdwCleaner, or manually remove the search engines from Chrome settings and it seems to disappear. But even if it does, after a few minutes, Chrome starts lagging, freezing a lot, and loading pages very, very slowly. I can tab out of Chrome and go to another browser, enter the web site and it will fully load, while in Chrome it is still loading. I run a scan with AdwCleaner - nothing, but I know it's there, my browser is lagging so bad... Here how it always comes back. Every time I click on "Reset settings" in Chrome, the adware/virus comes back. This additional search engines appear in the settings: And after a scan, these are the results: And here is the Log File from the scan: AdwCleaner[S70].txt I am not smart enough to handle this on my own. I need help.
  2. First off- using a vm machine, host OS is ubuntu linux- the logs attached are from Virtual Box of a Window 10 machine. I have to use a linux machine because; - can not reinstall any Windows without the infection hijacking the install, I've tried installing WinXP, 8.1, 7, 7 pro, WinUltimate, -during reinstall, at the cd/rom loads, then at a point the install instructions are taken over, and a similiar gui appears to complete install. -infects any device attached physical of network, usb will be formatted automatically (fake warning posted gui) -registry is infected -possible firmware exploited, usb and pci seem to be used as alternate devices, -system32 files are unusual -unable to flash bios -appears as hidden sector or directory, hijacks the mbr, -has the ability to replicate if deleted or core files, registry is changed -suspected WMI Shell running with TRUSTED INSTALLER -Possible ChipSec related? I think I've tried everthing as far as scans, rkhunter, Hirens Boot Cd, Process Monitor, msconfig, BIOS settings, hdd replacement. All my machines at home are down/infected. Only way to get back was Linux, and using VM to start Windows 10. This is from a enterprise PC Tech Level 2 working at home. FRST.txt Addition.txt mbt first scan.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.