Jump to content

Search the Community

Showing results for tags 'riskware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 16 results

  1. Log information of two riskware, Unkown what the malware can do. So I talking the time to post the report here. -Log Details- Protection Event Date: 18/04/2020 Protection Event Time: 13:29 Log File: 34213c40-8170-11ea-868b-b42e999ad5ef.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.867 Update Package Version: 1.0.22626 Licence: Trial -System Information- OS: Windows 10 (Build 18362.778) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: RiskWare Domain: postlnk.com IP Address: 188.72.202.42 Port: 443 Type: Outbound File: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ======================================================================================================== -Log Details- Protection Event Date: 18/04/2020 Protection Event Time: 13:29 Log File: 34213c40-8170-11ea-868b-b42e999ad5ef.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.867 Update Package Version: 1.0.22626 Licence: Trial -System Information- OS: Windows 10 (Build 18362.778) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: RiskWare Domain: postlnk.com IP Address: 188.72.202.42 Port: 443 Type: Outbound File: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (end)
  2. I'm testing my website and viewing other pages from a hotel and I'm intermittently getting a website blocked message from Malwarebytes. Any further information on this? I'm concerned it's connected with my web page. Log below -Software Information- Version: 4.0.4.49 Components Version: 1.0.793 Update Package Version: 1.0.18646 License: Premium -System Information- OS: Windows 10 (Build 17763.973) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: RiskWare Domain: netpatas.com IP Address: 88.85.66.143 Port: 80 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  3. Hello. This file is getting reported by MalwareBytes as a virus, and the results of VirusTotal as well, but, people don't seem to mind it on forums, is it really a trojan or it's inoffensive? Normally cracks don't do this much suspicious activity. So i'm really on the fence if i'm being fooled or people really don't care. (https://www.virustotal.com/gui/file/2843bc660722205fb5aaedf41b73a3243f1c0880b90eba576e7b9ad54c06c437/detection) I can't tell, so, please, if someone could help me i would be grateful for it. OS Is W10 64 bits. BaldrSky.7z
  4. Hi there, I have an issue that my laptop is infected with some kind of riskware.bitcoinminer and a adware, I already scanned with malwarebytes and quarantined the riskware, but after I reboot my laptop it keeps coming again. How possibly I can get rid of this thing? please help me. You can see my log. logs.txt
  5. Hey, yesterday I scanned my laptop with Malwarebytes and got some issues about Bitcoin miner files in my Files. So it asked me to restart my laptop to remove those files, so I pressed it immediately. While restarting it got stuck on restarting screen and froze for more than 20 minutes, so I made a hard restart. Now I am not sure if my laptop is clean and secured. Addition.txt FRST.txt first_Malwarebytes_Scan.txt
  6. Help, i't seems like my laptop is infected by riskware bitcoinminer I've tried scanning it using Malwarebytes and Adwcleaner but it's always coming back please help me to removing from my laptop. Thank you. There are my Malwarebytes logs, Adwcleaner logs and also Farbar logs Malwarebyteslog.txt AdwCleanerLogs.txt Addition.txt FRST.txt
  7. Got something blocked by malwarebytes as riskware. I supect a false positive. Please investigate. My system is 100% clean. I'm using AirVPN and curl.exe is a file from airvpn's 'Eddie' cfg software. The IP that is blocked is 213.152.162.89 and it belongs to https://www.ip-tracker.org/locator/ip-lookup.php?ip=213.152.162.89 Thank you
  8. Hello, laptop with Windows 10 using Chrome browser (69-latest) a week ago was not throwing up blocked notifications for this riskware. I was away for a week and came home, logged into my PC and somehow now have this warning saying eluxer.net blocked outbound. It has blocked it several times including just as l went to sign in here a minute ago. I thought I got rid of it the other day by doing a few counter steps the other day. QUESTIONS: what is the status of this thing in regards to my PC now? Could it have transfered from my Phone or Tablet when I was "out in public"? As long as it's blocked is it not doing its dirty work? I have logs, I did the FARBAR, Windows safety scanner, Google Chrome settings cleanup, and MWBytes scan with scan for rootkits (0 detects). I have windows defender and use VPN most of the time, too so now what? Anyone have any helpful information, it would be appreciated.
  9. Hi, i need help and i hope that someone here can help me, im currently infested by a virus or malware that keeps on coming back, it never stop it always install itself and it has the capability to 1. read phone status and identity 2. location 3. modify/delete contents 4. find accounts on device 5. download files WITHOUT notification 6.retrieve running app and run at startup 7. draw over other apps 8. read sync settings it looks very dangerous it could steal info from my phone, based on my research those who are infected by this app also receives msgs with links and it seems that the phone itself created that message and sends to itself right now i have no idea on how to remove this problem, also rooting is impossible currently because my phone is not supported on any rooting services and i yes i tried everything, emailed them if they supports rooting my phone and they all say no. i was able to grab a copy of the enginee app in apk format maybe someone is interested on simulating it on an emulator (im doing it right now actually)
  10. Receiving a constant stream of popups from Malwarebytes about a riskware website being blocked. There is no domain given, and it continues even if I am not accessing my browser. It is referencing System32\svchost.exe. This file also exists in SysWOW64 once and WinSxS twice. The IP address is 123.123.123.123. A malwarebytes scan does not find anything, and I've run adwcleaner. I've uploaded an export of one of the event logs, and I can upload whatever other log data is needed. Would like help in identifying if this is a stream of false positives, or if some other malicious file is causing the popups. Thank you. report_log.txt
  11. Back on August 17, I installed Malwarebytes on my machine since I was having performance issues. The scan found 16 threats on my PC, and removed them as such. Even after this scan though, and several others, Windows Powershell is still performing some suspicious activity. Malwarebytes will occasionally notify me of an outbound connection to "wentz.pw" that Powershell keeps attempting to make. This is classified as "riskware", but I'm concerned since I can't get rid of it. Attached is the log for the most recent connection attempt. blocklog.txt
  12. I have these two programs called Idle Buddy and SSO on my computer. I ran a scan with Malwarebytes and cleaned up 18 threats, two of which were Trojan.Roraccoon, and the rest were riskware or PUPs. After rescanning my computer with Malwarebytes, Emsisoft, Norton, and other scanners, only a few things popped up and I cleaned them up. After another rescan everything seemed clean... So I uninstalled the programs and thought I was safe. However, just today malwarebytes came up with two new threats, this time in the admin account in my computer, both riskware. This prompted me to rescan everything (scans came up clean). I then opened the program files and searched through to see if there were any files leftover from the virus. I got rid of several files associated with Idle Buddy and SSO, and I think they’re all gone now (but i’m not sure). Then, I checked the registry for anything weird. I saw three registry entries that had been created by SSO and Idle Buddy, but when I tried to delete them I was given an error that said that these keys could not be deleted. Is there any way I can get rid of these for good? I have a bad feeling that even though most of them were caught and quarantined/deleted, they may still be doing things behind the scenes (like what happened to my admin account)... Here are the registry keys that I’m trying to delete: HKLM\SOFTWARE\IdleBuddy HKLM\SOFTWARE\WOW6432Node\IdleBuddy HKLM\SOFTWARE\WOW6432Node\SSO
  13. These are new errors I'm getting today. Received a word doc file yesterday from a compromised acquaintance saying "This document created in online version of Microsoft Office Word. To View or edit this document, please click "Enable editing" button on the top yellow bar, and then click "Enable content" Yesterday the file was downloadable, but today Gmail has an Anti-virus warning and doesn't allow downloading it. am getting the following error while browsing in Chrome: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/21/18 Protection Event Time: 10:40 AM Log File: 2087fe56-a550-11e8-87b7-106530ce1406.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.421 Update Package Version: 1.0.6441 License: Trial -System Information- OS: Windows 10 (Build 17134.191) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: RiskWare Domain: panisodan.com IP Address: 185.212.44.128 Port: [52219] Type: Outbound File: C:\Windows\explorer.exe (end) AdwCleaner showing the following: # ------------------------------- # Malwarebytes AdwCleaner 7.2.2.0 # ------------------------------- # Build: 07-17-2018 # Database: 2018-08-20.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-21-2018 # Duration: 00:00:04 # OS: Windows 10 Pro # Cleaned: 1 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted Ask Not Deleted AOL ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1280 octets] - [21/08/2018 09:30:57] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## # ------------------------------- # Malwarebytes AdwCleaner 7.2.2.0 # ------------------------------- # Build: 07-17-2018 # Database: 2018-08-20.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 08-21-2018 # Duration: 00:00:31 # OS: Windows 10 Pro # Scanned: 41803 # Detected: 2 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** PUP.Optional.Legacy Ask PUP.Optional.Legacy AOL ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## MWB Scan.txt Reports Export.txt FRST.txt Addition.txt
  14. Hi, some days ago this issue appeared... I get the riskware notification each time I load a new page in chrome... Can you help? Alex FRST.txt Addition.txt warning report.txt Scan Report.txt
  15. I'm accustomed to report phishing URLs to ESET, Google, Netcraft, Microsoft, HPhosts forum and phishtank. Malwarebytes for Chrome blocks hxxp://phishing.eset.com/report/ita (safe to visit). I attached a screenshot. It is a false positive detection. Please fix it. Cheers
  16. I've got rid of a virus thanks to Malwarebytes. However, I keep having a notification popping up every 10 seconds. It's always the same thing. Here is a screenshot. How do I get rid of it? It's pretty annoying! Thank you!
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.