Jump to content

Search the Community

Showing results for tags 'rootkit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. I recently opened a Microsoft Word document i was sent my someone who i didn’t know very well. When i opened it my mind began racing as to why he would want me to open this... that’s when i got to googling and found out about “Malicious Macro’s”. That’s when i decided to have a look at my Task Manager, there i found a file called “Launch” in my Start-Up. I disabled it right away and then began finding more and more suspicious things running that i knew were not previously there. One was called “Coordinator.exe”. As i started digging more clicking on “Open-File-Location” i found a folder full o
  2. Antivirus turned up nothing at first. Wasn't even sure I had malware until I picked out Avira leaking memory on poolmon. Tried MBAR to no avail among other extraction tools. GMER scans result in BSOD, unless I specifically run in safe mode without admin privileges (weird), but I can't delete anything. MWB rootkit scan randomly picked up some malware after 9 hours but its not the source. Clean install is a last resort, so hopefully I have other options. MWBreport.txt FRST.txt Addition.txt
  3. hello and thank you in advance for your help in resolving this I have been battling this thing for well over a year and finally decided to buy another lap top and just start from scratch. upon logging onto the new PC I stupidly added my Microsoft account and the new lap top went haywire. CPU at 100 % Disk at 100 % all types of network activity. It renders me unable to boot into safe mode saying my pass word is incorrect. It seems to create a VM for me to live in and goes out of its way to make all the screens seem legitimate when it tells me that my IT admin has control of these settings
  4. Hi. So I have this problem that i notice when i visit Fancentro.com (NSFW) i get redirected to patriarchia.ru Fancentro.com is the only webpage that I have noticed this redirect. There is no other page that is effected. I have scan my computer with Malwarebytes Premium Trial manytimes with no luck. So I downloaded windows on another computer and made a USB Windows installer. Then i formatted my windows drive and installed a clean copy from the flash drive. When the new windows is installed the problem goes away for a day or so. Then I notice that my computer freeze up or act st
  5. I am running the FARBAR security scanner right now and will update the files when the scan is complete. I just want to ensure that no low-level viruses/malware/ransomware are on my workstation. Any and all help would be appreciated. Thank you! Addition.txt FRST.txt
  6. I have a virus that slows down the work of my CPU and GPU, uses my PC for bit mining, pops up ads on my browser, stops malwarebytes from launching and other things. I scanned and cleared my PC in safe mode using Malwarebytes, ADWcleaner and Sophos Scanner Virus Removal Tool and reset my Google Chrome sync. This worked for 3 days when the virus came back. Here's my FRST scan log. I'm sorry I'm not sure how to post pictures but here are some pictures of scan results in Microsoft Word (I'm sorry for being stupid but not sure how to properly upload them). FRST.txt Addition.txt virus list.docx
  7. I have stupidly run a suspect executable file, which then popped up with some jumbled characters and contained "c:\windows\system32\drivers". This has concerned me that it has edited files and installed a RootKit though scans with Malwarebytes and others are showing nothing. How can I be sure there is no infection?
  8. Hello I am here due to an ongoing concern I have detected on now 3 of my laptops. I've researched for hours on end going on almost 2 months now until deciding to post here. Whatever this malware is, it's definitely deceptive. It accesses and changes passwords, usernames, logins, access privledges, virus scans, security settings, the list goes on. Through process of elimination I'm leaning towards a root on my PCI but I can be completely wrong on that. Any help would be so greatly appreciated! I look forward to any help in the future and thank you in advance!
  9. Hello, as described on the "I'm infected" topic (https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/) I did all the indications, I now need help to know what to do please. The laptop has been very slow for a long time but I want to clear everything now, basically when I make an analysis with malwarebytes or kaspersky antivirus or any softwares of this kind it doesn't find anything, but I see it: the pc is very very slow and isn't too old, on top of that it has great components (nvidia 740m, intel core i7 etc...) that's why after doing some research on the subject I th
  10. I have the latest version of Malwarebytes. It has been telling me everything is great for a long time. Scans run daily and report nothing. I started having some display issues which I thought was a driver. But it got me to run ESET online scanner which found a bunch of infections. Malwarebytes scan still says everything is ok in the scan. Scan options are set to scan for everything including rootkits. But when I look at the detailed scan report, it says that Filesystem and Rootkits options are disabled. When you look at the settings, all options are enabled. How worried should I be a
  11. Hello, the moment I started to download this https://thepiratebay.icu/torrent/28780372/The_Upside_2018_720p_HDCAM-1XBET my laptop crashed and I can see pixelated static yellow/green lines even at BIOS. No virus infection has been found. This is not a problem of GPU it has happened again in the past. I went to a technician and he fixed it. Also I can't start windows in normal mode, it crashes. How can I fix this?
  12. I'm starting to believe I have a virus or rootkit of some sort, so I've downloaded and scanned my system (multiple times) w/Bitdefender, Malwarebytes (with rootkit check enabled), Malwarebytes Anti-Rootkit, and GMER. GMER is the only one that consistently picks up a possible rootkit, and they're different files after I fix the previous detected files. This only happens when I do a quickscan with GMER, as when I do a fullscan with GMER it crashes my computer everytime on a file named "kfldiuod.sys", which I can't find any information for, except in the Running section of the log. Here are my c
  13. Hello: Sorry if this has been asked before. I've already searched but since I don't know the name of this malware, I can't find it. There's a possible rootkit that keeps reinstalling programs on my Windows 7. These programs are "Safe finder" "Butler" and some others. When I uninstall these programs, they appear againg shortly after, and they keep opening by themselves and my browsers keep opening new tabs that lead to spam. I've tried using Malwarebytes and it removes these programs really fast. But when the computer restarts after the cleaning, the programs appear again. I
  14. I downloaded a program from a third party website and now I have what I believe is a rootkit that I can't delete from my computer. I've uninstalled everything possible, scanned with Malwarebytes and Norton and they remove everything except a file called wmcagent.exe and some folders with weird names like snoteku. It is in my User/Appdata/Local folder. I cannot delete it or a few folders I believe are associated with it. It only says access is denied. I've used the Malwarebytes AdwCleaner and Anti-rootkit and the Norton variants and it can't remove it, or don't detect it. There are two program
  15. Hi so i got a pretty crappy virus, normally i am pretty good with manual removal myself however this one is realllllly a pain and malwarebytes hasnt worked for it nor detected it...i am attaching my frst scan to this post in hopes of some solution i saw you helped another guy remove the same thing people need to watch out this thing is coming bundled with software that seems legit make sure you take my advice and download only from official links if you can otherwise you will be in the same boat possibly or worse. FRST.txt Addition.txt
  16. Hello, Im new to this forum and I would be extremely grateful if anyone here could give me some advice on how to remove encrypted syswow64, (possibly zero access rootkit), from several usbs that I got that have been infected when they where inserted in windows computers that I got that were attacked by hackers. The hackers installed a system administration server on my network and attacked my computers with some kind of synzcronization worm/virus that synced and even infected offline devices, (that contained Bluetooth and smartcard etc), like Television, digital TV box, dvd, printer and p
  17. Hi, I had issues with my laptop and after running Malware bytes it located 4 rootkit.fileless.MTGen and 2 Trojan.Fileless.MTGen instances. I have quarantined them but how can I be sure that this has removed everything? Also how concerned should I be that these things were on my computer? What other steps are recommended to ensure the issues are resolved? Appreciate any guidance provided
  18. My virus is pretty much exactly the same as the one experienced by another user in this thread. I've attached my fixlog to this post, thanks in advance for the help! Fixlog.txt
  19. My laptop (Windows 8.1, 64-bit) recently was infected with what I believe is the smartservice rootkit/virus. I somehow disabled its ability to prevent MBAR/Malwarebytes from opening, so I can (and have) scanned with them to no avail. The infection seems to be in two folders located at AppData\Local\pwdacnz and AppData\Local\cwaitrx. It manifests itself as a multiple Windows Process Manager (32 bit) entries which are all named pshlxct.exe I have also used Roguekiller, Adwcleaner, FRST, GMER, TDSSkiller (didn't work) and Rkill. Roguekiller was able to detect and (I think) delete pwd
  20. Malwarebytes rootkit beta problem
  21. I had ran a rootkit scan got 3 winzips. I removed these and after doing so malwarebytes has been having problems contacting the license server, it asks me to check my network settings. I could restore them but i have read their are no necessary rootkits for malwarebytes to run and this only happens on one of the two computers i have malwarebytes installed on.
  22. First off- using a vm machine, host OS is ubuntu linux- the logs attached are from Virtual Box of a Window 10 machine. I have to use a linux machine because; - can not reinstall any Windows without the infection hijacking the install, I've tried installing WinXP, 8.1, 7, 7 pro, WinUltimate, -during reinstall, at the cd/rom loads, then at a point the install instructions are taken over, and a similiar gui appears to complete install. -infects any device attached physical of network, usb will be formatted automatically (fake warning posted gui) -registry is infected
  23. Hi, I've been having ongoing issues with my PCs and network. Despite me having an active Internet connection my ISPs Tech's are unable to connect using LMIR. This problem has been ongoing now since approximately the middle of last year. I'm running Windows 10 x64 (should be fully updated,) however, I'm using a Linux Shell (ESET SysRescue) disc to make this post. I'm relatively familiar with malware removal, having assisted others many times on forums. I need fresh eyes to look at my problem please. I've run AdwCleaner. I have also run: JRT, FRST64, MBAR 10
  24. Hi, i'm going to do a windows clean install and i have already analiced my pc with my antivirus and with malwarebytes, i have also used a couple of cleaners. malwarebytes found a couple o malwares but i have already removed they. ir order to be completely sure that there aren't any malware in my computer i was thinking in use a bootable antivirus (i think that a low level format will be to much time for the hdd of 1 tb, how much time do you think that it will need? its a good idea to do it?) i have never had a really bad malware in my computer and i have used antivirus from the first day
  25. I have tried many different antivirus programs to try to get rid of a trojan called Win32/Nevoros.B!Rakr. Its main file is one called isowebi.exe The main problem is the file folder and all files in it are protected. There is no way to change the name, edit, delete. Taskkill cannot stop, or cancel the operations this application does. Because the folder and all contents are protected my one trick was to lock out new programs or folders it created so it couldn't find them again yet that means leaving them on the system. The program loads grenades, touchy, other svc's for the net
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.