Search the Community
Showing results for tags 'start'.
Found 4 results
-
Hi, gang. I'm a licensed user of Malwarebytes Premium 3.7.1. Under Settings > Protection tab > Startup Options, I've chosen "Start Malwarebytes at Windows startup." https://imgur.com/OA5yLhd (screenshot) However, Malwarebytes won't load with Windows unless I manually add a program shortcut to the Windows Start Menu. Obviously, this isn't a pressing issue, but if I've overlooked a software setting, I'd appreciate it if you would let me know. Kind thanks, Brooks Windows 10 Pro x64 (release 1809) Malwarebytes Premium 3.7.1 -
Hi there I found this thread on google. I am another customer of cloudsouth and I had similar issues in past, So I hope my information may help you in fixing the problem. Two times my server has been infected by this virus. Both time I had to format all hard drives and re-install windows. both times I sent passwords in ticket to support and I believe the hacker stole the password from ticketing system. In event viewer I saw IP address from Russia logged to my server, The IP belonged to a VPN service provider. Probably the hacker hiding behind a VPN. on Nov-2017 the hacker logged into my server and installed the below malware. I believe this is the same hacker that install on OP server as well. He download the virus from below link http://baterky-noze.sk/cache/work.exe https://www.virustotal.com/#/file/2f41840b1780ab42d1b20036a7b6b04ea84e655013d67b98c215c24a4d4223cb/detection on May-2018 he logged into my server again and he installed this malware. He executed this application on my server but he forgot to fully remove it. I uploaded it to virus total. https://www.virustotal.com/#/file/d5e28c675d4f467cb1e917818480396e992ffd1515399b4eadd3adec4031d92e/detection I tried Avast, McAfee and AVG, All of them find and remove the virus but the virus will return the next day.
-
Hello, for a while now I have problems with some miners . Idk if its worldwide or they are targeting just https://www.cloudsouth.com/ I have 20+ servers from them and most of them are with miners. I reinstalled the OS a few times and soon after the servers will become infected again. I think they are bruteforcing them. I started using 24 characters for passwords on newly reinstalled servers. Here's a report from malwarebytes. (attached below) Even if malwarebytes cleaned the system, and a new check will result in a "clean" pc, the virus is still there and its not being detected. If I open Task Manager , the virus will instantly pause itself and the pc/server will start working normally. A few minutes later the virus will close the task manager and it will start itself. The pc/server will start to lag hard as the virus is using 90% of cpu when its running. Doing a virus scan without opening task manager is impossible. It won't even start. the pc is lagging that hard. Updated windows defender won't pick it up either. In task manager is using some of the following names SHELLEXPERIENCEHOST1.EXE Windowsshellexperiencehost.exe Windowsshellexperiencehoste.exe Windowsshellexperiencehostp.exe Any idea how can I remove these pesky miners? I can provider access via RDP to some infected servers. NP Bitcoin miners report.txt
-
mb-check-results.zip
