Jump to content

Search the Community

Showing results for tags 'winyahoo'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 3 results

  1. Hello, MWB found that I had 3 instances of the PUP Optional.WinYahoo --- I've followed the instructions from all of the other forum posts, but MWB keeps detecting two instances (it removed 1). However, it won't even quarantine them. It simply detects them. I experimented a bit and decided to change the C:\Users\arbonfiglio\AppData\Local\Google\Chrome\User Data\Default to C:\Users\arbonfiglio\AppData\Local\Google\Chrome\User Data\Default_Old WinYahoo is no longer showing up in the MWB scan, but I lost all of my extensions and bookmarks, etc. on Chrome. Is there a way to remove WinYahoo without losing all of my other information?
  2. I am running Malwarebytes premium and winyahoo is not being removed when I run a scan. Initally it also found "conduit". It would remove quarantine it, but would then find it again when I reran the scan. I eventually found the conduit search engine when following the chrome reset synch process. After removing conduit from search it is no longer being found by malwarebytes. Winyahoo is found, but not removed. I have run the recommended clean program, Farstx64 and multiple malwarebyte scans. I run the scans as the administrator with McAfee not running. Anyhelp you can give me to remove winyahoo. Addition 11-12 528cst.txt FRST 11-12 528cst.txt Mbam after chrome sync reset and all search engines removed except google.doc
  3. Hello - I received several notices from Norton that there was a large volume of outbound traffic, so I installed the latest version of Malwarebytes and ran a scan. The results came back with several potentially malicious finds, which I quarantined. This left me unable to use Microsoft Edge browser and any of my apps/programs that leverage this (the Microsoft store, for example). I attempted to undo the quaranteed, which did not fix the problem, so I ran the scan again and repeated the quarantine. The Firefox browser is still working. I've pasted a copy of the Quarantine Report below. Can you please provide assistance? Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/13/17 Scan Time: 7:50 AM Log File: db0d2fd8-b025-11e7-a6bd-dc4a3ee31796.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3005 License: Trial -System Information- OS: Windows 10 (Build 15063.674) CPU: x64 File System: NTFS User: DESKTOP-KEHL18U\The Richard Family -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 385090 Threats Detected: 47 Threats Quarantined: 47 Time Elapsed: 3 min, 14 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 9 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\TASKENG.EXE, Quarantined, [5416], [425125],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7F0C0547-040B-0F08-0D11-0E7D7D7A110D}, Quarantined, [5416], [-1],0.0.0 PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3547E90E-9B80-446A-9311-43CD27742A0B}, Quarantined, [5416], [-1],0.0.0 PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3547E90E-9B80-446A-9311-43CD27742A0B}, Quarantined, [5416], [-1],0.0.0 PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\ACPTAB, Quarantined, [1044], [261599],1.0.3005 Adware.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\11598763487076930564, Quarantined, [1745], [424293],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Quarantined, [5416], [425124],1.0.3005 PUP.Optional.InstallCore, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\CSASTATS, Quarantined, [2], [260986],1.0.3005 PUP.Optional.InstantSupport, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\INSTAB, Quarantined, [8437], [261449],1.0.3005 Registry Value: 5 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Quarantined, [5416], [425125],1.0.3005 PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\ACPTAB|HB, Quarantined, [1044], [261599],1.0.3005 PUP.Optional.PCAcceleratePro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|PCACCELERATEPRO.EXE, Quarantined, [1044], [315965],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Quarantined, [5416], [425126],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Quarantined, [5416], [425124],1.0.3005 Registry Data: 10 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{040e71a7-38ad-4ae9-b25b-971ed9782060}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0bf47d8a-7285-11e7-9d77-806e6f6e6963}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4eae7122-419d-45de-b779-bf1bf5a4185e}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c8c8fc27-e0d8-4918-84fe-e2c472a812c7}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c8c8fc27-e0d8-4918-84fe-e2c472a812c7}|DhcpNameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f61111e6-db6f-4973-ab83-9ca79d38ac10}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f61111e6-db6f-4973-ab83-9ca79d38ac10}|DhcpNameServer, Replaced, [1745], [-1],0.0.0 Data Stream: 0 (No malicious items detected) Folder: 2 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\USERS\THE RICHARD FAMILY\APPDATA\LOCAL\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}, Quarantined, [63], [302717],1.0.3005 File: 21 PUP.Optional.WinYahoo, C:\USERS\THE RICHARD FAMILY\APPDATA\LOCAL\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\chromium-min.jpg, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\control panel-min-min.JPG, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\down.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\ff menu.JPG, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\ff search engine-min.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\hp-min ff.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\hp-min ie.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\search engine.gif, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\setup pages.gif, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\sp-min.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\start-min.jpg, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\up.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\config.dat, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\info.dat, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\install.log, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\sora, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\Sqlite3.dll, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\uninst.dat, Quarantined, [63], [302717],1.0.3005 PUP.Optional.Conduit, C:\USERS\THE RICHARD FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N9W2K4G2.DEFAULT\USER.JS, Quarantined, [577], [302741],1.0.3005 PUP.Optional.DownLoadAdmin, C:\WINDOWS\INSTALLER\25989B.MSI, Quarantined, [4], [301032],1.0.3005 Physical Sector: 0 (No malicious items detected) (end)
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.