Ian708 Posted September 5 ID:1659190 Share Posted September 5 FRST.txt Addition.txt Malwarebytes Scan Report 2024-09-05 021458.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 5 Root Admin ID:1659248 Share Posted September 5 Hello @Ian708 These are PUP (Possibly Unwanted Program) If you're okay with the program then simply ignore or add to exclusion in Malwarebytes If you don't want then I'd consider cleaning Google Chrome Please follow the directions from the following topic if you do wish to clean up Google Chrome. Then rescan with Malwarebytes Thank you Link to post Share on other sites More sharing options...
Ian708 Posted September 5 Author ID:1659270 Share Posted September 5 Thank you for your reply. So there is nothing suspicious going on? Today I received a notification that a website is locked due to "too many attempts to log in". Then today I received a text on my iphone that there was a suspicious charge via Apple Pay that was blocked. This message was obviously not from Apple. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 5 Root Admin ID:1659275 Share Posted September 5 Again, personally I don't like or use Google Chrome, but that aside. The detection was not considered malware itself. I would still clean up Google Chrome and re-scan the system. We have a more extensive clean up routine if you want. Try another browser. Do you have any issues with another browser? Please follow the directions from the following topic for a more extensive article on cleaning Google Chrome Resetting Google Chrome to clear unexpected issues We can do some other AV scans too if you like. Please run the following ESET Online Scanner and perform a Full Scan Click the following link to save the installer for ESET Online Scanner https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get started. When presented with the initial ESET screen, click on "Get Started". Read and accept the Terms of use On the "Before we start..." screen chose if you want to send anonymous data and if you want to provide feedback or not, then click Continue When prompted for scan type, Click on the Full Scan button Enable ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click the Start scan button. Have patience. The entire process may take a few hours or more. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log and give it a name and location you remember. If something was removed and you know it is a false postive, you may click on the blue ”Restore cleaned files” ( in blue, at the bottom). Press Continue when all done. You should click to turn off the offer for “periodic scanning”. Enable "Delete application data on closing" - You do not need to submit feedback unless you want to. Simply ignore and close the program. Note: If you do need to do a File Restore from ESET please follow the directions below [KB2915] Restore files quarantined by the ESET Online Scanner version 3 https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner Please attach the ESET scan log you saved at the end to your next reply Link to post Share on other sites More sharing options...
Ian708 Posted September 6 Author ID:1659476 Share Posted September 6 Eset Scan Log.txt Apparently nothing serious found. It even scanned all of my Google Drive. Do you have recommendations for removing my phone number and email address from scammers and solicitors? I keep getting suspicious texts and emails. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 6 Root Admin ID:1659478 Share Posted September 6 Due to the ongoing continuous ransomware attacks and business networks being exploited I don't think it's truly possible to fully evade them at this time. I'll see if @David H. Lipman can post some of his links to sites that try to assist in reporting and such. Thank you Link to post Share on other sites More sharing options...
Solution David H. Lipman Posted September 6 Solution ID:1659485 Share Posted September 6 (edited) 51 minutes ago, Ian708 said: I keep getting suspicious texts and emails. I would like to see them. ScreenShots if received as a SMS Text or if they are received via email, export them as an .EML file. Then when you have it/them, post the Graphics and take the .EML file(s) and place them in a ZIP file and attach it in your reply. I suggest going to https://haveibeenpwned.com/ and enter all your email addresses. I checked your Forum email and it was in multiple breaches associated with email addresses, passwords and phone numbers. Just being in them can lead a victim to being placed on a Spam List. Additionally, if a Phone Number is harvested and it is associated to a Smart phone, it may be the subject of SMS Text scams. 51 minutes ago, Ian708 said: Do you have recommendations for removing my phone number and email address from scammers and solicitors? Unfortunately once on a scammer's Spam List, there is no getting off it. It may be sold, resold or even bartered for. It could be the impetus of getting a new Email Address and/or Phone Number if the number of scam messages is excessive. When it comes to the Phone Number, I presume that you mean SMS Text messages but if it includes RoboCalls, try hooking up with NoMoRobo with tour Phone Provider or use an available 3rd party Google or Apple Store app for mitigating RoboCalls. I don't use a Smart Phone (never will) but I use NoMoRobo with my ISP, who provides a VoIP Land Line, to mitigate RoboCalls. Recapping: I would like to see samples. ScreenShots of scams if received them as a SMS Text or if the are received via email, export them as an .EML file. Then when you have it/them, post the Graphics and take the .EML file(s) and place them in a ZIP file and attach it all in your reply. Edited September 6 by David H. Lipman Edited for content, clarity, spelling and/or grammar 1 Link to post Share on other sites More sharing options...
David H. Lipman Posted September 6 ID:1659499 Share Posted September 6 (edited) Thank you. I removed the graphic because it had an email address to protect the privacy of the person with that email address. It was a USPS Phish: RE: USPS Phish Common on Android and Apple Smart Phones. EDIT: Re-posted Smishing graphic with email address redacted. Edited September 6 by David H. Lipman Link to post Share on other sites More sharing options...
David H. Lipman Posted September 7 ID:1659597 Share Posted September 7 (edited) Only 1 sample @Ian708? This so far, isn't out of the ordinary in Today's Threat Landscape. I have submitted dozens of USP Phish on behalf of other Smart Phone users. Please provide multiple examples. Edited September 8 by David H. Lipman Edited for content, clarity, spelling and/or grammar Link to post Share on other sites More sharing options...
David H. Lipman Posted September 9 ID:1659964 Share Posted September 9 IBA Cookies: Please go through the following on the Browser(s) you use. NAI Consumer Opt-OutYourAdCoices Opt-Out Account Related Privacy Opt-Outs: Google Account Activity ControlsYahoo Brands Privacy DashboardMeta Privacy CenterDiscord Data Privacy ControlsMicrosoft: Browsing history on the privacy dashboardMicrosoft: View your data on the privacy dashboardMicrosoft Account Privacy DashboardTwitter Privacy Dashboard Device and Accounts Related Privacy Opt-Outs: Google Android - Privacy DashboardAmazon Privacy DashboardSamsung Privacy DashboardApple Privacy ControlT-Mobile Privacy Dashboard Reference: What is "interest-based" advertising? Link to post Share on other sites More sharing options...
David H. Lipman Posted September 9 ID:1659965 Share Posted September 9 Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks Link to post Share on other sites More sharing options...
Recommended Posts