Windows 10: I Have been Infected with Malware

Discus and support I Have been Infected with Malware in AntiVirus, Firewalls and System Security to solve the problem; Hello, does anyone know why at least once or twice every day, a popup wanting to update chromium appears in the command prompt window, an Internet... Discussion in 'AntiVirus, Firewalls and System Security' started by Compuuter, Apr 5, 2020.

  1. COMPUUTER
    Compuuter Win User

    I Have been Infected with Malware


    Hello, does anyone know why at least once or twice every day, a popup wanting to update chromium appears in the command prompt window, an Internet Explorer shortcut appears on my desktop, and whenever I scan my computer with Malwarebytes and delete the stuff that's popping up, it reappears the next day when it requests an update. I don't have a screenshot of it, but I have a list of what Malwarebytes detected as a virus.



    Malwarebytes

    www.malwarebytes.com



    -Log Details-

    Scan Date: 4/3/20

    Scan Time: 3:58 PM

    Log File: ee4beca2-75ed-11ea-b0a7-98fa9bed049c.json



    -Software Information-

    Version: 4.1.0.56

    Components Version: 1.0.859

    Update Package Version: 1.0.21860

    License: Free



    -System Information-

    OS: Windows 10 Build 18362.720

    CPU: x64

    File System: NTFS

    User: username\username



    -Scan Summary-

    Scan Type: Threat Scan

    Scan Initiated By: Manual

    Result: Completed

    Objects Scanned: 426977

    Threats Detected: 40

    Threats Quarantined: 0

    Time Elapsed: 1 min, 52 sec



    -Scan Options-

    Memory: Enabled

    Startup: Enabled

    Filesystem: Enabled

    Archives: Enabled

    Rootkits: Disabled

    Heuristics: Enabled

    PUP: Detect

    PUM: Detect



    -Scan Details-

    Process: 0

    No malicious items detected



    Module: 0

    No malicious items detected



    Registry Key: 7

    PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3B67D3A7-6BE7-0227-DA67-72A70AE7A127}, No Action By User, 880, 542290, , , ,

    PUP.Optional.SelectedSearch, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhdinjalofclbacjijgifpahcnjapclb, No Action By User, 289, 757187, , , ,

    PUP.Optional.SelectedSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhdinjalofclbacjijgifpahcnjapclb, No Action By User, 289, 757187, , , ,

    PUP.Optional.SelectedSearch, HKU\S-1-5-21-680131693-1152990031-1992906804-1002\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhdinjalofclbacjijgifpahcnjapclb, No Action By User, 289, 757187, , , ,

    Malware.Generic.1507988344, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{53DBCFCA-A18E-4814-ACC2-04346AE876DB}\moginimihe, No Action By User, 1000000, 0, , , ,

    Malware.Generic.1507988344, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E2DA0264-4A93-4EF6-B21F-05FD43123948}, No Action By User, 1000000, 0, , , ,

    Malware.Generic.1507988344, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E2DA0264-4A93-4EF6-B21F-05FD43123948}, No Action By User, 1000000, 0, , , ,



    Registry Value: 1

    PUP.Optional.SelectedSearch, HKU\S-1-5-21-680131693-1152990031-1992906804-1002\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settingsbhdinjalofclbacjijgifpahcnjapclb, No Action By User, 289, 757187, , , ,



    Registry Data: 0

    No malicious items detected



    Data Stream: 0

    No malicious items detected



    Folder: 3

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\LOCAL\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}, No Action By User, 880, 542290, 1.0.21860, , ame,

    PUP.Optional.SelectedSearch, C:\USERS\username\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BHDINJALOFCLBACJIJGIFPAHCNJAPCLB, No Action By User, 289, 757187, 1.0.21860, , ame,



    File: 29

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\ROAMING\Microsoft\Windows\Recent\HowToRemove.html.lnk, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\LOCAL\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HOWTOREMOVE\HOWTOREMOVE.HTML, No Action By User, 880, 542290, 1.0.21860, , ame,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\chromium-min.jpg, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\control panel-min-min.JPG, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\down.png, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\ff menu.JPG, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\ff search engine-min.png, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\lusername\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\hp-min ff.png, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\hp-min ie.png, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\search engine.gif, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\setup pages.gif, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\sp-min.png, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\start-min.jpg, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\up.png, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\recodifat, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\soticanot, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\uninst.exe, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\Users\username\AppData\Local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\uninstp.dat, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\ROAMING\Microsoft\Windows\Recent\ff search engine-min.png.lnk, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\ROAMING\Microsoft\Windows\Recent\hp-min ff.png.lnk, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\ROAMING\Microsoft\Windows\Recent\search engine.gif.lnk, No Action By User, 880, 542290, , , ,

    PUP.Optional.WinYahoo.TskLnk, C:\USERS\username\APPDATA\ROAMING\Microsoft\Windows\Recent\setup pages.gif.lnk, No Action By User, 880, 542290, , , ,

    PUP.Optional.SelectedSearch, C:\USERS\username\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 289, 757187, , , ,

    PUP.Optional.SelectedSearch, C:\USERS\username\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 289, 757187, , , ,

    PUP.Optional.SelectedSearch, C:\USERS\username\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BHDINJALOFCLBACJIJGIFPAHCNJAPCLB\2.2_0\MANIFEST.JSON, No Action By User, 289, 757187, 1.0.21860, , ame,

    Malware.Generic.1507988344, C:\WINDOWS\SYSTEM32\TASKS\{53DBCFCA-A18E-4814-ACC2-04346AE876DB}\moginimihe, No Action By User, 1000000, 0, , , ,

    Malware.Generic.1507988344, C:\USERS\username\APPDATA\ROAMING\53DBCFCAA18E4814ACC204346AE876DB\MOGINIMIHE.EXE, No Action By User, 1000000, 0, 1.0.21860, 6257ECA0AC73052259E21378, dds, 00660683

    PUP.Optional.SelectedSearch, C:\USERS\username\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 289, 757186, 1.0.21860, , ame,



    Physical Sector: 0

    No malicious items detected



    WMI: 0

    No malicious items detected





    end


    If I go to the directory stated in some of them, C:\users\username\appdata\local\{DA03EC5F-FEAB-80E7-9333-A50FB75B5997}\HowToRemove\ ,

    this is what is shown-

    I Have been Infected with Malware 770d75b5-f226-4c71-912e-d998d2c2d477?upload=true.png


    If anyone knows what any of this is- It would be greatly appreciated! I replaced my name with username in the directories for personal reasons.


    Thanks


    [Original Title: Malware]

    :)
     
    Compuuter, Apr 5, 2020
    #1
  2. BRUINATOR
    bruinator Win User

    steps taken for infected Pc's.


    I was hoping someone could give me a list of step by step instructions you use as a guide to clean virus, malware...etc. so I can keep my PC clean if it gets infected.

    thx
     
    bruinator, Apr 5, 2020
    #2
  3. LISAGLENN
    lisaglenn Win User
    How to Fix a Malware Infected Computer?

    Hi everyone..*Smile I Have been Infected with Malware :)
    My system was infected with a Malware. Even after malware has been removed from a computer many of the problems caused by it still remain.
    How do I Recover my Important Files Deleted During Infection?
     
    lisaglenn, Apr 5, 2020
    #3
  4. MOXIEMOMMA
    MoxieMomma Win User

    I Have been Infected with Malware

    steps taken for infected Pc's.


    Hi:

    There is no one set of "boilerplate", "cookbook" or standard steps.
    Each computer is unique.
    Each malware infection is unique.
    Proper diagnosis, cleanup and repair depends on the particular infection and the system that is infected.
    The process can be tedious and time-consuming, often requiring the use of multiple powerful tools, in the proper sequence.
    Many of them can actually damage the system if deployed improperly by untrained computer users.

    Bottom line:
    Malware cleanup is best done with *customized* support provided by trained individuals who know what tools to use and how to use them.

    There are a few folks with such expertise here at this forum (I am not one of them).
    And there are a number of reputable computer disinfection fora where trained malware removal experts provide free, custom assistance.

    Cheers,
     
    MoxieMomma, Apr 5, 2020
    #4
Thema:

I Have been Infected with Malware

Loading...

  1. I Have been Infected with Malware - Similar Threads - been Infected Malware

  2. may have been infected with malware from visual studio?

    in AntiVirus, Firewalls and System Security
    may have been infected with malware from visual studio?: i ran a virus scan because my pc was randomly freezing and it found a bunch of trojan.crypt in programdata for visual studio. im using malwarebytes should i be worried?...

  3. I have been infected with malware which destroyed my data

    in AntiVirus, Firewalls and System Security
    I have been infected with malware which destroyed my data: Hi everyone! My laptopwindows 8.1 was attacked by a trojan a year ago. All my data got dissapeard and locked with a MAAS suffix. Here are two questions: 1• Is there any way i could get my data back? I've got to say that i deleted and uploaded some files to my laptop...

  4. I have been infected with Malware .nile extension

    in AntiVirus, Firewalls and System Security
    I have been infected with Malware .nile extension: hi sir my system is showing all file in .nile format include my external hdd also. i cant open file please help [Original Title: virus]...

  5. I have been infected with Malware

    in AntiVirus, Firewalls and System Security
    I have been infected with Malware: hi sir my system is showing all file in .nile format include my external hdd also. i cant open file please help [Original Title: virus] https://answers.microsoft.com/en-us/protect/forum/all/i-have-been-infected-with-malware/a00689aa-7348-45fe-b5ad-85bf8fdb53b6

  6. I Have been Infected with Malware

    in AntiVirus, Firewalls and System Security
    I Have been Infected with Malware: I have a malware reimage on my pc10 how do I get rid of it ? [Original Title: windows security] https://answers.microsoft.com/en-us/protect/forum/all/i-have-been-infected-with-malware/91533175-5601-4883-890e-25471d9b4ed3

  7. I Have been Infected by Malware

    in AntiVirus, Firewalls and System Security
    I Have been Infected by Malware: So some malware got downloaded And Downloaded Chromium I wanted to remove it but it didn't let me can someone help me [Original Title: Malware] https://answers.microsoft.com/en-us/protect/forum/all/i-have-been-infected-by-malware/7bc81c3e-0ab7-4414-bd1f-cac1bce588f4

  8. I Have been Infected with Malware

    in AntiVirus, Firewalls and System Security
    I Have been Infected with Malware: Hi Chris again, I have found a folder in my Program Files x86 that is called Segurazo but when i try to delete this folder it says that I do not have the appropriate administrative permissions. I have only one user on this account as well so I do not know what is wrong. Can...

  9. I have Infected with Malware

    in AntiVirus, Firewalls and System Security
    I have Infected with Malware: My computer has recently become infected with Malware. It is OK for about 20 minutes after startup but then programs randomly start and the view zooms in. Grey spots appear on the left side of the screen where icons normally appear on Desktop. A few popup ads will...

  10. I have been infected

    in AntiVirus, Firewalls and System Security
    I have been infected: Well where do I begin I'll start with the apple iPhone xr software 12.4-1 that's been all over the news all over social media about it having a bug? Well that was after a half a dozen ppl downloaded the software on to there phones. In which it caused me to get Hacked. My...