Search the Community

Okay so i've noticed recently when i try and download ANYTHING windows update, malwarebtyes, steam; or any real software no matter if its 300kb or 8 gb it fails within seconds. If i turn on any free vpn such as urban or hide.me, ect.. the moment i start it i can download anything without fail. i proceeded to download steam installer file 25 times with 100% success rate through vpn. without vpn it was a 100% fail rate. i have 400 mbps, Ethernet connected, ive contacted ISP they have told me they are all good but replaced my entire line from pole to house, through house to modem, they replaced modem and router all free(really nice of them). the issue sadly did not get fixed, i also noticed that i would get a norton notif every once in a while saying something like "intrusion attempt bocked" or "redirect blocked" keep in mind i will be on my desktop programming not running any other programs or surfing the web. i have norton 360 run scans daily and ive never caught anything. when i ran malware bytes it found 44 cases of malware. i removed them and then scanned the next day finding another 10 malware, i made sure not to surf the web or download anything during the 24 hour period to be sure i just wasn't being a fool and downloading malware. so i've come to the conclusion that perhaps norton just isn't finding a rat of some sorts, and someone has been throwing malware on my pc and norton only blocked a few download and redirects. Im curious if anyone has some thoughts on whats happening? also im very safe when it comes to the internet i don't goto 'FREE __" sites i don't download random stuff, i simply play TF2 on steam and code for work nothing more. i know this isn't the proper place to seek computer suport but norton won't help, isp can't do more, and im running out of options? norton support told me basically "well if norton doesn't find anything then you're fine; if we have a tech look at your pc it'll be 99.99" so knowing norton couldn't find the 44 malware to begin with i canceled my subscription out of hatred for their lack of support and came to the most tech savvy forum i know THOUGHTS? WIN 10 64 bit gtx 1050ti intel 8100 32gb ram 1 tb nvme. do pc stats even matter? idk but there it is

it started I think today morning, at the system boot a command prompt window opens for a split second and closes, then Forlumineontor.com popup opens on chrome, I didnt go in because ublock origin blocked it, but this is a cmd script thats causing this. I didnt have issues with virus for years because I used and still use a antivirus, the current one is Bitdefender Pro, which didnt seem to catch it maybe because it's a script? Apprantly it is common enough that there are multiple websites telling me to either change browser setting or download malwarebytes, one of em is https://malware.guide/adware/remove-forlumineontor-com-virus. Is there any way to get rid of it without downloading a seperate av? I've also noticed, cmd is on the task manager startup list, which it didnt used to before. I after I disabled it, the popup happned much later after system boot.

Hello, Yes, I am new here, yes this is my first post. I work as a cell phone salesmen at Walmart and EVERY single day I have elderly customers come to me saying their phone is messed up. Low and behold it's just adware apps. Phone cleaners/boosters/weird weather apps. You name it! Google has taken 0 action against these kinds of apps and the worst part is that if you download "Messenger Home" or "Weather Home" you'll get your home screen taken over by their "Home" GUI. And then it will make fake notifications appear such as "your phone is slow, download phone cleaner to clean up memory" etc. etc. Obviously it's easy to uninstall this stuff, you just boot into safe mode by long pressing the power button that appears on the screen after long pressing the physical button and then you're given an option to boot into safe mode so that only system apps necessary for android load. It also loads the phone in airplane mode when loaded in safe mode. This is only a problem with android phones for the most part. I've yet to come across a similar problem with iOS. Now these adware apps basically tell you to download app after app after app to the point your phone is slower than a snail. These apps also advertise themselves on all kinds of games and other apps. I've seen "Weather Home" advertised on the Avast anti-virus app! Part of me thinks that if you dig deep enough into this rabbit hole of app downloads, you might at some point download malware, a trojan, a virus, or all of the above. Here's a couple if someone has a burner phone or android emulator they'd like to test these on. DO NOT INSTALL THESE APPS ON YOUR DAILY PHONE AND/OR DAILY TABLET, YOU HAVE BEEN WARNED. Weather Home: https://play.google.com/store/apps/details?id=com.home.weather.radar&hl=en_US&pli=1 One Booster: https://play.google.com/store/apps/details?id=com.cleanteam.oneboost&hl=en_US Messenger Home: https://play.google.com/store/apps/details?id=com.myhomescreen.sms&hl=en_US Read the reviews on there. People keep reviewing how it takes over the home screen and does all kinds of hijacking while somehow still being allowed to be advertised as well as downloaded off the play store. There's obviously a bunch of fake reviews on there for the 5 stars. It's absurd and someone should definitely pick this up to report on. There are so many apps like this. Whether the LTT team picks this up or another tech reporting team picks it up is fine by me, I would just love it if Google would take action, as I have reported these apps multiple times for a year straight now and nothing happens.

Hi everybody, Recently, I've been visiting a forum for a video game called World of Tanks. But today, when I visited the website, I saw redirective advertisements and those ads that says "Someone wants to send you a message" ad on that forums. I knew it wasn't the forum because no video game developers or companies would put such advertisements on the website. It was strange so I had to ensure that it wasn't the website. To do that I got on my laptop that was only logged onto my other private account with sync off mainly because I barely use this laptop. Additionally, I asked my girlfriend to check the website and she didn't see any advertisements. But I wasn't sure if it was really my computer since I didn't install anything or downloaded anything at all. I may sound very overly-confident and arrogant but I do certainly know a bit about computers and encountered a lot of different malwares. I went on facebook and the redirective advertisement (otrwaram.com) would initiate whenever I click anywhere on the website. I tried to inspect element of how it got there but a right click would do the same. All the advertisements I mentioned began to pop up again. At this point, I knew something was injecting adware to my chrome. So, I just decided to check if it's just chrome to ensure it's just browser or some content settings or even cookies. However, when I used my microsoft edge to visit the same site, I had the same issue. I knew it was an adware. From my experiences, I just ran multiple adware removals and scans from different software companies. Malwarebytes, Bitdefender, ESET, all that you could think of. Only ESET Online Scanning Tool picked up two which took couple of hours and I thought that was it. I quarantined it and went back and realized the adware was still there. I got so tired of it and decided to reinstall my windows. After I reinstalled my windows using a USB, I got onto microsoft edge as soon as possible and tested the forum (forum.worldoftanks.eu) and nothing popped up. Well, I thought it was over. I reinstalled chrome, and first thing I did was check with chrome if that ad was still there. Brand new fresh chrome, didn't have an issue. I logged into my account and turned on sync since I wanted my bookmark and once I was finished and wanted to check for the last time, it was back. Now I knew where it was coming from but I wasn't sure. I logged onto my laptop again that didn't have my infected chrome account synced and decided to try the website. No ads. I used my mobile phone to test it, and there was no signs of redirective ads or pop-up or new tabs. So I realized it was my main google account that was infected. It was 4am in the morning, I couldn't get this sorted. I was stupid and I decided to plug in my USB to my computer (that was infected) and and reinstalled a new windows without even deleting/formatting my drive and there were two windows installed on a single drive. I ran the test again (going to the forums right after install) and the ads popped up. Realizing that there were two windows installed, I decided to properly install windows by deleting pre-existing windows and putting on only a single copy of windows on my PC. While it was installing, I doubted that the malware/virus would go into my USB assuming that it runs whenever I ran any browsers. When I installed again (only a single copy on the SSD) and ran the test again, the ad was there. I assume the adware got onto my USB or something. As I write this, I am just too tired to do anything and I reach out for help. I've thought of how it might not be an adware and my ISP having issues or something but I doubt it since my laptop was on the same wifi as my PC. I understand that this is very long and detailed, but detailed analysis deemed necessary to solve this issue. I would appreciate all the serious replies and helps. Sincerely,

I'm planning to reinstall windows just to completely remove adware. Now I know some type of viruses or malware won't be wiped out with reinstalling windows, but I was wondering if it can completely wipe out adware viruses since they aren't as extreme as viruses like ransomware. I also want to save a couple of files like steam games and stuff, because those are large and I have bad internet, can you tell me a couple of ways to save those files. Oh yeah, I almost forgot to mention that if you have encountered adware before and you were able to wipe it out without reinstalling windows, please, tell me what you did. I've tried removing the virus with bitefender and I've even removed it myself in regedit, but it keeps coming back possible because it's hidden in spots that I and anti-malware or anti-virus softwares cannot find. Thanks in advance. Edit: The virus is Winsnare or Winsapsvc, if you've encountered those exact viruses and you were able to wipe them out without reinstalling windows, feel free to tell me how to do it.

I've been having this problem for the past few days. I'm not sure how it got here but it seems like I have an adware. After some time, whenever I click anywhere on any page it opens a pop-up or it redirects me to a random page. What antiviruses I've tried: Malwarebytes, AVG, Avira, Avast, Bitdefender, HitmanPro, Adwcleaner. They surely found some viruses but even after scanning and re-scanning to be sure my pc is clean, the adware is still here. Last things I remember downloading before the pop-ups came are some gta v mods. One time when I clicked an youtube video, there were some random green blocks on the page, I don't know if this helps but I never encountered this. Any idea how can I get rid of it?

Yesterday unknowingly some application installed later I got to know the effect it was an adware I was frustrated over it then did a clean installation.. Of windows 7 after sometime (like when I linked the Google chrome to my google account) again the adware started working... I don't know what's happening. Can a account be lined to adware? Is it possible? I'm stuck can't do anything in this point and I don't know how to fix this annoying thing..

Recently i tried to download an uncommon gaming platform called "Just Cake". Its similar to Steam and Origin but allowed the user to play a few well know titles for free. As i downloaded the application my windows defender notification was popping up many times telling me that this application would cause problems to my PC and that it was a Trojan. Later i started to hear audio, so i checked my windows and none were playing any ads but then closed all of my windows and i still heard audio. For hours i have tried many anti malware applications including Malware bytes, Stinger, Superantispyware, and Avast. Some worked and some did not. The only 2 that worked was Stinger and Superantispyware. Both applications were able to delete most of the Trojan and malware but i still hear ads. Also i cannot open my task manager at all from the .exe file, from Ctrl Alt Delete, and from the taskbar. i have went into the gpedit and regedit but the task manager was already enabled. I have booted into safe mode many times and tried to repeat what i did there but i still hear the audio and cant open task manager. In my audio mixer there is an unknown application that shows up but doesn't play any audio called "vmxclient.exe". The ads have their own section in the mixer as well and shows up as a line of numbers. PLEASE HELP i have been at this for hours any thing will help. I do not want to nuke my hardrive!!!!!

I get a fake Windows popup that starts with "Critical alert from Microsoft.." It opens a new tab and spams popups, any idea how to fix this???? Thanks!

Hey everyone, over the weekends my friends came over and downloaded some weird things on my laptop and now whenever i google something on Chrome, it will say waiting for loadstart.biz. The strange thing is that it brings me directly to google. Is it tracking my data? And how should I remove it? I tried using adwcleaner, hitmanpro and mcafee internet security but none of them detected anything. I even reinstalled chrome, checked my installed programs and the registry but found nothing. Can anyone please help me?

Here is an additional reason to either not update your old (abandoned) Chrome Extensions or to maybe go back and clean them up and delete them. Basically, there appears to be a 'company' that is going around and purchasing Chrome Extensions that are abandoned or going into abandonment and rewriting them to turn them into adware. So far three known extensions that have had this happen are the 'Particle', 'Typewriter Sounds' and 'Twitch Mini Player' extensions. https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/ So if you do have or use extensions in Chrome and haven't checked on their status in a while, it may be a good idea to go back through and clean them up...

So, I (used to up until today) use Betternet VPN so that I could access blocked sites in college, but today when I loaded up my laptop I had adverts everywhere. I opened Chrome as a guest and they went. So naturally I disabled all extensions and enabled them one by one to find the problem. And to my surprise it was Betternet. If you look at the reviews in the Chrome Web Store everybody seems to be having the same problem so if you have it installed, uninstall it. I don't know whether it was intentional or whether they were hacked but until now they seem to have been reputable.

Been getting redirected like crazy, and thankfully MWBytes blocks the pages, but no matter what I've tried, I can't find the adware/virus. What can I do?

Dear all, I am experiencing an irritating issue which knowns as ssp.zryydi.com. It keeps popping up in my google chrome/safari. Is there an effective way to kill or remove it off? I have tried the Malwarebytes as recommended by some users online, and it seems not working.

Hey guys, I recently downloaded a program but with it apparently came some AdWare and every once in a while it keeps opening the same website which then refers me to a different ad every time. What can I do to stop this? I can't find out what is causing this, and I blocked the website in my Hosts File so the ads stopped appearing and scaring me with some crazy sounds. This is the website: http://www.addfleshitem.com/texasm I have googled the websites name but I couldn't find anything on it. Thanks in advance

The name itself is a terror! Researchers at security firm Compay called "CheckPoint Software Technologies" have uncovered a new malware that has allegedly affected over a million andoid devices upto this day, The attack campaign, named Gooligan, breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day. Gooligan strain has infected nearly 1.3 million Android phone since August. The threat seems to be in a subtle nature, but still pretty harsh, taken they haven't breached into personal private files & used it as ransom , it seems a more pure ad revenue oriented attack like a p.u.p or p.h.a , the primary focus of the malware seems to be a massive advertising campaign The module allows Gooligan to: Steal a user’s Google email account and authentication token information Install apps from Google Play and rate them to raise their reputation Install adware to generate revenue Once installed, the infected apps root the devices to gain system access of devices. The rooted devices then download and install a software that steals authentication tokens. These tokens allow the attackers to access the user’s Google-related account without having to enter a password. The tokens work with a number of Google services, including Docs, Gmail, Drive, and Photos. How does Gooligan work? The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device. Our research team has found infected apps on third-party app stores, but they could also be downloaded by Android users directly by tapping malicious links in phishing attack messages. After an infected app is installed, it sends data about the device to the campaign’s Command and Control (C&C) server. Gooligan then downloads a rootkit from the C&C server that takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153). These exploits still plague many devices today because security patches that fix them may not be available for some versions of Android, or the patches were never installed by the user. If rooting is successful, the attacker has full control of the device and can execute privileged commands remotely. After achieving root access, Gooligan downloads a new, malicious module from the C&C server and installs it on the infected device. This module injects code into running Google Play or GMS (Google Mobile Services) to mimic user behavior so Gooligan can avoid detection Below shown are the 2 examples of reviews left by users who were also found on the attacker’s records as victims User ! List of fake apps infected by Gooligan Perfect Cleaner Demo WiFi Enhancer Snake gla.pev.zvh Html5 Games Demm memory booster แข่งรถสุดโหด StopWatch Clear ballSmove_004 Flashlight Free memory booste Touch Beauty Demoad Small Blue Point Battery Monitor 清理大师 UC Mini Shadow Crush Sex Photo 小白点 tub.ajy.ics Hip Good Memory Booster phone booster SettingService Wifi Master Fruit Slots System Booster Dircet Browser FUNNY DROPS Puzzle Bubble-Pet Paradise GPS Light Browser Clean Master YouTube Downloader KXService Best Wallpapers Smart Touch Light Advanced SmartFolder youtubeplayer Beautiful Alarm PronClub Detecting instrument Calculator GPS Speed Fast Cleaner Blue Point CakeSweety Pedometer Compass Lite Fingerprint unlock PornClub com.browser.provider Assistive Touch Sex Cademy OneKeyLock Wifi Speed Pro Minibooster com.so.itouch com.fabullacop.loudcallernameringtone Kiss Browser Weather Chrono Marker Slots Mania Multifunction Flashlight So Hot Google HotH5Games Swamm Browser Billiards TcashDemo Sexy hot wallpaper Wifi Accelerate Simple Calculator Daily Racing Talking Tom 3 com.example.ddeo Test Hot Photo QPlay Virtual Music Cloud The security firm urges Android users to validate whether their accounts have been breached & try to limit downloading of non verified 3rd party apps to your android devices Check if You've been part of the Vulnerability over at there & entering you gmail id: https://gooligan.checkpoint.com/ Did someone say e-mail? If your account has been breached, the following steps are required: A clean installation of an operating system on your mobile device is required (a process called “flashing”). As this is a complex process, we recommend powering off your device and approaching a certified technician, or your mobile service provider, to request that your device be “re-flashed.” Change your Google account passwords immediately after this process. Android security engineer Adrian Ludwig said the team was working closely with Check Point to investigate the Android malware family and to protect users. Ludwig claimed there was no evidence data was accessed from the compromised accounts, adding that users would receive a warning when such a malware strain was detected on their devices. Sources: http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/ http://wccftech.com/1-million-google-accounts-hit-android-malware-gooligan/

Hi I’m trying to clean up my fathers laptop, it has been running really slow and I know there’s all sorts of malware on it, that I’ve been trying to remove. A lot of sketchy programs that have led to huge data leaks in the past, based on my research. So I’m running Bitdefender scanning for potential malware, and awhile into it I get this file that needs a password to scan? I know my father or anyone in the household that would even know how to do that, so what could this be? I’ve searched could be some sort of adware but idk... please help me with this shady file! I’m a noob

Every time i turn on my PC adware opens google link full of ads, could somebody show me the way of removing it or finding the infected file

Summary Apple accidentally gave notarization certificates to a piece of adware called Slayer (letting it run on Macs) but Apple found out and revoked Slayer’s notarization certificates. Quotes My thoughts I think this will make people more wary of Mac software and maybe question the security of Apple’s products. Sources https://www.wired.com/story/apple-approved-malware-macos-notarization-shlayer/

Hi, I really don't know what's going on with my phone. A few days ago, I've had problems with some adware pop-ups in Chrome which I couldn't close (always opened themselves again when I tried to kill them in the task manager). My phone started overheating. Even in idle it reached more than 70°C. According to the CPU-Z app only the "therm_zones" are that hot, the battery is actually cool at 30 to 40°C. I've used some removal apps and they found two malicious files. I don't remember the exact names but one of them was called something like "Android.PUP....." and the other one was "Android.Ad.Screen...." I thought that's it, just some stupid adware and it's gone. I was wrong. No matter how many times I restarted the phone it didn't cool down or got hot again after a break. Only when it's locked and not doing anything it will stay cool. As soon as I unlock it and e.g. read something in a browser or watch a YouTube video it gets really hot. So I decided to reset the phone. I've tried a factory reset in the settings, a hard reset in the Android bootmenu (wipe data factory reset). It just didn't help. My phone still gets that hot. So I've tried another factory reset. It didn't help. I've never restored any backups of course. I've also looked at the running services in the developer options but there's nothing suspicious. I'm pretty sure it's not physically damaged or anything else, since nothing like dropping that could've damaged it happened and the overheating problem started almost exactly after removing these two weird files. But I really don't get why it's still happening after multiple factory resets (which even reinstalls Android as far as I know). The phone can be used now but I'm worried about the temps and it's almost too hot to touch while using it, even with a thick cover.

so i got home from work and my friend was at my place, she tried to use her mac while i was at work but the wifi would not work and i know its not my router/modem thats the problem. anyway, she tried to hit restart and this came up: ''NASA logo in the right cornor with Arabic text or something like that, something not normal texting, and it was blurry. unfortunately i can't finde mye ethernet to mac adapter so i cant test with cable but the wifi does not work. this wierd nasa logo does not necessary has something to do with this but maybe. hopefully you guys can help, thanks

So I decided to startup GTA V and I was greeted with some nice ads, first in the Steam overlay web-browser then on the GTA V Launcher. It says "Powered By counterflix". I cannot figure out how to get rid of this. Also I do not trust submitting my password to login into GTA due to ads poping up when I press/hoover over the entry fields.

Hello, I have read a bit about Windows Game Mode, and am wondering what the consensus on it is. I assume very few people use it, but if any of you do, what are the main "benefits" of it? Is it even worth the trouble or do people just leave it alone?

So as I have stated in the thread topic I have 2 issues but they are separate from each other (for now.) 1 issue is I have some adware that MalwareBytes can't seem to find as I keep getting redirected to a Site called "quickprivacycheck.com/*" So far I have stopped the tabs from allowing the website to load and block before they can redirect to their extended webpage URL's the other issue I am having is one of my games "arma 3" is having memory leak or something when I load my server up. This started after I installed a mod. But even a clean install with a registry cleaner can't seem to solve this issue. any help is wonderful thanks in advance.

So, I installed a few apps outside of the Play Store, now I know why people avoid it. A few days ago ads were becoming persistent (drawing on apps, home screen, during phone calls, pretty much any time), and alarmingly able to download and prompt installation without my consent. The download shows up as just the built in "Download Manager" although I did not initiate it. The ads, when clicked immediately show up as "Package Installer" in processes. I can't seem to track the culprit down, because it uses system processes to download and prompt installation. I can't disable "Download Manager" and "Package Installer" either because they are system processes. I have a few suspicions and uninstalled them, but haven't gotten to the bottom of the situation. The ads are of chinese origin, usually UC Browser and other unidentifiable chinese apps. (FYI I don't speak chinese) Any methods of tracking it down? I would want a few suggestions before I start nuking. (Uninstalling every app, etc.) Thanks in advance.