It checkes other add ons, deactevate itself not to be detected, activates itself after 3 days when installed (undetected) and can thus see all activities and also carry out consents.
The worst thing is that this malware downloads personal data before encrypting your data to suppress you, otherwise it uploads your data to the Internet, making it worthless to restore a backup.
So be careful with your personal datas. I use safes and external storages for it. But I tell no news when I do so- surely.
Continuing from his findings, we managed to find many other extensions that were doing the same thing. These other extensions offered various legitimate functionality, with many of them being video downloaders for popular social media platforms. We initially learned about this campaign by reading a Czech blog post by Edvard Rejthar from CZ.NIC. He discovered that the Chrome extension ?Video Downloader for FaceBook?? ([b]ID pfnmibjifkhhblmdmaocfohebdpfppkf[/b]) was stealthily loading an obfuscated piece of JavaScript that had nothing to do with the extension?s advertised functionality. Continuing from his findings, we managed to find many other extensions that were doing the same thing.
ig tries to start when I’ve loaded Malwarebytes, but I don’t allow it to run but Malewarebytes still runs - and it doesn’t find any malicious software (sneaky backdoor software?) and no software finds anything. ig is said to belong to malwarebytes ( ? ) :
https://www.freefixer.com/library/file/ig.exe-300035/
What is ig.exe? - FreeFixer
What is ig.exe? ... ig.exe is part of Malwarebytes Scanner and developed by MalwareBytes according to the ig.exe version information. ... ig.exe is digitally signed by ...
https://forums.malwarebytes.com/topic/254313-malwarebytes-creates-multiple-ig-exe/
Malwarebytes creates multiple ig exe - Malwarebytes for Windows ...
2 Dec 2019 ... I found another thread which says IG is part of the new scan engine in Malwarebytes version 4 but why ... ID:1348374 ... As noted above, the ig-*.exe files are only temporary copies of the base ig.exe; used during scanning ...
As noted above, the ig-*.exe files are only temporary copies of the base ig.exe; used during scanning and as part of on-execution protection provided by the Malware Protection component. If you use the ‘Quit Malwarebytes’ option and look inside the installation folder (%programfiles%\Malwarebytes\Anti-Malware by default), you will only see a single ig.exe.
but—> attachment 2.jpg aus obigem Link
comodo’s advice: Do only run it if it belongs to your daily program (or if you trust it … or so). We do not advice so.
There are many unknown files but opening features they belong to comodo dragon, Windows - i’ll clear sandbox a.s.o. and will report.
Thank you.
So, these two are always available, belonging to memory compression (attachment 7.jpg)
But before cleaning the sandbox there were many of them (i.e. attachment 4 + 6)
I’ll uninstall malwarebytes to see if the “ig.exe” appears once more.
Just opened Malwarebyte and started scanning, in Killswitch appears ig.exe in red and is closed very fast again.
This folder does not exist: C:\Users\xxxx\AppData\LocalLow\IGDump\bxmjealphsczzvfimowvrhhalfiyqfnh\ig.exe and wether valkyrie nor virustotal can find the file.
If you still running into issues. computer slowing down, bsob, and so on OR IF your not sure
using the program will help narrow down your problem.
Farbar Recovery Scan Tool Download <----I recommend saving it to the desktop, that way the 2 log files will go there One is called FRST.txt and the other is called Addition.txt
Thats not acceptable. Can you post it in bug reports section. If they can fix it, they' will probably give you a patch for your machine so you don't have to wait for the next version to come out with the fix. Just an idea?
very curious about these browser extensions, is cfw has anything to do with they or is it chrome’s responsibility?
no test or demonstration. cfw able to block such things?