RedLineStealer spyware detected by Malwarebytes

Malwarebytes scanner and Malwarebytes anti-rootkit both detect spyware in the Quicken Windows executable (qw.exe) and in the Windows Registry value of the same name. Detected on November 2, 2020 in previous installation. Have reinstalled QW now. Has anyone else seen this spyware?

Answers

  • BK
    BK Member ✭✭✭✭
    No issue here.  I have paid/Pro version of MB that is always active and runs twice a day along with other security programs.  RedLine is a known spyware as you probably already know by now - very sorry this happened to you.  Your system has been infected thru some 'other than Quicken' means.  I recommend that you do not login to any place (as it is know for its password stealing ability among others), unplug your system from the Internet, don't plugin any USBs etc. and start the cleaning process.  Then uninstall Quicken and reinstall only when you know your entire machine is clean.  I also recommend that you research the cleanup topic (from another computer) and/or consult with a security expert to ensure a clean system.
    - QWin Deluxe user since 2010, US subscription on Win11
    - I don't use Cloud Sync, Mobile & Web, Bill Pay/Mgr

  • Ps56k2
    Ps56k2 SuperUser ✭✭✭✭✭
    Malwarebytes scanner and Malwarebytes anti-rootkit both detect spyware in the Quicken Windows executable (qw.exe) and in the Windows Registry value of the same name.
    Does it list WHERE on your system the - QW.EXE - is located ?
    QWin Deluxe Subscription - Win10
This discussion has been closed.