RedLineStealer spyware detected by Malwarebytes

Malwarebytes scanner and Malwarebytes anti-rootkit both detect spyware in the Quicken Windows executable (qw.exe) and in the Windows Registry value of the same name. Detected on November 2, 2020 in previous installation. Have reinstalled QW now. Has anyone else seen this spyware?

Answers

  • BK
    BK Member ✭✭✭✭
    No issue here.  I have paid/Pro version of MB that is always active and runs twice a day along with other security programs.  RedLine is a known spyware as you probably already know by now - very sorry this happened to you.  Your system has been infected thru some 'other than Quicken' means.  I recommend that you do not login to any place (as it is know for its password stealing ability among others), unplug your system from the Internet, don't plugin any USBs etc. and start the cleaning process.  Then uninstall Quicken and reinstall only when you know your entire machine is clean.  I also recommend that you research the cleanup topic (from another computer) and/or consult with a security expert to ensure a clean system.
    • Q Win Deluxe user since 2010, US Subs R32.12
    • I don't use Sync, Cloud, Mobile & Web, Bill Pay/Mgr
    • Techie, Win10 Pro x64 21H1
  • Ps56k2
    Ps56k2 SuperUser ✭✭✭✭✭
    Malwarebytes scanner and Malwarebytes anti-rootkit both detect spyware in the Quicken Windows executable (qw.exe) and in the Windows Registry value of the same name.
    Does it list WHERE on your system the - QW.EXE - is located ?
    Quicken Subscription - Windows 10
This discussion has been closed.