Jump to content

BOOSTEDI5

Members
  • Posts

    10
  • Joined

  • Last visited

Everything posted by BOOSTEDI5

  1. That's interesting and never thought about it like that. The reason I was pretty sketched out about it is because Norton flagged this as Linux Mirai. The Mirai botnet was a huge thing back in 2016-2017 or whenever those guys took over all the IOT devices creating the huge botnet to do DDOS attacks and the like.
  2. I'm inclined to believe what gonzo mentioned after restoring one of files and then running it through this online scan tool. https://www.virustotal.com/gui/file/eed5983a5889a54d272dba8d2a640a204f3d3f43b430aa277a3d4ba9b0049462?nocache=1 As can be seen in this link only Norton flagged the File Thumbprint - SHA: eed5983a5889a54d272dba8d2a640a204f3d3f43b430aa277a3d4ba9b0049462as as potentially malicious Linux.Mirai. FYI for anyone else that likes to double check things.
  3. Hello, my Norton was also alerting me about this today at 10:13am MST. It alerted 3x for 3 Different files! One after another. I never told Malwarebytes to install Browser guard and don't care to use it. Especially after this warning! I was using LinkedIn in Edge where Browser guard installed itself somehow without my permission. I noticed the Browser Guard extension before and left it enabled but was curious how it was installed since I always told Malwarebytes to not install the Browser Guard tool. I went ahead and disabled the extension for now but this seems nefarious. Why would Norton flag these as a these Trojan unless they were actually matching some sort of virii signature? This was a high warning that shows up as a remote exploit tool. I like Malwarebytes but this needs a better explanation. Today at 10:13am. I'm guessing the OP was in EST zone? My file matched OP MD5 and SHA. Thanks norton-flagged-malwarebytes.txt
  4. I also haven't performed step 3 yet. I have attached the .txt file from AdwCleaner but haven't quarantined anything yet. Thanks again for any input! AdwCleaner[S00].txt
  5. Hello AdvancedSetup, I just got back to this today. It's strange but the last 3 or 4 reboots didn't come up with the zvprtsvr icon in my screen shot. However when I rebooted this morning after a Win10 patch their it was! I completed Step 1 (Nothing Found) Attached report. Step 2 (Found some software from Cyberlink that I paid for and use. I didn't quarantine any of Cyberlink's software yet but might decide to do that next. I attached the screen shot from the scan with AdwCleaner. Also, I checked the first entry from AdwCleaner PUMP.Adware.Heuristic is an empty/old folder. I haven't went to step 3 yet. Should I go ahead and proceed with that tool next? Appreciate any info on what I've provided so far! Best Regards malwarebytes-scan-120920.txt
  6. Thanks for your prompt response and excellent guide/info AdvancedSetup! I'm going to proceed with this later today after the full Malwarebytes scan I ran quite a few hours ago completes. Much appreciated!
  7. Hello, I'm rather perplexed about this strange process that shows up on my desktop in the bottom right corner. This is on my Windows 10 system. What's strange is I do not see any processes running with this name. I searched my entire registry for this and didn't get any hits. https://www.file.net/process/zvprtsrv.exe.html The genuine zvprtsrv.exe file is a software component of Zan Image Printer by ZAN. Does anyone have any suggstions on how I can prevent this from coming up? I just right click and chose close. I'm running the latest registered version of malwarebytes and Norton. I ran a full scan with Norton and it doesn't flag anything. I also used hijackthis and didn't see anything about this. Maybe I'm behind the times when it comes to the latest tools to detect any malware. I don't necessary suspect this is malware and don't notice my system acting strange. Appreciate any insight.
  8. The previous thread I noticed for this was closed mentioning a user was infected by this trojan prior to getting updated signatures from Malwarebytes. I'm happy to report that Malwarebytes did detect this Trojan! Here's what happened on my Win 7 SP1 64 bit system. 1st, I noticed ccleaner wasn't running anymore in my system tray or otherwise. I noticed it also wasn't showing up under add/remove for some reason? The folder for the software with all the files was still intact and had two executables. One was named 64 bit and when I double clicked to launch the software Malwarebytes popped up and flagged the file and quarantined! So, thanks for the save on this one! The only reason I launched the files was because the ccleaner blog said it didn't affect 64bit home users and was target toward commercial/industry. So, not sure why cclean professional I paid for downloaded the executable with the trojan malware? Must of been version 5.33.6162. Here's a screen shot from Malwarebytes log.
  9. Thanks for the link. I'll look into this again later when I'm @ home. Appreciate it.
  10. I'm not sure what this issue is but it has me concerned. I've seen a popup from Norton the last few days on my Windows 8 system showing a potential threat. Norton said the threat was removed and requires a reboot. Today was the 2nd one Norton has flagged. Both were randomly named .tmp files. I was going to try to restore the .tmp and submit to online virus scan engines. However, this last one isn't giving me the option to restore. I think if I reboot I might be able to restore the .tmp file so I can submit it for scanning. Norton flagged todays .tmp file as Backdoor.Pcclient.B. I looked this up from the Norton link and it's something that's pretty old (Circa 2006) but still has me concerned. http://www.symantec.com/security_response/writeup.jsp?docid=2006-071010-2417-99&tabid=2 Here's the screen shots I captured. Anyone else getting this or have any ideas? I might create a thread in Nortons community. I've always noticed in the logs that Norton and Malwarebytes DO NOT play well together but this is the first time I've Norton consider malwarebytes a trojan!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.