Jump to content

sabzzz

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral
  1. soon after posting the op, malwarebytes shutdown, restarted , and said its up to date, so did the update install after all? should i still do the above instructions if it says its up to date?
  2. Its not being blocked anymore. Thanks for checking this out so quick.
  3. I launched this game through steam, Malwarebytes quarantines dowser.exe, preventing the game from launching. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/26/20 Protection Event Time: 7:46 AM Log File: aabaa7b6-b7a2-11ea-bc45-50465d64290f.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.955 Update Package Version: 1.0.26041 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 Malware.Generic.553257435, C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe, Quarantined, 1000000, 0, 1.0.26041, A0B209B78876D37720FA09DB, dds, 00780740 (end)
  4. I am using steam and downloading DLC for a game, and i keep getting website blocked due to trojan, I did a full scan and got nothing. Is this some false positive or a real problem?? I am very worried. Here is the report: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/27/20 Protection Event Time: 9:46 AM Log File: 5b5e0e0a-7031-11ea-9bb0-50465d64290f.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.859 Update Package Version: 1.0.21450 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Steam\steam.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: steam.naeu.qtlglb.com.cdn20.com IP Address: 157.185.146.129 Port: 80 Type: Outbound File: C:\Program Files (x86)\Steam\steam.exe (end)
  5. Thank you for getting back to me about the installer files. The rest of the problems look to be resolved, I am no longer receiving any block due to trojan notifications. So far, so good.
  6. So far I have no more blocking due to trojan notification after using both chrome and Firefox with syncing off, however i did get an outbound block due to phishing. I know my logs looked clean, but I would like to ask about this attached image. When I use Microsoft Security Essentials and it scans windows installer files, most have that chinese letter in the name, is that normal?
  7. Hello, I do not use and devices synced to the computer. I have done some browsing with Firefox and have had no notifications, Chrome has not caused any in over 48 hours either. I will turn Sync off and see how it goes. I would like to add that around a week before this issue started I had removed Trojan.StolenData via adwcleanr. It looked to have been successfully removed.
  8. In addition to the requested log I posted above, I would like to mention something odd I noticed when i did a microsoft security essentials scan. When it was scanning windows installer files, many of the names had an odd chinese character in the names. I believe my windows installer files may be compromised
  9. Here is the FRST log. I haven't used any other browsers enough as of yet to determine if this occurs with them. I will do some browsing using firefox and see if it happens then. It seems to happen a few times times over a 24 hour period, and only when I have chrome up. FRST.txt
  10. Yes, I have also repeated the uninstall and reinstall a second time
  11. I hate to say this but I have just received the notification again. I will attach a log notification.txt
  12. after the re-install I so far haven't gotten the website blocked notification, so far so good. If it starts to re-occur I will let you know. Thanks again for the help
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.