Jump to content

_peace

Members
  • Content Count

    7
  • Joined

  • Last visited

Community Reputation

0 Neutral

About _peace

  • Rank
    New Member
  1. Couple of red flags as you had mentioned from both Smartscreen and hybrid analysis. https://www.hybrid-analysis.com/sample/3ea634ee60faeecf7a5c276573253db7c1b5a9c8a1b62cb9b61ba7ff210ea954 Just to be on the safe side, can you share the sha256 hash of the safe version and I will cross check it with mines?
  2. Yes, did all the steps manually as defined in the fixlist. So far so good, no reports till now.
  3. BTW the link for Adwcleaner is also broken. Atleast didnt work for me
  4. I looked into the steps and did manually. I just didnt want to loose browser history as I keep my "to reads" open. However cleared cache, tmp files, disk checkup(came clean), dism checks(came clean). Hybrid analysis for the dll came clean: https://www.hybrid-analysis.com/sample/c3af1c1bcaa1494ebd6229e6f8ff92fd5bd024667b5e5196b970f68114082fe3 Looks good so far today. But it still confuses me as to why svchost was reported. If it was some javascript triggered malware it should have been reported to be from the browser 🤔 Will keep an eye as the day passes
  5. Hi Maurice, thanks for coming back. Yes, remote desktop is disabled. My concern was almost all of the blocked attempts were outbound so I am still confused on which program is causing it.
  6. Yes, I already did these steps (reading previous threads with similar issues) and scans came clean from both defender and malwarebytes.
  7. Getting a lot of notifications for Trojan/Malware/Compromised/Riskware from svchost.exe. Can someone check and help? Logs from MBST attached mbst-grab-results.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.