Jump to content

Search the Community

Showing results for tags 'Trojan'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hi, This is going to be a long description so please bear with me. Yesterday(On 30th May 2022) at around 5 pm, I downloaded a software "GCleaner" which turned out to be a Malware app. I immediately disconnected my internet after I realised that it's a Malware. My anti virus didn't detect it earlier. But after some time, when I connected my internet connection, I started getting a notification from my antivirus saying "Threat secured, We've safely aborted connection on 104.155.207.188 because it was infected with URL:Blacklist" and my pc got into an unending restarting loop. It's stopped restarting when I deactivated my antivirus and disconnected the pc from internet. Then I searched for the malicious app in the control panel but it was not listed there. I searched on Google regarding this malware and found that it's probably a rootkit malware. I found some relatable posts in the community asking us to install FRST64, AdwCleaner, Malwarebytes. I installed all those apps and run FRST first and In the FRST and Addition files, I found that exactly at 17:07 some files were created in my pc which are highly questionable. I then ran Malwarebytes and found some malwares detected in my pc. I quarantined them and ran the scan once again. I didn't detect anything this time. After that I ran AdwCleaner and found out that there some PUP.Optional.Legacy Trovi.com virus in my Chrome browser. I tried quarantining them. I showed that the virus has been removed but when I scan again, I found out that it's getting detected once again. So, I had to manually remove it. After all these steps, I ran FRST again. But I found the questionable files were not removed. This time I tried removing them manually in the explorer. All but 2 of those files were removed. One of the file was 4y63267.sys and it was situated in the System32\drivers folder. This file is read and write protected so it doesn't delete even using cmd in safemode. Everytime I tried deleting, it shows Access is denied. I even tried TronScript, Unlocker and boot disks to delete it but this file isn't even detected there. Another file is in System32\Tasks\Service. Please help me remove these remaining 2 malwares. I am attaching all the latest scan reports here: Addition.txt FRST.txt Malwarebytes Report.txt AdwCleaner.txt
  2. Lately, I installed a shady .exe. My info was all stolen, but i have changed all my account passwords so I think I am fine currently. But lately like every 12 hours im getting a RTP detection like Riskware, Adware, Trojan. I need help.
  3. Hi! My name is Srijan. So, I got a little too excited and installed malicious game hacks months ago. After donwloading and installing 3< files. I realized what I had done. But I did not care at the moment i dont know why. I got hacked a few days after. It was just a simple attack but the malware added a malicious extension to my chrome. My instagram was hacked but the attacker only increased the number of people I was following. I just changed the passwords that day because I dont know why, I did not care. I got hacked again on november 21, 2021. Again, did not care and just changed my passwords. After a few days it hit me that I really did have a backdoor or malware in my system. Days and days I tried to find it and asked many tech specialists. I even installed Kaspersky's trial version and scanned but no results were returned. I at last cleaned my windows and installed it again with the media creation tool ISO.I installed my new antivirus and set up my computer completely. The sense of relief that there is no malware left in my computer was flowing throughout my brain. I connected my removable storage after I resetted my computer completely and then after a few minutes my google chrome resetted. All google accounts got logged out. It was not even the session expired thing. There was no sign left of my gmail accounts. I thought this was pretty suspicious and asked my mentor about it. He assured me that it was just chrome crashing and I had nothing to worry about. But i still needed answers. Why was no results returned in the scan I did in December when I am 100% sure I installed malware. What if the undetectable malware shifted it to my removable hard drive (which has a lot of important data so i cant format it) and now its back into my system. I would appreciate the help very very much. Regards ~ Srijan
  4. Hi everyone! happy new year! I hope you and your dear ones are safe! Long story short, today i installed Wargaming.net official launcher, Game Center. However, right after the download of World of Tanks started, Malwarebytes Premium blocked some IPs due to Trojans. I immediately stopped the download and decided to install and play the game directly through Steam. I guess the Trojan alert was caused by seeding or some kind of torrent p2p technology to deliver the game -and- malwares/trojans with it. googling here and there it appears NOT to be a false positive, as someone stated in an old thread these IPs spread 'Mozi Linux malwares' (I don't know what they are). However, what I'd like to know and what i'm asking you is : am I safe? I am genuinely concerned, and a bit paranoid too, that anything of these Trojans got into my pc and/or opened a backdoor, or scanned ports (the famous "port scanning") in my local network or router. I'm kinda tech savvy but not -that- savvy. I don't know... i run mbam premium and bitdefender total security. Did a run of both scans + adwcleaner and nothing is found. may I rest assured like nothing happened? thank you!
  5. This is happening to me too right now! if you have tips to remove this thing from my pc please reply P.S If you have this there is also a task running named RuntimeService.exe which is not a Windows file, this is the virus file, for me this takes up like 20% of the cpu...
  6. Hola buenas, Malwarebytes acaba de detectar un Troyano desde esta página cheatsguru.com y me aparece como que ya esta bloqueado. Se podrá eliminar? rtp.txt
  7. Hello so recently I installed a file heres the file: DavinciResolve17f (mediafire.com) this file is definitely a malware. So after installing this file i ran a exe in the file and windows defender detected a trojan but it couldn't do anything else after clicking on 'start actions'. The pc also became VERY SLOW so shutdown the pc and now im in safe mode. I tried many antivirus software but everything showed no detections. I have tried malwarebytes,sophos,kaspersky,avast,emsisoft. so what do i do now because whenever i boot into windows 10 normally its very slow and my pc is quite fast. So I dont know if i actually have a malware or for some reason the pc is slow. Ihave attached the FRST log files Please help me. Addition.txt FRST.txt
  8. Hi, I recently got some cryptocurrencies stolen in such a way that the attacker clearly had access to my Metamask seed phrase. Since I never entered my seed phrase anywhere, I suspect that a Trojan might be at play. While I was tinkering with Metamask in different browsers to set up a few honeypots and find the cause of the hack, a Malwarebytes popup opened with the alert seen in the attached file. It appears that there might be something related to Firefox classified as Trojan by Malwarebytes. My top priority right now is to definitely identify the cause of my hack, rather than remove it from my computer. This is a good lead, but how can I confirm that this is indeed associated with a Trojan? Thanks in advance.
  9. I'm used to buy car parts on this website, but now Browser Guard is warning me about a Trojan on it. I'm submitting the URL as required. sjmparts.zip
  10. Playing Path of Exile the last couple days. Upon loading into a new area or "map", I get either a Trojan or Malware event notification with a "Blocked Website" action. I've attached both logs and the executable that it's indicating. Nothing reported on my scan. It's only when loading into particular areas. Other area/map loads have no issues. Running application through Steam. Blocked action is consistent upon trying to enter the Tier 3 "Beach" map. PathOfExileSteam.zip poe mal.txt poe troj.txt
  11. I've been trying to remove a trojan and malware since last night. unfortunately after using the programs I left attached, "RTP detenction" notifications of both malware and trojans always arrive from malwarebytes. Yesterday I think I fixed also backdoor related problems, but they were already in quarantine and deleted. Sry for my english :
  12. Problem: Browser Guard is blocking a website I use daily: www.corjl.com. Background: Unbeknownst to me, corjl.com had some malware issue. On 1/10/22, I contacted them about being unable to access the website. They said they removed a malware threat from their website. It was removed from their staging site, but their main site had to update yesterday. They alleged the limited virus impacted only the Corjl website pages. Troubleshooting: I have tried clearing my Google Chrome Caches and rebooting twice. (I use Windows 11). I tried adding the web urls to the Malwarebytes Allow section and then the IPN addresses too. Unfortunately, as I would add IP addresses to exclude it would continue adding more pop up blocks with additional IP addresses. I tried updating and running a scan as well. It's a complete mess! Overall, I am unable to troubleshoot the problem. Can someone assist please and thank you?
  13. Lmaobox.net While it is a cheat vendor for a video game, it being marked as a trojan is simply wrong. The devs themselves expressed that those are false positives due to the nature of the cheat. If all cheating websites are to be considered malicious then why not throw in royalhack.net? It's a popular cheat vendor for far more popular games than Team Fortress 2. In addition, even when I add the lmaobox website to the exclusions list, it is still blocked. I am writing this post not to encourage cheating but because I want actual malicious websites to not be lumped in with morally questionable ones.
  14. I received a message in Messenger which read "It's you in the video?" and unthinkingly clicked on the link. I got a message saying "Video unavailable". I informed the sender and she told me she'd been hacked. The bad link address is https://x/y where x=6to.me and y=1crfJKiJTr I must find out what I'm dealing with here before I'll be comfortable using my laptop again. Any assistance would be greatly appreciated.
  15. As the title says MalwareBytes detected GTA5.EXE as a trojan.Im confused by this because i validated the game files and it says its a legtimate game on steam AND i ran a full scan and no threats were found.one thing that confused me was that the action was classified as "Blocked website" when its clearly the application files thats the potential problem here.What scares me the most about this is that after the "website" was blocked i got a bsod after called Kernel security check error,Now i dont know much about computers but im sure that Malwarebytes probably didnt cause it.To anyone who sees this thread please help as i dont know wether it actually blocked a dangerous website or not. P.S:the "Website" had no domain either and it seems it was connected somewhere in new york/new jersey where i live.
  16. Hey there, so my phone has been acting weird (especially play store) have malwarebytes installed running premium trial and nothing is found. But virus total app has found Trojan.Trojan.Dropper.AndroidOS.Hqwar.bb In Google partner setup, any ideas?
  17. Hey there, so my phone has been acting weird (especially play store) have malwarebytes installed running premium trial and nothing is found. But virus total app has found Trojan.Trojan.Dropper.AndroidOS.Hqwar.bb In Google partner setup, any ideas?
  18. A customer who uses malwarebytes told us that malwarebytes is blocking our website as having a Trojan. This website is created with godaddy, and we see no issues on our end. the domain is www.truerespite.com. Can you please review for unblocking? Thank you!
  19. Hello @Berkan This topic-thread is for Berkan only. You said that your computer has a trojan malware. I suggest this as the first step. There will be more to do later. This is not a one shot fix. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links & the how-to-run-the tool are at this link at Microsoft https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Look on Scan Options & select FULL scan. Then start the scan. Have lots of patience. It may take several hours. Let me know the result of this. This is likely to run for many hours ( depending on number of files on your machine & the speed of hardware.) The log is named MSERT.log the log will be at C:\Windows\debug\msert.log Please attach that log with your reply. To save attachments ( to upload ) please click the link labeled "Add Files". Then browse to where your file is located and select it and click the Open button. Please be sure to review your reply and attachment before you press the reply button.
  20. Dear all, I was wondering if anyone has come across this issue before? I am a bit worried and would appreciate the advice. I bought a wired mechanical keyboard from Amazon and plugged it into my laptop. It started acting a bit weird so I checked in device manager and saw that there was 3 keyboard drivers registered in the system, I updated them and no issues. One is for the built-in keyboard and the other for the new mechanical keyboard, but the other one can be uninstalled and it doesn't effect the other two's performance. Then I quickly ran some scans with Malwarebytes, Avast and Kaspersky's tdsskiller but nothing was detected. I even went into safe mode and ran a few scans and nothing showed up. About 5 hours later, I get a notification from Malwarebytes stating they've blocked a website (report as attached). Is it possible for a malware to be installed from a keyboard and if so, how can I delete it permanently? I'd like to keep the keyboard. Best wishes, Sarah Trojan Report.txt
  21. Hello Maurice, FYI my Windows 10 computer flagged this trojan, report from Microsoft Defender antivirus. Currently running MSERT.exe as suggested. Will report back when completed. The trojan was flagged when the PC was booting up, 2 things was happening on the desktop at that time. An update was being downloaded manually from https://www.hwinfo.com/download/ https://www.fosshub.com/HWiNFO.html pcupd.exe SHA-256 d81027ff1f97a1ead260d9bfe9dfb1e56fa15cc4411a0dcef8d6cce1a7c3cfec would you like the pcupd.exe in a zip? Cheers
  22. Hello and apologies if I have posted this in the incorrect place. I recently installed PyInstaller for Python and afterwards did a scan of my PC and the results showed two threats labeled as Trojans. I have attached the scan results (just removed my name from them, no other modifications). I have quarantined them for now but wanted to make sure they weren't false positives. I uploaded the two files onto VirusTotal and here are the results: pyinstaller-4.0-py3-none-any https://www.virustotal.com/gui/file/d08ba7024bf330aafc9c405966368c9755d69f00b0ac3dc9f7203407acb2b9f4/detection run.exe https://www.virustotal.com/gui/file/7ab9f7780fc2c4c634aa9cfd618afc406d2e82cac207ea833050e0a5808f5e2f/detection Are these files something to be worried about/should I keep them in quarantine or can I put them back? Thanks in advance! results.txt
  23. hello everyone, i want to keep this short so i have the same problem as this guy AdwCleaner[S01].txtAddition.txtFRST.txtSCAN.txt i downloaded IDM (internet download manager) from a shady website...etc...etc, so just like kevinf80 asked in this topic, i will attach the txt files here, thanks in advance!
  24. Attached is the Trojans And Malware that keep coming back, even after scans with windows protector and Malwarebytes and from putting these guys in quarantine/removing. I'd like to rid of these completely, they've been pestering me for almost a month now...
  25. I'm not sure if this is a false positive or what, but I'm having an alert when logging in to alibabacloud.com website. Attached is the details of the report and here is the image. Short history: 1. I'm a cloud developer, and I saw a suggested advertisement on Facebook about AlibabaCloud, offering free trainings and certifications. I'm sure it's legit because it has the verified icon in the name. Is it possible to get phishing / scam advertisement on Facebook? 2. I completed the registration but didn't continue because of the trojan alert. I'm also getting an email from alibaba-cloud.com. Upon checking their forum, emails should state the name of the receiver, but this email is using the generic "Hello all" as introduction. I also attached the email. aliyun.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.