Jump to content

Search the Community

Showing results for tags 'backdoor'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 4 results

  1. Now this happened about 3 months ago I have long before reset my PC to windows 10 by now but for some mysterious reason my ABV.bg email has been repeatedly getting hacked every time! even tho last time I changed my password to be unique combination of 30 symbols and letters including the secret question and answer. Its still getting mysteriously hacked and at this point its obvious the information is being leaked from my PC so the trojan/keylogger/hijacker or whatever has not been removed even tho I did repeated Malwarebytes scans and I even scanned with Bitdefender in boot environment still no such luck! Yesterday I saw about total of 74 SVHOST.exe processes in my task manager and I don't wanna say all of them are viruses but I doubt windows needs that many processes to run! So something is definitely up here! As for the virus I had in February that hijacked my browser immediately after I found my email hacked I checked my Temp folder and what do i find multitude of unknown files scattered on about I put them all in a 7zip archieve in case I need them to be give them to a professional for analyzing etc! The hacker had even hijacked my wifi (I even found some chinese characters within the wifi app pointing at some access point in some chinese province) I am pretty sure so at this point I am not even sure if its DNS hijack or browser hijack...or whatever hijack the trojan just keeps appearing and this time he seems to be not leaving any files on HDD so I am not sure if its using fake windows processes or services I need to get rid of the malicious files before trying another clean system install... The FRST.zip logs I have provided are from Safe mode scan today in Windows 10 I included some older ones too from previous months! FRST.zip temp folder viruses package.7z FRST 09th-05 Logs.zip FRST 27th-04 Logs.zip
  2. Hey guys, Newbie here. I've run a Custom Scan on my machine because it was getting a bit slow and a Backdoor.Remcos was detected in the LIBCRYPTO-1_1.DLL file in an Intel Install folder (Scan report attached below, sorry, it's in French, I can provide translations if needed) . Have you ever had this file detected as a malware ? Is this a false positive ? Or has my machine really been infected by something ? I've quarantined then rebooted then deleted the file. I hope I won't suffer any consequences in the long-term.. What do you guys think about this ? Lichew. ------------------------------------------------------------------------------------------- -Détails du journal- Date de l'analyse: 27/03/2020 -Informations du logiciel- Version: 4.0.4.49 Version de composants: 1.0.823 Version de pack de mise à jour: 1.0.21452 Licence: Gratuit -Résumé de l'analyse- Type d'analyse: Analyse personnalisée Analyse lancée par: Manuel Résultat: Terminé Objets analysés: 610725 Menaces détectées: 2 Menaces mises en quarantaine: 2 Temps écoulé: 1 h, 53 min, 3 s -Options d'analyse- Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Détection PUM: Détection -Détails de l'analyse- Processus: 0 (Aucun élément malveillant détecté) Module: 0 (Aucun élément malveillant détecté) Clé du registre: 0 (Aucun élément malveillant détecté) Valeur du registre: 0 (Aucun élément malveillant détecté) Données du registre: 0 (Aucun élément malveillant détecté) Flux de données: 0 (Aucun élément malveillant détecté) Dossier: 0 (Aucun élément malveillant détecté) Fichier: 2 Adware.FusionCore, C:\$WINDOWS.~BT\NEWOS\USERS\UTILISATEUR\DOWNLOADS\FILEZILLA_3.47.2.1_WIN64_SPONSORED-SETUP.EXE, En quarantaine, 7449, 801535, 1.0.21452, , ame, Backdoor.Remcos, C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\ICLS\LIBCRYPTO-1_1.DLL, En quarantaine, 2105, 796212, 1.0.21452, , ame, Secteur physique: 0 (Aucun élément malveillant détecté) WMI: 0 (Aucun élément malveillant détecté) (end)
  3. Hi. So I have this problem that i notice when i visit Fancentro.com (NSFW) i get redirected to patriarchia.ru Fancentro.com is the only webpage that I have noticed this redirect. There is no other page that is effected. I have scan my computer with Malwarebytes Premium Trial manytimes with no luck. So I downloaded windows on another computer and made a USB Windows installer. Then i formatted my windows drive and installed a clean copy from the flash drive. When the new windows is installed the problem goes away for a day or so. Then I notice that my computer freeze up or act strange. Then when I go to fancentro.com again the problem is back. So this virus, malware or what it is manage to comeback everytime. On my last reset I did not visit any unknown trusted webpages so could not have gotten it again from the same location. Please help me solve this. Cheers. Addition.txt FRST.txt Malewarebytes.txt
  4. I am using the premium trial of malwarebytes for android. It found this trojan during a full scan and "successfully" removed it. However, this trojan constantly returns, as the real-time protection detects it every now and then. I have been running full scans over and over. Sometimes, it is clean; other times, I see android/backdoor.triada.n. I have located the folders, where the scanner detects the malware, and manually delete the folders; but whenever android/backdoor.triada.n resurfaces, those folder also comes back. Is this really malware? I do not even use the fire hd after a clean scan, but the malware eventually returns in detection.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.