Jump to content

Search the Community

Showing results for tags 'trojan'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 135 results

  1. Hello Everyone. I'm hacked with multiple hacking ways. A Malware infected to my Laptop with both svchost.exe and explorer.exe infection. I have deleted this for tenth times but its still downloading or creating itself. It was a hack tool for Point Blank (Its a online fps game). I downloaded it from www.sepok-cit.com . This site has too many good reviews and i believed them. Already I Tried a few ways to delte this sh*t from my computer but none of them worked. I TRIED: 1) Deleting its files (hidden files named as spoolsvc.exe , svchost.exe and explorer.exe) 2) Deleting it via regedit (from HKEY_LOCAL_MACHINE's windows and windows NT folders) 3) Killing it with RogueKiller 4) Deleting this with MalwareBytes 5) Deleting it with Kaspersky 6) Deleting it with Avast But none of them worked. I Tried also disabling Windows Update from services.msc . Its deleted in each steps i wrote but its reinstalling (or recreating idk what it does) itself everytime i reboot my laptop and SHOWING IN TASK MANAGER WHEN I LAUNCH POINT BLANK (game that i want to hack). POINT BLANK LAUNCHER is TRIGGER of it. Its origin location is Windows/Resources and Windows/Resources/Windows. PLEASE HELP ME. IM LOSING MY MIND!!!
  2. Hello, I ran a scan and Malwarebytes detected 9 threats at the begining. Then I clicked the Quarantine button and it said that 4 of these threats were ignored and the other 5 were quarantined. What sould I do next? Is this a bad virus? Here is the final report: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/17/20 Scan Time: 11:02 AM Log File: 17a468f4-3908-11ea-9c72-d017c2b7fe43.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.793 Update Package Version: 1.0.17836 License: Free -System Information- OS: Windows 10 (Build 18362.535) CPU: x64 File System: NTFS User: DESKTOP-J6OJK9Q\\u00ce\u0094\u00ce\u00ae\u00ce\u00bc\u00ce\u00b7\u00cf\u0084\u00cf\u0081\u00ce\u00b1 -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 279296 Threats Detected: 5 Threats Quarantined: 5 Time Elapsed: 6 min, 29 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{99BAFBB3-56F5-4DB6-ABE0-F09C6B6967E2}, Quarantined, 3879, 400549, 1.0.17836, , ame, Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OInstall, Quarantined, 3879, 400551, , , , Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{99BAFBB3-56F5-4DB6-ABE0-F09C6B6967E2}, Quarantined, 3879, 400551, , , , Registry Value: 1 Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{99BAFBB3-56F5-4DB6-ABE0-F09C6B6967E2}|PATH, Quarantined, 3879, 400549, 1.0.17836, , ame, Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Trojan.Agent.CK, C:\WINDOWS\SYSTEM32\TASKS\OINSTALL, Quarantined, 3879, 400551, 1.0.17836, , ame, Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  3. Ok, so I feel like I'm going insane. Like every third click on Chrome either gives me a Pop-up ( Usually something pornographic) or an add. When googling something, I receive a dozen of ads and sites which appear above what Im searching for. This is what I've tried to do thus far: *Run Adwcleaner *Run Malwarebytes ( And malwarebytes pro) *Run Spybot, and two others I dont remember the name of atm. *Boot in safe mode and repeat all of the above. *Went into Programs and Features to see if there were any programs I don't remember installing. *Checking google chrome extensions and afterwards reinstalling it. *I've tried disabling Pop-ups in Google Chrome settings, and got myself an extension called uBlock which is supposed to block pop ups. Feel like I've tried everything at this point. Please help!
  4. MalBytes keeps giving me multiple "inbound" and "outbound" trojan notices usually in "bursts" only minutes apart. Two of the most recent: -------------------------------------------------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/20 Protection Event Time: 12:24 PM Log File: 514d7710-2e56-11ea-8896-000272c7c0d0.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.785 Update Package Version: 1.0.17183 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 176.113.161.71 Port: 49161 Type: Outbound File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (end) -------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/20 Protection Event Time: 12:20 PM Log File: c88c3dd1-2e55-11ea-8ea3-000272c7c0d0.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.785 Update Package Version: 1.0.17183 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 176.113.161.91 Port: 49161 Type: Inbound File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (end) ----------------------------------------------------------------------- I have quite a lot more if needed.
  5. Hello. This file is getting reported by MalwareBytes as a virus, and the results of VirusTotal as well, but, people don't seem to mind it on forums, is it really a trojan or it's inoffensive? Normally cracks don't do this much suspicious activity. So i'm really on the fence if i'm being fooled or people really don't care. (https://www.virustotal.com/gui/file/2843bc660722205fb5aaedf41b73a3243f1c0880b90eba576e7b9ad54c06c437/detection) I can't tell, so, please, if someone could help me i would be grateful for it. OS Is W10 64 bits. BaldrSky.7z
  6. Hey Malwarebytes team/forum. Recently I've been receiving notifications from Malwarebytes saying that it has blocked an inbound connection. Great! that means it's doing it's job. Or at least until yesterday when i took an extra moment to see what exactly it was blocking. Upon inspection of the notifications i saw several from the steam gaming platform, and one from Nvidia container. yesterday i tried looking into this blocked connection that was using Nvidia and tried posting to the forum only to be blocked by the forum's spam filter, oh well. so i took it into my own hands and uninstalled Geforce Experience and manually removed the folder containing the Nvidia container inside the Nvidia corporation folder just to be safe since i don't use the features provided by Geforce Experience aside from the FPS overlay, then called it a day. That is until just now when i got another block this time in regards to another inbound connection this time using the program Spotify. now i'm familiar with both steam, nvidia, and spotify as one is my game client, one is my graphics card, and another is my music program. What concerns me is that the inbound connections are not associated with any site or host-name, only IP address. so i googled the IP address and a few results came back with china (minus one from a data center in Canada). each notification lists the program behind these inbound connections and the files location, all back to the actual programs .exe's. Bummer i was hoping for an easy uninstall of some fake programs. so after some digging i found that this time (the block using Spotify) the file location was located inside "WindowsApp" folder (which is permission blocked by "trustedInstaller" a default outdated windows process[from my understanding]). This concerns me even more and i really don't want to try gaining access only to accidentally break something. So now convinced that i in fact do have a Trojan and it is attempting to receive network communication via legitimate applications i have come to this forum in search of more professional help. Once the malwarebytes scan is finished i will attach the result of the malwarebytes scan, the Adware cleaner scan, the Frst.txt / Addition.txt, and the Notifications (in .txt) from malwarebytes. Then i wil submit this post and hope that the weirdness yesterday with the forums spam filter is done. FRST.txt Addition.txt AdwCleaner[S24].txt scan export.txt notifcation.txt notifcation(1).txt notifcation(2).txt notifcation(3).txt notifcation(4).txt notifcation(5).txt notifcation(6).txt
  7. Hi, my laptop ran into a problem earlier today where it turned off by itself and was not turning back on for a couple of minutes. When I finally turned it back on I clicked the start menu and pressed the power button and it displayed that "there are no power options available". I also noticed that I could not access task manager and a error would pop up saying "task manager has been disabled by your administrator". I watched some youtube videos and fixed the power options problem but I had to download malwarebytes to fix the task manager problem. I ran a scan and it quarantined PUM.Optional.DisableTaskMgr. Now my problem is that when I visit most sites I keep getting a notification that a website was blocked due to trojan. The event is RTP Detection, event details is Trojan, action is blocked website, and location is 5.2.79.140 (See attached images). This occurred over 15 times in the past hour and I do not know how to solve it. I wrote the first paragraph because I am not sure if it had any relation or impact to the problem I am having now.
  8. I just built my new PC a few days ago and i went out of my way to buy all new components except my GPU which is second-hand. I scanned my system with malwarebytes and got a lot of adware and two Trojan bitcoin miners that are located in my registry. My problem is that after every scan i get the same malware so it seems that quarantine doesn't help. I tried locating them manually with RegEdit but i cant find anything. I watched a lot of videos on my issue and all of them suggest using Task manager and MSconfig (for startups) but there is nothing out of the ordinary. If anybody can help i i would be really grateful. Thanks in advance! -Strahinja I have provided pictures of my search history.
  9. Hi. My Microsoft Security Essentials Scan found Occamy.B this morning! I used Security Essentials' delete function to remove it but I'm worried the virus is still kicking around my drive. I did some malwarebytes scans after that but they didn't catch anything. I noticed a few posts here where the experts suggested using Farbar Recovery Scan Tool to create a log. So that's what I did. Here's that along with the Addition.txt file from the scan. Any assistance would be greatly appreciated! FRST.txt Addition.txt
  10. Windows 10 user on a Dell laptop I'm not sure what infections I'm into. I certainly have a trojan by the name Win32: Apanas (I also saw the name rootkit in a few infections) that has affected multiple files mostly of.exe throughout my system. The alerts of infections are never ending. I'm using Avast Antivirus. I downloaded and ran a scan of Malwarebytes which gave me a report that I'm attaching below. Can anyone please help me through this? log.txt
  11. Hi, Good day to all. Four days ago, my pc windows defender/windows security was detected Trojan:PowerShell/PsInjection.A as severe threat, example as below: I have scanned through Malwarebytes, but no virus detected. Report as follows: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/10/19 Scan Time: 12:52 PM Log File: d37b26f4-eb19-11e9-a05d-98eecb7ba763.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.627 Update Package Version: 1.0.12833 License: Free -System Information- OS: Windows 10 (Build 18362.418) CPU: x64 File System: NTFS User: DESKTOP-7ICM204\User -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 404571 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 53 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As I have read from the forum, I have downloaded FRST64 and scanned, the FRST.txt and Addition.txt are attached as follows: Addition.txtFRST.txt Hope that anyone can help on this matter. Thanks in advance! Best Regards, SHT
  12. Aww man, i got a trojan. Trojan:Win32/Azden.A!cl Windows defender says it is severe, and it says it may not be fully removed, even though ive deleted the file. I've tried a malwarebytes scan, but it says im all protected. I want to be 100% sure i dont have it. its in C:/Users/(my name)/downloads and then after that, the infected files are there, windows defender says, even though ive already deleted it and it doesn't appear.
  13. Help Please i cant get rid of this Trojan:Win32/CoinMiner I have tried Malwarebytes installed it tried to run it and as Admin as well but it kept saying not able to connect to server I tried the work around by renaming and all the other ones still it will not work any help would be great to get rid of this Trojan:Win32/CoinMiner Kind Regards Primaxuk
  14. Hi, The attached image is the popup I get whenever I open a new tab on chrome. The IP and port change every time, but the domain stays the same. Occasionally it also pops up whenever I click something or just randomly. It has labeled chrome.exe as the file of interest. Running a threat scan reveals PUPs that are in C:\Users\....\AppData\Local\Google\Chrome\User Data\Default and other paths within chrome. When I quarantine them, it shuts off chrome. How do I get rid of this?
  15. Seems like I have the same issue as topic - 231920-trojanwin32fuerybcl Malware bytes does not detect the virus\trojan, and every time I delete it from registry, startup menu and romaing directory it keeps coming back. It creates files in romaing directory - different names, different dlls, the different exe files are always signed microsoft files. I want to try the solution you suggested in the topic above - but from where can I get the relevant fix list? Thanks, AyaFRST.txtAddition.txt
  16. Please, tell me how to get the Malwarebytes log because i don't know, i get into the folder in program data and i don't see any log file showing what my actual problem is. Malwarebytes keeps spamming this everytime i have deluge on: An IP is being classified as a trojan and i don't know what is causing this because in Deluge i have no active torrents nor any activity of downloading. So what is the problem?
  17. Hi Chris and Maurice! As you may have noticed I am in fact not the original post-er (Chris), but I have a similar if not exact same problem I've got Malwarebytes blocking saltjs.01bd.ru and it seems to have attached itself to Chrome and a gaming program I use called "Parsec" It also appears that I've got something called Mail.ru, I'm not sure if this thing is related but I have tried multiple times to remove it with Malwarebytes As you may have sees, and as I have mentioned before, I believe this is a very similar problem to Chris's, therefor I followed the steps you (Maurice) have posted, so here is the attached log file. -Dezza mbst-grab-results.zip
  18. I used MalwareBytes to remove the viruses that windows defender couldn't for some reason but the website blocked is still popping up.
  19. I have a virus and I cant seem to find it. Help Please!
  20. I'm having the same issue. I've attached my log files.mbst-grab-results.zip
  21. Been given a laptop by my panicking friend after he downloaded an avi but discovered, after running it, that it was a shortcut... He has since deleted the file from his drive. MBAM Premium detects nothing. He says active protection layers were on at all times. Has he been infected? Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 04/07/2019 Scan Time: 19:34 Log File: 4a4f6cf4-9e8a-11e9-9319-8c1645a9006c.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.613 Update Package Version: 1.0.11408 Licence: Premium -System Information- OS: Windows 10 (Build 17134.829) CPU: x64 File System: NTFS User: DESKTOP-IHDBS8F\Martin Bennett -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 292849 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 3 min, 0 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) Addition.txt FRST.txt
  22. Keep getting blocked website Trojan ip address 5.39.221.54 and worm ip address 185.244.25.194 , with multiple port ranges
  23. Hello, I have scanned my laptop with Malwarebytes, recently. It ended up showing several PUPs and this Trojan.LNKHijacker.ClnShrt as well. It moved them into quarantine, deleted them and restarted my laptop. It's ok until I'm still without internet connection. When I turn my internet connection on and start scanning, it finds it again with these PUPs. It shows that they are somehow connected with chrome browser, even though i have already deleted the chrome browser. Can you help me, please? Can you provie me with some advice, which can solve this problem? Thanks, Sicko
  24. First message at 5:48 pm yesterday, then every hour starting at 5:53 pm I have been getting hourly popups from malware bytes that trojan has been blocked. It doesn't matter if I have a web browser open or not. I am not noticing any system slow downs, redirects, or unusual popups Below is the export of the first warning, they all reference site svc.stonewash.co Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/13/19 Protection Event Time: 5:48 AM Log File: d1f50c41-8dc8-11e9-b206-902b34d3d290.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.11032 License: Premium -System Information- OS: Windows 10 (Build 17134.829) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: svc.stonewash.co IP Address: 195.22.26.248 Port: [49704] Type: Outbound File: (end)
  25. My headsets stopped working when i removed a malware from my PC. I clicked on restart via malwarebytes for the removal process to be finished and then my PC frose on the blue screen where it says restarting and then i turned the PC off and turned it on again. But once i did my PC had remove my headsets software drive and also out of nowhere my device driver was not working properly and the troubleshooter didn't detect anything. I need help pls someone help me and also this happend to my gaming headset directly after the restart and also now i have no malware left or any threat or virus but i watched YouTube and try to see solutions and not any solution worked. So pls I need someone in Support & Help to help me because no YouTube videos could help me and also pls contact me as fast as possible or comment if you know a solution. (i have checked for update drivers for my specific headsets if didn't even have any)
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.