Jump to content

Trojan Downloader for WinRAR - False / Positive Maybe?


Go to solution Solved by AdvancedSetup,

Recommended Posts

Hi all, first time posting

Logged on today & malwarebytes instantly popped up informing me that I had a potential threat- an item within winrar labelled as a trojan.downloader and named default.sfx. Got disposed of quickly and as it had an update, updated Malwarebytes. I've instantly ran a scan from both Malwarebytes Premium and Avast Premium and (although not finished) Malwarebytes has detected a PUP.Optional.Slimware located in C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2010.22653.0_x64__8wekyb3d8bbwe named Win32Bridge.Server.exe. I used TotalVirus online to check it and there's 0/72 for both the exe and the root folder. I didn't get a chance to scan the other one using TotalVirus as I saw the word Trojan, panicked and deleted it when it got quarantined. Is it possible they're both false positives or have I actually been infected? What do I need to do next, fresh install..or? 

 

Many thanks for taking the time to read this, 

ishemhazai

Link to post
Share on other sites
1 minute ago, ishemhazai said:

Hey mate, I just made a post about this exact problem. Not sure what I've done to trigger it but I got the exact same warning. Beginning to think it's a false positive, not sure why they pop up from time to time with seemingly no provocation though. Why now? Why not a few days ago? :P

 

this popped up for me after i  used winrar to unrar a log file from my own server so not sure how it is a trojan.

I did find that this has been an issue for winrar at least since 2013 when i found this post

https://support.pandasecurity.com/forum/viewtopic.php?t=5977

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.