Jump to content

Recommended Posts

Hey appeared a trojan file which can't be found again with scans and does change the executable

CET / GMT +1
5/12/2023 @ 16:07
5/12/2023 @ 16:35

@16:07 it was svchost.exe

Category: Trojan
Domain: fp2e7a.wpc.phicdn.net
IP Address: 192.229.221.95
Port: 80
Type: Outbound
File: C:\Windows\System32\svchost.exe

@16:35 it was excel.exe
Category: Trojan
Domain: fp2e7a.wpc.phicdn.net
IP Address: 192.229.221.95
Port: 80
Type: Outbound
File: C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
 
Scanning again with MB doesn't result in anything.

But not finding anything and that the trojan changing the executable seems really strange.

How should I proceed?.

Right now I'm backing up my OneDrive, I'd love to keep this machine running as it is my daily driver for webdev.


Thanks in advance for any help guys!

cheers,
Charles

malwarebytes-1607.txt malwarebytes-1635.txt mbst-grab-results.zip

Link to post
Share on other sites

Please see this thread

Do a Check for Update using the Malwarebytes Settings >> General tab.

See this Support Guide https://support.malwarebytes.com/hc/en-us/articles/360042187934-Check-for-updates-in-Malwarebytes-for-Windows

When it shows a new version available, Accept it and let it proceed forward.  Be sure it succeeds.

If prompted to do a Restart, just please follow all directions.

Link to post
Share on other sites

  • Staff
Just now, NaomiY said:

Hi in this locked thread;

 

the staff member says it was not a false posative but based off a real detection that got cleaned up? for those of us that did get this message (and still have pings going to this server) is there any actions we should be taking right now?

Nothing more need be done on your end.

Link to post
Share on other sites

  • TeMerc locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.