Jump to content

mbytesamuser

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

250 profile views
  1. Forget to mention: Also scanned with Comodo Antivirus. Windows 8.1 (my computer came with win8 and then upgraded to Win 8.1 from the app store).
  2. Hello, I'm suspecting I have malware in my computer. Although I have scanned with MSE, Spybot S&D2, HouseCall, Emsisoft antimalware, MBytes AM, MBytes AR, ZoneAlarm, herdProtect, submited particular files to virustotal.com (and came up clean) and running RUBotted, nothing came up. Every scan was performed as deep as possible (full system scans, always updated before start scanning). The only things that once came up were some trainers for a game and a [PUP.BitCoinMiner and Trojan.BitCoinMiner]. Since I don't use those things (just tryied out), quarentined them. One thing I noted is that I have a log for a service (in windows event logs), called "Service1" wich starts everytime I startup my computer, but that "Service1" is not visible in the services list (neither in taskmgr, or services from control panel, or from comodo killswitch, checking scan for hidden services and hidden processes). I noticed that "System" was listening to port 1234, wich is a known port for subseven trojan. I started looking svchost.exe, ntoskernel.exe, services.exe, and so forth. Every time I ran a full system scan it came up clean. However, when I copied the files (svchost.exe, services.exe, ntoskernel.exe) to MyDocuments and scanned those files MBAM came up with something. For svchost.exe->Trojan.Agent, and for services.exe->Worm.Autorun. And the thing gets more funnier, if I copy the files instead to MyDocuments\scan (for example), the scans come out clean. Uploading the files to virustotal comes up clean aswell. I cannot find where does this "Service1" originates, neither what it does. Can you help me? Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.