SlimeMine349
-
Posts
14 -
Joined
-
Last visited
Posts posted by SlimeMine349
-
-
Got it! So, my question is was Trojan.Multi.BroSubsc an actual Trojan that gave backdoor access?
-
This is my log.
Spoiler# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https ://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-30-2023
# Duration: 00:00:08
# OS: Windows 10 (Build 19045.3086)
# Scanned: 32098
# Detected: 28
***** [ Services ] *****No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKCU\Software\APN PIP
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wlkyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wlkyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.Legacy HKLM\Software\Classes\Interface
PUP.Optional.Legacy HKLM\Software\Classes\Interface
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\
PUP.Optional.WinRepairPro HKCU\Software\win***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy Sprucemarks - fakeocdnmmmnokabaiflppclocckihoj
***** [ Chromium URLs ] *****
Adware.SearchDimension Search Dimension
Adware.SearchDimension Search Dimension***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.CyberLinkService Folder C:\Program Files (x86)\CYBERLINK\SHARED FILES\PLUGIN\NEWBLUE
Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\
Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall
Preinstalled.DellFoundationServices Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\
Preinstalled.DellSupportAssistAgent Folder C:\Program Files (x86)\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALIENWARE\SUPPORTASSIST
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\ALIENWARE UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
-
On 6/27/2023 at 5:15 AM, Berny said:
Please see screenshot below.
→ Click "View Scan Log File"
→ Save the TXT file
→ Attach the TXT file in your next postI still have the original report from the screenshot that started this thread that's in the ENC1 file extension, but it won't let me submit it here because the file type isn't accepted.
-
On 6/27/2023 at 5:15 AM, Berny said:
Please see screenshot below.
→ Click "View Scan Log File"
→ Save the TXT file
→ Attach the TXT file in your next postHi, in my original post that started this thread, the screenshot of my detection also showed that I disinfected and cured the Trojan.Multi.brosubsc.gen detection already. Do you want me to post a screenshot of a scan again but in Malwarebytes Adware cleaner?
-
On 6/25/2023 at 6:26 PM, Xeno2ig said:
I think that detection is Ransomware, but if your files arent encrypted your fine.
Your probably clean
If the detection is ransomware, and my files aren't encrypted, does this mean my detection was a false positive?
-
How do I get the TXT log? I don't see an option.
-
I'm using the application that I downloaded from here: https://www.kaspersky.com/downloads/free-virus-removal-tool. There is no path to the Reports from there. Can I give you my Log file?
-
Hi,
I never got any unwanted ads ever so that's what's really confusing me. Beyond unwanted ads, does the malware give backdoor access? That's my biggest concern. Attached below is the photo of my detection screenshot from logs.
-
Hi, thank you for responding. I couldn't find any other forum or discussion that talked about whether or not this detection is a false positive, adware, or an actual trojan? Since Kaspersky is the only one picking this up, I was wondering what it was really.
-
My antivirus software Kaspersky detected a file in the system memory that is called "Trojan.Multi.BroSubsc.gen". Is this a false positive or is this adware or an actual trojan? See the attachment below. Thanks!
Questions on Trojan.Multi.BroSubsc.gen
in Virus and Ransomware related questions
Posted
I cropped out the detection window, is that fine?