Ask a new question

Trojan virus keeps on detected

First it was this prompt popping up ("C:Windows\System32\Startupcheck.vbs" failed because of virus or potentially unwanted software.)when i turn on the PC

then I read some threads, it says to download malwarebytes, then I run a scan with it, found some viruses, and I cleaned it, the "C:Windows\System32\Startupcheck.vbs" is gone, but now a Trojan warning report keeps on popping up from malwarebytes that says "website blocked due to Trojan"

here are the details of the warning report:

Domain : api.backend-app.com

IP address : 5.252.161.59

Port : 8880

Type : Outbound

File : C:\Windows\System32\wscript.exe

I tried to delete the wscript.exe file but it said it I cant delete it because it is from "TrustedInstaller"

|

Please run the Farbar Scanner and share your logs.

 

  • Download Farbar Recovery Scan Tool (FRST64.exe)

  • Rename FRST64.exe to EnglishFRST64.exe.

  • Run the program. Don't check or uncheck any options. Click "Scan".

  • Upload the two logs, FRST.txt and Addition.txt, to your OneDrive and share the link here.

 

(How-To: Share OneDrive files and folders - Microsoft Support)

 

Note: If Microsoft Edge or Chrome mislabels the Farbar Scanner executable as PUA/malware, choose to keep it by tapping  in the bottom bar, choosing Keep, and then choosing Keep anyway in the dialog that appears.

______________________________________________________________________________________________________
Ramesh, Windows Shell MVP 2003-2012.
If this post resolves your issue, pls mark it as an Answer.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

what in the scam is this

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Moderator note,
I appreciate you reporting the post you felt was suspicious, however the Farbar Recovery Scan Tool is safe and could be useful in this situation

Give back to the community. Help the next person who has this issue
by indicating if this reply solved your problem. Click Yes or No below.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated May 11, 2024 Views 62 Applies to: