TigerKing
Wise Old Owl
Most of the "steps" in this script tool I can do or maybe done by me in past.
Is it safe to run?
I like to try this on laptop.
Last edited:
Antivirus Guide & User Reviews.
Is it safe to run?
I like to try this on laptop.
TigerKing
Wise Old Owl
Okay
quicky008
Technomancer
This is what baffles me-the files are clearly malicious,otherwise they wouldn't have reappeared at their original locations upon reboot (despite having been deleted previously).And during startup i can see multiple instances of update.exe running in the background for no apparent reason-they disappear after sometime.I dont think any legit app would behave this way.
I wonder why none of the popular antivirus programs can detect them as malware.Even in virustotal,only one obscure av product called ikarus or something detects the update.exe as a malicious file out of several others listed there,which include some popular a/vs like kaspersky,eset and bitdefender.This is a major disappointment to say the least!!
Zangetsu
I am the master of my Fate.
Can you post the taskmanager screenshot running these malicious exe ? It could be the exe is being invoked by some other infected program/app.
SaiyanGoku
kamehameha!!
Post screenshot of details tab, go to the location of that exe and also check for its services.
Zangetsu
I am the master of my Fate.
Do you have a VM ? If yes then copy paste the exe you shared in gdrive and run it there. See if it spawns multiple exe in task manager.
I think something else is spawning the exe from a different location or the AV doesn't have the malware signature of it (may be a new one)
I think something else is spawning the exe from a different location or the AV doesn't have the malware signature of it (may be a new one)
TigerKing
Wise Old Owl
Try msconfig.msc find any running service other than microsoft. And disable it, related to that game.
And try removing those files.
Try uninstaller tools too. Specifically revo uninstaller. Uninstaller can serch for leftovers too. Try that feature.
Don't boot into safe mode yet, it may infect safe mode.
Try this too
And try removing those files.
Try uninstaller tools too. Specifically revo uninstaller. Uninstaller can serch for leftovers too. Try that feature.
Don't boot into safe mode yet, it may infect safe mode.
Try this too
*www.tenforums.com/tutorials/86975-program-install-uninstall-troubleshooter-windows.html
*support.microsoft.com/en-us/topic/...-removed-cca7d1b6-65a9-3d98-426b-e9f927e1eb4d
Last edited:
SaiyanGoku
kamehameha!!
*file-intelligence.comodo.com/windo... is known as,EXE to spread malware infection.
Use MalwareBytes to do a scan.
Zangetsu
I am the master of my Fate.
The malware infection might have been removed from the system. And it could be just a zombie process lurking there.
Perhaps the reason for not getting detected by Kaspersky/Bitdefender
quicky008
Technomancer
yeah the processes only appear at startup for 1-2 mins,and after that they disappear-probably they self-terminate as they dont actually have anything to do.
However the only strange thing is that they reappear at the same locations on my pc even after being deleted,which means that some entity is restoring those exe files back to their source folders which they originally infected and that does cause some concern.
However the only strange thing is that they reappear at the same locations on my pc even after being deleted,which means that some entity is restoring those exe files back to their source folders which they originally infected and that does cause some concern.
RumbaMon19
Feel Pain.
Imo you should now take your backup as soon as possible, before this starts encrypting your files and demands ransom or turn your PC into a botnet making it unusable and in some cases making data recovery difficult.
Last edited: