Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I downloaded a exploit for a game called roblox And its a trojan I need help!


  • Please log in to reply
37 replies to this topic

#1 hotoy16

hotoy16

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 06 August 2017 - 06:36 PM

I need help removing it it started today I downloaded it everything was working fine roblox was working after I runned the exe file of the trojan it started blocking my game from opening so I uninstalled my roblox game and tried too remove the file by deleting it but it didnt work my game wont install and the trojan is there ;-;

VirusTotal:      https://www.virustotal.com/en/file/67605cb81226cd6d95fb3ce683472d7ff37373e6274f827dce73b9b20bc2f731/analysis/1502054647/

 

Please help me :C



BC AdBot (Login to Remove)

 


#2 CyberSec_ET

CyberSec_ET

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Forestville California
  • Local time:09:58 PM

Posted 06 August 2017 - 11:59 PM

I need help removing it it started today I downloaded it everything was working fine roblox was working after I runned the exe file of the trojan it started blocking my game from opening so I uninstalled my roblox game and tried too remove the file by deleting it but it didnt work my game wont install and the trojan is there ;-;

VirusTotal:      https://www.virustotal.com/en/file/67605cb81226cd6d95fb3ce683472d7ff37373e6274f827dce73b9b20bc2f731/analysis/1502054647/

 

Please help me :C

 

Why on earth did you download an  explloit for Roblox? Are you trying to get better results in gaming. 

Downloading an exploit to a game you don't own is illegal.....



#3 JoshRoss

JoshRoss

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:09:58 PM

Posted 07 August 2017 - 05:36 AM

Well obviously it is illegal :D Otherwise, the amount of malware would be significantly lesser :D In any case, you can try the following solution and see if it helps you sort out the issue.

 
1. Check your Programs and features and see if there are any new recently installed programs that you don’t recognize. If there are, remove them.
2. Check your task manager for any suspicious processes, if found, identify folders and try to remove them manually. Or just "Win key + R" and type %appdata%. Afterward, delete potentially malicious folders.
3. Do a full scan with anti-virus software of your choice or use Windows Defender to clean up initial infections.
4. Scan your PC with Hitman Pro, Malwarebytes, and AdwCleaner. Multiple anti-malware solutions will confirm that the threat was removed.
5. Restart your PC in normal mode and do an additional scan to confirm that the malware is gone.
 
After that, your malware should be gone! Let me know how it goes! If it persists, we can try some more steps.


#4 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 07 August 2017 - 06:46 AM

Ok I will try this. :)



#5 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 07 August 2017 - 07:11 AM

Faulting application name: RobloxPlayerBeta.exe, version: 0.301.0.9144, time stamp: 0x597ab601
Faulting module name: RobloxPlayerBeta.exe, version: 0.301.0.9144, time stamp: 0x597ab601
Exception code: 0xc0000409
Fault offset: 0x00a0da99
Faulting process ID: 0x17a0
Faulting application start time: 0x01d30f75fc4ea6ae
Faulting application path: C:\Users\Silent\AppData\Local\Roblox\Versions\version-f38dd414d56d45f1\RobloxPlayerBeta.exe
Faulting module path: C:\Users\Silent\AppData\Local\Roblox\Versions\version-f38dd414d56d45f1\RobloxPlayerBeta.exe
Report ID: 9b5bfb36-6003-4ec1-ae17-e0711b26e6c0
Faulting package full name: 
Faulting package-relative application ID: 


#6 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 07 August 2017 - 07:12 AM

I got this in the event viewer it came up as a error for roblox application and When I run the game it just closes when trying too launch the game the launcher closes

 

 

UPDATE 1: I uninstalled avira free antivirus downloaded  Avast Premiere

 

UPDATE 2: I checked task manager nothing suspicious

 

UPDATE 3 : Im now scanning the pc with malwarebytes



#7 JoshRoss

JoshRoss

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:09:58 PM

Posted 07 August 2017 - 07:22 AM

Please stop launching the game over and over again, you are just generating more malware spread points, it is best to uninstall the game. If the issues persist, try repeating the same steps in Windows "Safe Mode" with networking.



#8 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 09:16 AM

Ok Bro I downloaded HitManPro I scanned it once It got like 426 threats it try too remove it but my pc went on a blue screen where hitman pro only had A Square - AND x I couldnt access my desktop or anything or open anything i press window key nothing happen im guessing a malware reacted and did this but after that i restarted and It Scanned again and there was only 4 malware and lots of tracking thing so it deleted all of them So Im guessing im done with hitmanpro so Im going too download and scan with malwarebytes now :)



#9 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 09:26 AM

ibb.co/fXAhuv

 

I tried too install the malwarebytes Application but I got this error Nearly at the end of the installation I pressed Ignore so it would continue but it installed i want too know if its something important ^.^

 

Picture shows error click on link.



#10 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 09:34 AM

Unable too start Cant connect too service. Malwarebytes error



#11 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 01:20 PM

I downloaded adw cleaner runner it scanned found 3 track thingy threats it removed it then it said you need too reboot too remove these malware I rebooted now internet has a X no Internet's avalible by internet I mean WiFi then when I login it just reloads my PC so I can't access my PC now can only turn on PC go to login screen login then it reloads my PC and it runs then goes toologin page again loop running windows 10 Intel 3 or 4 idk rest 64 bit HELP I am sending this from my android tablet vodaphone

#12 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 01:37 PM

New update Ijustgot into safemode with networking and I still have no WiFi but I MANAGED TOO LOG IN YES So I just logged in so it was a virus that's blocking me from loggin g in I need help now what should I do i n safe mode too fix my PC ?

#13 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 01:55 PM

I ran adw cleaner in safemode it scanned and to of free remained saw it then set said to reboot the laptop to remove malware so I did

#14 hotoy16

hotoy16
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  

Posted 08 August 2017 - 01:59 PM

this time after reboot it rebooted to the normal laptop I love so now I need too run malware bytes and scan I'm doing that now

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 08 August 2017 - 01:59 PM

If yon can use normal mode do so, if not use safe with networking

SKIP Tdsskiller

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users