Yesterday i downloaded some program that removed all my items in Steam (i think you know what is it) So before the launch Avast tried to check it and didnt found anything.
Add this file pls to database =)
http://talk-one.net/ this is website. You can download the file there. Here is scan from virustotal.
Thanks.
http://www.avgthreatlabs.com/virus-and-malware-information/info/luhe-sirefef/
That is slightly worrying.
If it is Sirefef, go to a different computer and change everything for passwords (Social Media, Email, Banking etc).
Follow url=https://forum.avast.com/index.php?topic=53253.0]This[/URL] guide and attach MBAM (Enable the Rootkit Scan!!), attach Farbar and aswMBR,
Actually, it’s interesting.
https://www.virustotal.com/en/file/a1b5fc724cfc128a325d6dcc0861ae4518cc92310726f3b26191fe5dcbfbaef4/analysis/ ==> Latest of yours (The file name is different, SHA256 is the same, and that is what matters more)
The one I got from the site ==> https://www.virustotal.com/en/file/4be0aac1eeb8495cc2c9e2100a5bb77aed96db21285800acbfa9b5aa019c2a05/analysis/1419261837/
Please disable that link as well.
Ye i just tryed to redownload and seems like they fixed the link or the file. But anyway u have file info on virustotal so i hope u can do something with it.
Do you still have the original file? If so, upload it to www.wikisend.com and post a D/L link here.
Also, more importantly. Did you run the original file? If so, my guess is it infected you. If you did run the file, please see my first reply for a guide to become disinfected.
Also: Note, I do not work for Avast!. However, when a(n) AV’(s) detects the file, automatically, VT sends a report to all undetecting AV’s which includes the file.
No i dont have it anymore. I instantrly deleted the file after action. And i tried to redownload from my download history from tommorow and it’s not there aymore. So i think it’s not possible to find it, only if we will find any way to get it from VT, then yeah
Yes i runned it and this file making a trade to his account via browser. You can also see what he is doing on VT
HTTP requests URL: http://steamcommunity.com/ TYPE: GET USER AGENT: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; Valve Steam Client/1416350232; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.86 Safari/537.36 URL: http://steamcommunity.com/profiles/ TYPE: GET USER AGENT: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; Valve Steam Client/1416350232; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.86 Safari/537.36 URL: http://www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt TYPE: GET USER AGENT: Microsoft-CryptoAPI/5.131.2600.5512 URL: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt TYPE: GET USER AGENT: Microsoft-CryptoAPI/5.131.2600.5512 URL: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab TYPE: GET USER AGENT: Microsoft-CryptoAPI/5.131.2600.5512 URL: http://steamcommunity.com/tradeoffer/new/?partner=197992778&token=jCWsWNz6 TYPE: GET USER AGENT: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; Valve Steam Client/1416350232; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.86 Safari/537.36
I also added a report from Malwarebytes’ Anti-Malware program
FRST is the Main log needed.
Trojan.AimBot, C:\Users\ForTya\AppData\Roaming\Skype\My Skype Received Files\SAMP-Aimbot.rar, Quarantined, <== What is that? GTA Hack?
Ye that was gta hack but i just have a lot of gta hacks becouse im learning them and tryed to catch cheaters. It’s not actual in this point.
Cheat Clients = Bad Idea. Can you post us an FRST log? It contains no Personal Information.