Antivirus detected a trojan on all browsers when entering 1 website JS:Trojan.Cryxos
Hey, so I'm running a bot that opens multiple chrome threads on a 1 specific website for a year + each thread with a different proxy.
a few days ago I switched proxy providers for the bot and now I see every time that the website gets opened whether it's by me manually on firefox/chrome/brave or by the bot, bitdefender detects an infected file with a trojan at the cache/temp folders
The torjan is JS:Trojan.Cryxos
when I open chrome and enter the website manually it detects it at this path:
C:\Users\user1\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache\Cache_Data\f_00026
when the bot enters the website it detects the virus at this path:
C:\Users\user1\AppData\Local\Temp\scoped_dir10244_1140512788\Default\Cache\Cache_Data\f_000004
To be clear: The website I enter is COMPLETELY SAFE in fact i have been using it for a year+ and I can enter it via any other PC or mobile phone without any anti-virus notifications
Bitdefender detects it as a virus on my PC only!
I tried deleting the cache and history and uninstalling chrome and brave which DID NOT WORK
Please help me understand what is going on!
Comments
-
Hello.
Do the following steps:
1) Restart PC in safe mode (https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234)
2) Open run command and run below command one by one:
temp ,delete all the files in the folder
%temp% ,delete all the files in folder
prefetch ,delete all the files in folder
3) Restart your PC in general mode by unticking the option that you selected to run the system in safe mode and then click apply.
4) Reset your browsers:
Google Chrome (https://support.google.com/chrome/answer/3296214?hl=en)
Mozilla Firefox (https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings)
Microsoft Edge (https://malwaretips.com/blogs/reset-microsoft-edge/)
Opera (https://browsersolution.com/reset-opera-browser)
Vivaldi (https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/)
Brave (https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default-)
(thanks to @mrmirakhur for the steps provided above)
Next, take screenshot(s) of the issue,
create a log file on your Windows device using Bitdefender Support Tool, by following these steps:
https://www.bitdefender.com/consumer/support/answer/1733/
and
create a log file on your Windows device using BDsysLog, by following these steps:
https://www.bitdefender.com/consumer/support/answer/1922/
Next, contact Bitdefender Consumer Support by e-mail:
https://www.bitdefender.com/consumer/support/help/
with short description of the issue.
After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.
Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.
Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.
Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.
You could also perform a scan with these FREE malware removal tools:
Kaspersky Virus Removal Tool 2020
https://www.kaspersky.com/downloads/free-virus-removal-tool
ESET Online Scanner
https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe
F-Secure Online Scanner
https://download.sp.f-secure.com/tools/F-SecureOnlineScanner.exe
Malwarebytes AdwCleaner
https://adwcleaner.malwarebytes.com/adwcleaner?channel=release
Regards.
1 -
I also got Application wscript.exe has been detected as potentially malicious and was blocked. Application path: C:\Windows\System32\wscript.exe Command line parameters: "C:\Windows\System32\WScript.exe" "C:\Users\parko\AppData\Local\Temp\Rar$DIa27340.33953\background.js"
0 -
0
