I am also getting TrojanDownloader:MSIL/Heracles.ARA!MTB
this virus and is not getting removed did you found any solution?
Trojan:MSIL/Heracles.MBAR!MTB cant remove
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
So i found this virus Trojan:MSIL/Heracles.MBAR!MTB, and each time I restart I cannot remove it, and It seems each time i restart it also reintalls itself somehow, and the affected items is my windows powershell.amsi: \Device\HarddiskVolume3\Windows$sxr-powershell.exe.
So how do i get rid of this virus? it also messes with my windows defender and sometime even disables it.
Windows for home | Windows 11 | Security and privacy
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
7 answers
Sort by: Most helpful
-
Anonymous
2024-02-04T10:58:46+00:00 -
_AW_ 67,926 Reputation points Volunteer Moderator2023-03-20T04:28:48+00:00 Hi sunny, please scan with Farbar Recovery Scan Tool (FRST), and I'll help you remove it.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
Run FRST as administrator, use default settings and press Scan. Two logs are created in the folder that FRST is run from, FRST.txt and Addition.txt. Zip the logs and share on OneDrive, Google Drive or any file sharing service, then post the share link.
* Note: If you are downloading FRST with Edge, smartscreen will initially block it.
Click on the 3 dots next to the warning and select Keep -> Show more -> Keep anyway.
-
Anonymous
2023-03-20T04:20:26+00:00 Also, when i ran the safety scanner it marked 4 files as virus, but in the end, it said my computer was safe, I'm pretty sure the virus named heracles modified the ending, as it does this is the other scans aswell. How do I fix this?
-
Anonymous
2023-03-19T23:41:26+00:00 Hello Paul,
Ive tried both and each time I start my computer it still sends a report saying heracles still is on my computer and even though I quarantine it each time, when I restart my computer it is always there. Do you have any other viable solutions that target the heracles virus directly?
-
Anonymous
2023-03-19T22:36:19+00:00 Hi sunny,
I'm Paul and I'm here to help you with your concern.
I will recommend that you try to use Microsft Safety Scanner or Malwarebytes to remove the malware.
You can download them from the link below.
-https://www.malwarebytes.com/mwb-download/thankyou
-https://go.microsoft.com/fwlink/?LinkId=212732
I hope this helps. Feel free to ask back any questions and keep me posted.