jhj071389 Posted September 1, 2018 ID:1266932 Share Posted September 1, 2018 Two days ago my computer started running really slow, so i did a scan with Windows Defender and found nothing. So I ran malwarebytes and it found 2 Trojan.Roraccoon's. Went through the process like normal, select the two malware and click quarantine selected. Malwarebytes says it quarantined them but needs to restart. Restart computer and when i run the threat scan again they are found again. I ran FRST and attached the FRST.txt and affition.txt and also attached the export log of my last scan. Im hoping someone could help me please Thank you James FRST.txt Addition.txt report.txt Link to post Share on other sites More sharing options...
nasdaq Posted September 1, 2018 ID:1266972 Share Posted September 1, 2018 Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Remove this program in bold via the Control Panel > Programs > Programs and Features.CCleaner (HKLM\...\CCleaner) (Version: 5.45 - Piriform) Version 5.45 is compromised. Delete it and get the previous version.https://www.bleepingcomputer.com/news/software/ccleaner-v545-pulled-due-to-anger-over-usage-data-collection/ === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === After the restart if the problem persists with chrome execute this. Chrome Secure Preferences detection always comes back https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ =========== Let me know if the problem persists. fixlist.txt Link to post Share on other sites More sharing options...
jhj071389 Posted September 2, 2018 Author ID:1267057 Share Posted September 2, 2018 Hi Nasdaq, Thank you for taking the time to look into this for me. I uninstalled CCleaner through the control panel like you instructed but I decided not to reinstall it, don't know if that will effect anything but wanted to let you know. I downloaded the fixlist.txt and saved it to the same folder as where the Farbar tool is running. When I opened FRST a pop up opended that said Failed to update (4). I clicked ok and then clicked fix and waited like you said till it was done. It did require a restart, so I restarted it and ran Malwarebytes again but the trojans were still there. I clicked the link for Chrome Secure Preferences detection always comes back that you provided and followed the steps but it still persists. Fixlog.txt Link to post Share on other sites More sharing options...
nasdaq Posted September 2, 2018 ID:1267099 Share Posted September 2, 2018 Hi, If Edge is your default browser try this. Edge > May be a Syncing issues. Turn it off and leave it off for a day or two.https://www.tenforums.com/tutorials/36286-turn-off-sync-favorites-reading-list-microsoft-edge.html === Your may have to reset Edge. Reset, Repair or Reinstall Edge browser in Windows 10http://www.thewindowsclub.com/reset-microsoft-edge-browser-to-default-settings-in-windows-10 <<<>>> This may help also. Microsoft Edge: How to Clear Browser History and Cachehttp://acer--uk.custhelp.com/app/answers/detail/a_id/38047/~/microsoft-edge%3A-how-to-clear-browser-history-and-cache === If the problem exists in other browsers please advise. Link to post Share on other sites More sharing options...
jhj071389 Posted September 5, 2018 Author ID:1267771 Share Posted September 5, 2018 I have uninstalled all other browsers other then Edge and have turned off the syncing function and also have reset my Edge browser but still is showing up during my scans and is not being removed Link to post Share on other sites More sharing options...
nasdaq Posted September 5, 2018 ID:1267778 Share Posted September 5, 2018 Hi, Try to reset Edge, if no joy repair it. Reset, Repair or Reinstall Edge browser in Windows 10http://www.thewindowsclub.com/reset-microsoft-edge-browser-to-default-settings-in-windows-10 <<<>>> Link to post Share on other sites More sharing options...
jhj071389 Posted September 6, 2018 Author ID:1268061 Share Posted September 6, 2018 I first tried to reset Edge, followed all the steps and then rebooted my laptop. The scan still detected the 2 Trojans, so I tired the repair option. Followed the steps and rebooted the laptop and it is still detected by the scan Link to post Share on other sites More sharing options...
nasdaq Posted September 6, 2018 ID:1268068 Share Posted September 6, 2018 Please post the logs showing the 2 Trojans. Link to post Share on other sites More sharing options...
jhj071389 Posted September 6, 2018 Author ID:1268069 Share Posted September 6, 2018 I just ran the scan again and it found 6 malware now. So quarantined them and had to reboot. Rebooted, deleted them from quarantined, rebooted, rescanned and nothing. Thank you so so much for your help You were amazing. Thank you Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 20, 2018 Root Admin ID:1270457 Share Posted September 20, 2018 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts