Jump to content

Possible Infection - Trojan.GenericKD.31067079 Generic.Malware/Suspicious


Mpit52
 Share

Recommended Posts

All,

I am having trouble finding/removing an infection from my computer. I noticed it the other day and have been battling it since. My primary AV is Bitdefender AntiVirus (Free) which logs constantly that it is blocking infections (example below) and I also have Malwarebytes Premium installed (post infection), logs attached. If I run full scans, including rootkits for malwarebytes, both scanners comes back clean but my BitDefender still reports that it is blocking infections all day long.  I have attached FRST, Additions and malwarebytes threat scan logs. Any and all assistance will be greatly appreciated. 

Bitdefender Log Example:

"Item was blocked. Threat name: Trojan.GenericKD.31067079. Path: C:\Windows\Temp\tmp00003cc\tmp\000001f1."

Addition.txt

FRST.txt

MalwarebytesRpt-12.27.18.txt

MalwarebytesRpt-12.27.18(2).txt

Link to post
Share on other sites

Hello  and
:welcome:

Please take your time.

 

I have attached A file I need you to download and save it to the same place that you saved the FRST program

Download attached **fixlist.txt** and save it to same location where the FRST tool is located.

NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work.
Close all browsers before running.

Double click FRST to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
 •Click the **Fix Button**.
 
•If you receive a message that a reboot is required, please make sure you allow it to restart normally.

•The tool will complete its run after restart.

When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please attach the Fixlog.txt in your reply.

Restart the pc and let me know how it's running now.

fixlist.txt

Link to post
Share on other sites

Well that was easy, Thanks! Initial state looks good but only time will tell. Prior to running the FRST with the fixlist.txt commands, Bitdefender would start to block files est 15-20 mins after a reboot. As of right now, things are looking good but I will follow up again after 5:00 pm today and once more tomorrow to verify. 

Would you mind telling me what was fixed/removed or what kind of infection I had?I would like to educate myself on the process and tools that you used. If there is an article or forum post already explaining FRST and how you use it, it would be interested in reading it. 

Thank you for your assistance. I will report back around the times listed above with updates. 

Fixlog.txt

Link to post
Share on other sites

Well that's a bit more concerning. If you were unsure of what the 'bad guy' was, how did you know what to disable/delete from the "fixlist.txt" commands? Concerns aside, the computer does not show any additional signs of infection. I will update once more tomorrow so that a full 24hrs have passed. 

Link to post
Share on other sites

Well that's a bit more concerning. If you were unsure of what the 'bad guy' was, how did you know what to disable/delete from the "fixlist.txt" commands?

Experience for one thing.

When items like that don't Google Search, it requires more searching.

I've never seen a driver named that.

Link to post
Share on other sites

Great Job

You're quite welcome. I'm happy to have helped, and glad this is resolved. As there are no other issues which need addressing we can now close this ticket.

Thanks for choosing Malwarebytes!

Peace Be With You


Help Secure your browsers

Please install uBlock Origin for your browsers.

uBlock Origin For Fire Fox, Chrome and Safari

https://www.ublock.org/

Opera

https://addons.opera.com/en-gb/extensions/details/ublock/?display=en

Edge

https://www.microsoft.com/en-us/store/p/ublock-origin/9nblggh444l4

AdBlock for IE

https://adblockplus.org/releases/adblock-plus-10-for-internet-explorer-released


Cryptolocker Ransomware: What You Need To Know

http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/

Tech Support Scams

http://blog.malwarebytes.org/tech-support-scams/#help

Seven tips to keep your PC safe

http://blog.malwarebytes.org/intelligence/2013/06/seven-tips-to-keep-your-pc-safe-this-summer/


LD Tate

Malware Removal Specialist

 

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.