Jump to content
Kemasha

Cant Remove Trojan virus

Recommended Posts

Hello. 

Got trojan in PC and installed anti-virus and malwarebytes they removed but there is still virus. All files get hidden and makes shortcut as Excel.xls files also changes every reboot desctop and mouse settings. Here are AdwCleaner and FRST logs.

Addition.txt AdwCleaner.txt FRST.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled
Turn your System Restore ON  Windows 7 - immediately.
https://www.mcafee.com/enterprise/en-ca/downloads/free-tools/disabling-system-restore.html
<<<>>>

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Share this post


Link to post
Share on other sites

Hi,

The Restore point was not Created.

Download   Farbar's Service Scanner utility
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/
and Save to your Desktop.
If using Windows 7 or above, Right-Click on fss.exe and select Run As Administrator.
If using XP, double-click to start.
Answer Yes to ok when prompted.
If your firewall then puts out a prompt, again, allow it to run.
Once FSS is on-screen, be sure the following items are checkmarked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services
  
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.
===
 

Let me now of any other issues with this computer.

How is the computer running now?

Share this post


Link to post
Share on other sites

Installed Kasperski found malware (Hoax.BAT.Badjoke.Agent.x) and trojan (HEUR:Trojan - SMS.AndroidOS.Podec.a). If this helps also. 

Share this post


Link to post
Share on other sites

Hi,

Quote

Installed Kasperski found malware (Hoax.BAT.Badjoke.Agent.x) and trojan (HEUR:Trojan - SMS.AndroidOS.Podec.a). If this helps also.

Can you please post the Kasperski report.

I Like to know what file(s) we are dealing with.

Share this post


Link to post
Share on other sites

Hello. That computer not with me at the moment can send kaspersky report only tomorrow sorry.

Share this post


Link to post
Share on other sites

Hi,

The only file not deleted is the one in bold.

13.04.2019 08.58.21    Detected object (file) not processed    C:\Windows\System32\MY_DOCUMENT_FOTO.jpg.cmd    File: C:\Windows\System32\MY_DOCUMENT_FOTO.jpg.cmd    Object name: Hoax.BAT.BadJoke.Agent.x    Object type: Malware    Time: 4/13/2019 8:58 AM

Delete it.

If not found or the access is denied boot in Safe Mode and delete it from there.

Any remaining issues?

 

Share this post


Link to post
Share on other sites

Hello

Sorry for delay, deleted that 1 no changes. Installed new windows for now all good. Thanks

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.