Jump to content
Infernus

Can't delete virus named Osiris.dll

Recommended Posts

That is good.   Next, just a different scan using a check-tool from TrendMicro.   Just to get another opinion.

TrendMicro HouseCall scan

https://www.trendmicro.com/en_us/forHome/products/housecall.html

First, Download & Save to your Downloads folder the appropriate HouseCallLauncher

 

Once the download is complete, go to where the Housecalllauncher is saved & double-click it to start it.

The program will check with TrendMicro & do a update run.

 

Next it will show the Disclosure window.

Click Next to proceed.

 

The end user license agreement is presented.   Click the Accept radio button & click Next to proceed.

 

IF you wish a Full scan or a Custom scan, first click on the Settings

then you can select which drives you want to include in the scan.

The default is a Quick scan.

Click Scan now when ready.

 

The scan progress will then be displayed.   Monitor the progress or just leave it alone until it finishes this phase.

 

When the scan phase has completed, if any items are tagged, you will see a list, showing  the file & its location, the classification of the threat, the type, risk, and Action option.

If you see an item that you know is safe, you can click the Action  , and select Ignore.

When all done & ready, click the Fix now button.

Share this post


Link to post
Share on other sites

Scan done, found 1 threat process hacker 2, but I ignored it, since I use it program to detect malware too, and I know, that is safe.

Share this post


Link to post
Share on other sites

I have never heard of that "tool".   Who is the author / publisher ?

 

In any event, to this point, I have had no reports from a known security tool that shows "osiris" being on-board this machine.

Similarly, there is no scan that has confirmed any actual "virus" on-board.

 

The Microsoft Safety Scanner  is a free Microsoft stand-alone virus scanner that  can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Let me know the result of this.

The log is named MSERT.log 

the log will be at  C:\Windows\debug\msert.log

Please attach that log with your reply.

 

Share this post


Link to post
Share on other sites

Scan done, 1 trojan I guess removed. There is the name and the log, thanks :) 

irTool:Win32/DefenderTamperingRestore


 

msert.log

Share this post


Link to post
Share on other sites

Thanks for the report.   The line entry you cite is not unexpected nor unusual.  Most all third-party ( non-Microsoft ) antivirus  ( like BitDefender) will set the Windows Defender to off.   That line indicated that Windows Defender was turned off as the "anti-spyware".

That is normal condition.    There is no virus found here / no malware found here.   This is a good run.   There is no "trojan"

 

Share this post


Link to post
Share on other sites

P.S.  If over the next day or so, you happen to see some thing "osiris" then I would like for you to get a screen-image-grab.

Use the following how-to article  ( "take a Screenshot on Windows" )
https://lifehacker.com/how-to-take-a-screenshot-or-picture-of-whats-on-your-co-5825771

 

 

Share this post


Link to post
Share on other sites

Hello! 

I will takę a screenshot if osiris will reappear on my computer. Thank you for everything so much! :) Have a good day! 

Share this post


Link to post
Share on other sites

Hi.   I am very glad to know that your machine has not had a repeat appearance .     😊

Share this post


Link to post
Share on other sites

Hello, Malwarebytes detected Farbat Recovery Scan Tool as Malware.Al849850946, is this a false positive?

Share this post


Link to post
Share on other sites

Yes that is a f/p

Can you attach the log for that run ?

Secondly, make real sure that Malwarebytes is all up-to-date.   Start Malwarebytes.  Click Settings.

Look on the About tab.  Click the button "Check for Updates".

Share this post


Link to post
Share on other sites

Thank you.  The tagging of the report tool named "FRSTENGLISH"   as Malware.AI.849850946  is a False Positive.

The internal team at Malwarebytes has made correction to the definitions.

Just be sure that your Malwarebytes program is all up-to-date.

Start Malwarebytes,  Click Settings.   Look for the About tab.  Click the button marked "Check for Updates".

Sincerely,

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.