Jump to content

MalwareBytes Detected a trojan injector


Go to solution Solved by Maurice Naggar,

Recommended Posts

Thanks for doing the Sophos scan.

If you must do necessary work on this pc, like school work, that is OK.

Lets hold off about rebuilding Chrome. That is a quite involved process.

Let me suggest this other scan.

You can use the built-in Microsoft Antivirus which is Windows Defender to scan the system. A good way to do that is by using its Offline scan option.

Click the Windows Start menu button on the Taskbar, select Settings icon. Then choose Update and Security.

 

In Windows Settings >>> click on Windows Security from the left side list.

 

Next, In Windows Security section: Click on the grey button Open Windows Security

Now, click on the shield Virus and threat protection

 

next click on the line in blue Scan options

 

Look down the options list. Tick on Microsoft Defender Offline scan.  

Then next, click the grey "Scan now" button.

                                            

and let it scan the system.

When it reboots the system, please just login with your regular login-account.

Have patience during the scan run.

 

Keep in mind that the design and what is scanned by Windows Defender is a whole different design from Malwarebytes. But do let me know how this scan goes and what the result is.

Link to post
Share on other sites

  • Solution

The Offline Defender scan runs fairly quickly. It typically does not do a screen display of the results.

Let's do what follows to run the Windows System File Checker & do cleanup.

The script Fixlist.txt  needs to be saved to the same folder that contains FRST64.exe   /  you have yours saved on Downloads

 

The custom script on this post is ONLY for this machine and NO other.   

Please be sure to Close any open work files, documents,  any apps you started yourself  before starting this.

 

If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached,  please disconnect any of those.

The system will be rebooted after the script has run.

 

Please save the (attached file named) FIXLIST.txt   Downloads folder

 

Start the Windows Explorer and then, to the Downloads folder.

 

RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run   the tool. If the tool warns you the version is outdated, please download and run the updated version.

IF Windows prompts you about running this, select YES to allow it to proceed.

 

IF you get a block message from Windows about this tool......

click line More info information on that screen

and click button Run anyway on next screen.

 

on the FRST window:

Click the Fix button just once, and wait.

 

PLEASE have lots  of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.

If you receive a message that a reboot is required, please make sure you allow it to restart normally.

The tool will complete its run after restart.

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

 

Please attach the FIXLOG.txt with your next reply later, at your next opportunity   

 

Please know this will do a Windows Restart.   Just let it do its thing.  

Do let me know how things are overall,  after all this.

Fixlist.txt

Link to post
Share on other sites

Thank you for the report. The run is very good.  The Windows SFC System File Checker result is all good.

.

I would like you to run a tool named SecurityCheck to inquire on the current-security-update  status  of some applications.

 

Download SecurityCheck by glax24 from here  https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe

and save the tool on the desktop.

If Windows's  SmartScreen block that with a message-window, then

Click on the MORE INFO spot and over-ride that and allow it to proceed.

This tool is safe.   Smartscreen is overly sensitive.

Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward

Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.

You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

Link to post
Share on other sites

Yea I have mcafe, it came installed on this computer but it expired. I got a trial for 30 days with ESET, and ok I will go update zoom; I'll uninstall the other anti viruses that I dont need. Is that all? Is my PC clean now :)???

Link to post
Share on other sites

Uninstall the McAfee & then Restart the pc.

Having more than 1 antivirus does lead to deadly conflicts.

ESET is a excellent A-V.

.

Use this tool after you have uninstalled McAfee.

Get and use the McAfee  Consumer  product Cleanup tool     MCPR

Use the how-to-guide on this McAfee page

https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s55728c97_466d_4ddb_952d_05484ea932c6/Page29.jspx

 

Follow the section with the title   Method 2: Remove using the McAfee Consumer Product Removal tool (MCPR)

.

Your pc should be good to go.  On next round, I will guide you on cleanup of tools we used.

 

Edited by Maurice Naggar
Updated link for MCPR
Link to post
Share on other sites

  • 3 weeks later...

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.