Jump to content

sysWOW64 Powershell Trojan Help Needed


Go to solution Solved by Maurice Naggar,

Recommended Posts

It's a laptop. I could be wrong about the hdd, but ever since it was dropped, it has been slow and laggy.

I did a clean boot, but it didn't do anything. Was still getting 100% disk at startup and when opening anything. I tried twice. So I ran check disk with the f parameter, and again, no change. So then I ran check disk with the r parameter, and it seems to have done something. It hit 100% on startup, but quickly went down to normal. Thanks a lot for that.

So, it's all clean? Is there anything else I should do to be 100% sure there's no malware?

Link to post
Share on other sites

I had suggested that you add the appropriate Malwarebytes Browser Guard for each of Edge, Chrome, Firefox, so that they are made safer.

We have run a series of different scans.

I do not believe that this machine has infection at this point.

If you think you suspect anything, you can scan with AVG & Malwarebytes for Windows.

 

Do a Check for Updates in Malwarebytes app. Use the guide here https://support.malwarebytes.com/hc/en-us/articles/360042187934-Check-for-updates-in-Malwarebytes-for-Windows

 

Next, do a Windows RESTART.

 

Next be sure you do not open any games or such.

Next, do one new Scan with Malwarebytes.

 

If it tags anything, TICK the line item so that it is Quarantined.

 

When all done, copy the Scan report & attach with Reply.

  • Like 1
Link to post
Share on other sites

Hello. Glad that things are much better. I am glad to have helped. :D 

We can proceed with cleanup of tools we used.

To remove the FRST  tool & its work files, do this.  Go to your Downloads folder.  Do a RIGHT-click on FRST64.exe & select RENAME & then change it to UNINSTALL.exe .

Then run that ( double click on it)  to begin the cleanup process.

Delete msert.exe

Delete the esetonline download file.

Any other download file I had you download, you may delete.  

I wish you all the best.  Stay safe.

Sincerely.

Maurice.    :cool:

Edited by Maurice Naggar
  • Thanks 1
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.