Computer Infection--Emergency!

Page 2 of 6 FirstFirst 1234 ... LastLast

  1. Posts : 16,325
    W10Prox64
       #11

    Hi.
    RKILL looks ok.

    TDSS Killer says it found nothing.

    MBAM flags:
    Code:
    Backdoor.SpyNet, H:\Downloads\Important Files\wsusoffline102.zip, Quarantined, [735c6f0531693afcca525d99ac5822de], 
    Backdoor.SpyNet, H:\Temp\Flash Drive files\wsusoffline105.zip, Quarantined, [9d327bf97e1c979f839910e65ca8f907],
    Now, these were downloaded to "Important Files" and "Flash Drive Files". This looks to be old, but have you ever used the WSUS offline updater or Chocolatey Repository?

    WSUS Offline Update - Update Microsoft Windows and Office without an Internet connection Update Microsoft Windows and Office without an Internet Connection

    Chocolatey Gallery | WSUS Offline Update 10.5


    So, these could be FPs (False Positives).

    I would like to see what ESET flagged.
    Restore files quarantined by the ESET Online ScannerESET Knowledgebase
      My Computer


  2. Posts : 1,481
    Windows 10 Pro 64bit 20H2 19042.844
    Thread Starter
       #12

    Yes I used Wsus offline with other Windows 7 SP1 machine upstairs, had the files saved on the external in case needed it again, I will check to see what Eset flagged in a moment here
      My Computers


  3. Posts : 16,325
    W10Prox64
       #13

    AMDMan2016 said:
    Yes I used Wsus offline with other Windows 7 SP1 machine upstairs, had the files saved on the external in case needed it again, I will check to see what Eset flagged in a moment here
    Okay so those are indeed FPs.
    Can you give me a screenshot of what Defender found? or is it not specific?
      My Computer


  4. Posts : 16,325
    W10Prox64
       #14

    I see the second MBAM scan came up clean. :) I am thinking ESET and Defender neutralized whatever was messing with your system.
      My Computer


  5. Posts : 1,481
    Windows 10 Pro 64bit 20H2 19042.844
    Thread Starter
       #15

    Just said Trojan.Dropper in Temp internet files that one night, unforuately I didn't save the info as I noticed it when I was switching to Avast remotely via Remote Desktop lol via Phone that night, as Defender took 3 hours to scan, so i'm like yeah going back to Avast, I see no sign of that now though, and I scanned with numerous programs so far, Eset going again so I can get manage quarantine at the end
      My Computers


  6. Posts : 16,325
    W10Prox64
       #16

    AMDMan2016 said:
    Just said Trojan.Dropper in Temp internet files that one night, unforuately I didn't save the info as I noticed it when I was switching to Avast remotely via Remote Desktop lol via Phone that night, as Defender took 3 hours to scan, so i'm like yeah going back to Avast, I see no sign of that now though, and I scanned with numerous programs so far, Eset going again so I can get manage quarantine at the end
    Okay. No rush, but when you get a chance, open Defender and in the History tab, select Quarantined Items (or All Detected Items), and select to "show", widen the Detected Item column all the way to show everything, and post a screenshot of that window please.

    Computer Infection--Emergency!-defender-history.png

    Defender is disabled right now because Avast is on the system, so don't do this until after the Avast scan has run; you may find you have to uninstall Avast to get Defender to open up. If so, save your Avast settings so you can easily put them back when you reinstall. (I think it's Settings>General, all the way at the bottom.)

    EDIT: This one, being in the temporary internet files folder, is very suspect and likely was your problem.
      My Computer


  7. Posts : 1,481
    Windows 10 Pro 64bit 20H2 19042.844
    Thread Starter
       #17

    Ok Will do, and thanks so much already, that might be a while though for the last part, this scan isn't gonna be too quick lol, with main 2tb drive, and external 500gb drive, might be a bit, *note external not connected all the time, just was when I decided to run scan last night and this morning*
      My Computers


  8. Posts : 16,325
    W10Prox64
       #18

    AMDMan2016 said:
    Ok Will do, and thanks so much already, that might be a while though for the last part, this scan isn't gonna be too quick lol, with main 2tb drive, and external 500gb drive, might be a bit, *note external not connected all the time, just was when I decided to run scan last night and this morning*
    You're quite welcome.
    That's fine. I am AFK now for a while. :)
      My Computer


  9. Posts : 1,481
    Windows 10 Pro 64bit 20H2 19042.844
    Thread Starter
       #19

    Well Eset got to the end of the scan, showed Infected Files 2, and screen just went white, so probably gonna crash again, like it did before I posted this.

    Yup stopped working again
    Last edited by AMDMan2016; 22 Sep 2016 at 17:45.
      My Computers


  10. Posts : 16,325
    W10Prox64
       #20

    AMDMan2016 said:
    Well Eset got to the end of the scan, showed Infected Files 2, and screen just went white, so probably gonna crash again, like it did before I posted this.

    Yup stopped working again
    Sorry - ESET seem to be having problems lately; you're not the only one.
    See if you can run the scan only on memory, and it will finish quickly, and then maybe you can get to the quarantine.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 16:44.
Find Us




Windows 10 Forums