Windows 10: Trojan, Trojan.Generic? Solved

Page 1 of 11 123 ... LastLast
  1.    30 Apr 2017 #1

    Trojan deep in my system


    Hi!

    Today i might have got a trojan. I did indeed install a program that redirected me to a site where i think the website downloaded unwanted malware to my PC. The malware that has got control over my PC has completely blacked out my access to Windows Defender, At the time I am writting this i am running IObit Malware Fighter 5, as this is the only other antivirus i had on this computer (I do know it is stupid to not have a AV). IObit Malware Fighter 5 was able to find a Trojan called Trojan.Generic which was using the program smu.exe. I told IObit Malware fighter to remove the trojan and uninstalled SMU.exe. Even thought this helped me a little bit, i still get popups from different web browsers that has been hijacked. I'm pretty sure most of my Email accounts have been stolen or opened as well. Perfomance whise my computer is running okay, but my memory rate is higher than Usual. The program has removed all administrasion rights from me as well as defender has been disabled by "Group Policy".

    Hugs, Vikdal
    Last edited by Vikdal; 01 May 2017 at 11:15.
      My ComputerSystem Spec

  2. Borg 386's Avatar
    Posts : 21,211
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       30 Apr 2017 #2

    You may want to consider d/l ing the suggested malware scanners beforehand onto a FD or to your PC so that they will be ready to run once you have run RKill.

    First off, d/l & run RKill, this will attempt to terminate any malware processes running in the background. Do not reboot after running RKill, instead immediately run a malware scanner. Rebooting will allow the malware processes to run again.

    Next d/l SuperAntiSpyware portable and run it.

    Note   Note
    Please note : The scanner is saved under a random filename so that malware infections won't block its execution.


    It would be a good idea to d/l & install Malwarebytes Free & also run that.

    Follow up with AdwCleaner. After running it, reboot your PC if it finds anything.

    Hope this helps.

    BTW, IOBit has somewhat of a shady past and you may wish to uninstall that & go with another program. They have been know to install PUP's as well as other spyware.
      My ComputerSystem Spec

  3.    30 Apr 2017 #3

    Hi!

    So i followed what you said from detail to detail and the problem seems to be solved. I uninstalled IOBit as well, because it had a shady past. The only problem is that the memory/ram which the computer is using is still higher than usual. Before i got the trojan i would use around 20% of my ram, now after the trojan, i'm using around 70% of the ram. This does not bother me a lot, but if i run either games or multiple programs, i have a chance of using all of my total ram. Is this normal? Can I fix this in any way? Thanks again for helping

    Regards, Vikdal

    UPDATE: The trojan itself seems to be gone, but all AV is still Blocked as well as ADWCleaner and MalwareBytes.
    Last edited by Vikdal; 30 Apr 2017 at 12:54.
      My ComputerSystem Spec

  4.    30 Apr 2017 #4

    Also, I could not use MalwareBytes or ADWcleaner, as i still could not run the installer after downloading it

    Picture of what happens when i try ADWCleaner is: https://gyazo.com/dfa208c4b3fd5bc1feb5c71421f67660
      My ComputerSystem Spec

  5. dencal's Avatar
    Posts : 2,805
    W10 Pro + W10 Preview
       30 Apr 2017 #5

    Download Malwarebytes Anti-Rootkit Supplement from LINK
    Instructions are included...
    https://support.malwarebytes.com/cus...7176?b_id=6400
      My ComputersSystem Spec

  6. AndreTen's Avatar
    Posts : 14,157
    Windows 10 (Pro and Insider Pro)
       30 Apr 2017 #6

    Vikdal said: View Post
    Also, I could not use MalwareBytes or ADWcleaner, as i still could not run the installer after downloading it

    Picture of what happens when i try ADWCleaner is: https://gyazo.com/dfa208c4b3fd5bc1feb5c71421f67660
    Check this article on Bleepingcomputer. At the end is section about removing it

    If you did happen to get infected, the easiest way to remove SmartService is to use an unsigned security program and rename it to another name like iexplore.exe so that it will execute. *For our guide, we are using an*unsigned version of Zemana, which has been staying on top of this infection.
    Otherwise, you will need to boot into the Windows Recovery Environment and manually delete the files associated with SmartService. *Then when you reboot the computer you should be able to use your normal security programs to remove the leftovers.
    News was posted here about a week ago
      My ComputersSystem Spec

  7.    01 May 2017 #7

    Hi!

    Thanks again for helping me. The malwarebytes Anti-Rootkit got the same trojan over and over again, duplicated in different areas. Malwarebytes found 21 Trojan.Droppers and 1 Trojan.downloader and the computer seems to run fine. There is still abit of a high Memory usage compared with before, but i'm fine with that. I can still not download AdwCleaner even if i did what was said in the post above. I was able to remove the Reg that denied me access to windows Defender. (this was thanks to rKill). Any idea how to get these rights back?

    Vikdal

    UPDATE:
    Virus just backfired. I'm now getting popups once again and my background on web browsers has changed. Not sure what happend thought as i did not download anything.
      My ComputerSystem Spec

  8. AndreTen's Avatar
    Posts : 14,157
    Windows 10 (Pro and Insider Pro)
       01 May 2017 #8

    Vikdal said: View Post
    Hi!

    Thanks again for helping me. The malwarebytes Anti-Rootkit got the same trojan over and over again, duplicated in different areas. Malwarebytes found 21 Trojan.Droppers and 1 Trojan.downloader and the computer seems to run fine. There is still abit of a high Memory usage compared with before, but i'm fine with that. I can still not download AdwCleaner even if i did what was said in the post above. I was able to remove the Reg that denied me access to windows Defender. (this was thanks to rKill). Any idea how to get these rights back?

    Vikdal
    If you have Smartscreen infection, try using following removal guide from Bleepingcomputer.
      My ComputersSystem Spec

  9. dencal's Avatar
    Posts : 2,805
    W10 Pro + W10 Preview
       01 May 2017 #9

    Vikdal said: View Post
    Hi!

    Thanks again for helping me. The malwarebytes Anti-Rootkit got the same trojan over and over again, duplicated in different areas. Malwarebytes found 21 Trojan.Droppers and 1 Trojan.downloader and the computer seems to run fine. There is still abit of a high Memory usage compared with before, but i'm fine with that. I can still not download AdwCleaner even if i did what was said in the post above. I was able to remove the Reg that denied me access to windows Defender. (this was thanks to rKill). Any idea how to get these rights back?

    Vikdal

    UPDATE:
    Virus just backfired. I'm now getting popups once again and my background on web browsers has changed. Not sure what happend thought as i did not download anything.
    After you had done the Mbam Anti-root scan did you tick all identified Trojans, then clicked Delete....IMPORTANT you must then Shut down the computer straightaway to complete the cleanup.
      My ComputersSystem Spec

  10.    01 May 2017 #10

    Yes i did do so, but in the middle of the cleanups it crashes. I'm currently doing what AndreTen told me to do, but while running Zemana it does equal to the AntiRoot-Kit and crashes in the middle of the cleanup :/
      My ComputerSystem Spec


 
Page 1 of 11 123 ... LastLast

Related Threads
Solved Trojan or not ? in AntiVirus, Firewalls and System Security
Hi all, Not quite sure when this started but roughly somewhere around July I noticed a file called NTUSER.rhk that resides in "Users\My username". Googling for the .rhk file extension gave me a bit of a scare as most sites suggest this is...
Solved Do I Have A Trojan? in AntiVirus, Firewalls and System Security
Hello, First post here :) Lately my Windows Defender is finding a Trojan in the Recovery D (Trojan:Win32/Dynamer!ac) It only shows up after a full 3 hour search and not in the fast search A full search with Malwarebytes, Adware and Hitman...
.ecc Extension: Trojan ? Can't Seem To Delete Them ? Help please in AntiVirus, Firewalls and System Security
Hello, I received an eMail from a friend who said that any file with an .ecc extension is one of those Crypto ransom ware trojans. True ? My old PC7 PC was wiped out, literally, a few months ago, so I am literally paranoid about this.
Solved Trojan Detected in OneDrive in AntiVirus, Firewalls and System Security
The odd thing is I don't even use OneDrive except to automatically upload photos from my Android phone to my desktop; nothing has been detected on the phone. I've run another full scan with Bitdefender and Malwarebytes Anti-Malware (free) without...
Trojan in My Registry in AntiVirus, Firewalls and System Security
I have an older 15 inch HP with W10 that I recently updated. I have always had McAfee on the computer, it has never lapsed. I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup. When I recently bought a new printer...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 07:34.
Find Us