Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Detected


  • Please log in to reply
7 replies to this topic

#1 Bob99

Bob99

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Copperas Cove, TX
  • Local time:10:10 PM

Posted 09 October 2017 - 11:36 AM

Malwarebytes has detected the Trojan.Kovter and it is now in quarentine.  Can I delete it from there, or should I remove it according to your removal guide?



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:10 PM

Posted 09 October 2017 - 12:38 PM

Depends on whether Kovter was caught during downloading or if it had time to activate. That BC instruction on removal is a year old and may

not be adequate for today's Kovter malware. I suggest you follow the instructions below starting a new topic in the malware removal forum.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 buddy215

buddy215

  • Moderator
  • 13,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:10 PM

Posted 09 October 2017 - 12:42 PM

This news article in today's BC news reader.....Malvertising Group Spreading Kovter Malware via Fake Browser Updates


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 Bob99

Bob99
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Copperas Cove, TX
  • Local time:10:10 PM

Posted 09 October 2017 - 02:32 PM

My FRST logs were posted to Virus, Trojan, Spyware, and Malware Removal Logs a short time ago.

Thanks!



#5 buddy215

buddy215

  • Moderator
  • 13,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:10 PM

Posted 09 October 2017 - 03:06 PM

I don't see it...maybe you should check to make sure your new post is there. It's not listed in your content or in the Virus, Trojan, Spyware, and Malware Removal Logs forum,


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Bob99

Bob99
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Copperas Cove, TX
  • Local time:10:10 PM

Posted 09 October 2017 - 04:49 PM

I finally discovered that my TXTs are too long.  The First one is even too long.  I saw somewhere you have another way of uploading these, but so far haven't found it again.  Will keep looking until a miracle happens.



#7 buddy215

buddy215

  • Moderator
  • 13,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:10 PM

Posted 09 October 2017 - 06:10 PM

Go ahead and start the new topic. Explain your problem in posting the FRST logs. Whoever responds will help you do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 Bob99

Bob99
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Copperas Cove, TX
  • Local time:10:10 PM

Posted 10 October 2017 - 11:37 AM

Will try to get to it when I can.  Will be pretty much snowed under for the rest of the week.  I believe Malwarebytes got it before it got started, still think I need to know for sure.  Thanks for you help Buddy 215!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users