Jump to content

Recommended Posts

Posted

No matter how many times I scan, the trojan always re-appears. The antivirus always says that the trojan has been removed, but every single day, it reappears. Is there a way to permanently remove it?

I have attached a log file.

Thank you

a.txt

Posted (edited)

Appears this malware has a .dll component that has to be manually removed. Trend Micro has an article on how to remove it here you can try: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_plugx.ztbf-b . If the .dll cannot be found per instructions given, then this new variant is doing something else and you need to contact Eset tech support for resolution help.

Your Eset log indicates the malware is being discovered in memory at boot time. Appears it has created a "bogus" service that is automatically being started at boot time using svchost.exe. So removal of that service also has to be addressed.

Edited by itman
Posted (edited)

Another thing you can do is run Eset's most aggressive AV scan to see if it will remove the malware.

Below is a screen shot of what you need to run.

  1. Select "Advanced Scans."
  2. Select the following; memory, boot sector, and the drive your OS is installed on.
  3. Click on the wheel symbol to display additional options. Change "Scan Profile" to In-depth.
  4. Click on the "Scan as Administrator" button to run the scan.

This scan will take some time to run so be aware of that.

Eset_Scan.thumb.png.92df8f77b284755af77d72179e169519.png

Edited by itman
  • Administrators
Posted

Collect logs with ELC and "Threat detection" selected from the menu, upload the archive to a safe location and pm me a download link. I assume it''s a fileless threat that is present in the registry only.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...