Page 3 of 6 FirstFirst 123456 LastLast
Results 21 to 30 of 59

Thread: remove Generic.Ransom.VxLock.E31AD1D6

  1. #21
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Scan and clean?

    I see that a few things have changed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  2. #22
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    I clicked Scan and Clean

    EEK Scan Clean.jpg

    I clicked Malware Scan. After progress bar reached 100%, this showed:

    EEK Scan results.jpg

    Clicking on View Report did nothing. I did nothing more.

    Your guidance, please.

  3. #23
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    Hovering over each of the 2 shows that they are reporting on FRST.exe

  4. #24
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    scan_220415-161119.txt
    -----------------------
    Emsisoft Emergency Kit - Version 2021.9
    Last update: 2022-04-15 12:42:23
    My own Molly\Chris
    MOLLY
    Windows 7x86 Service Pack 1

    Scan settings:

    Scan type: Malware Scan
    Objects: Rootkits, Memory, Traces, Files

    Detect PUPs: ON
    Scan archives: OFF
    Scan mail archives: OFF
    ADS Scan: ON
    Direct disk access: OFF

    Scan start: 2022-04-15 16:11:19
    C:\Users\Chris\Desktop\FRST-OlderVersion\FRST.exe detected: Trojan.GenericKD.39437243 (B) [krnl.xmd]
    C:\Users\Chris\Desktop\FRST.exe detected: Trojan.GenericKD.48872539 (B) [krnl.xmd]

    Scanned 75053
    Found 2

    Scan end: 2022-04-15 16:12:28
    Scan time: 0:01:09

  5. #25
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    OK
    What was found is actually a false positive and several scanners have found this.
    We can remove all folder and quarantine files when finished.,

    What's the computer doing now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #26
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    What's the computer doing now?[/QUOTE]

    Still sitting at the Scan Results window

  7. #27
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    If the scan has finished, what was found we will remove.

    Unless more is found?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #28
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I've got to sign off for the evening.
    If all that was found related to the Farbar Recovery tool then we're in good shape.

    Let me know if your ready to remove tools and quarantine folders.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #29
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    Quote Originally Posted by Juliet View Post
    I've got to sign off for the evening.
    If all that was found related to the Farbar Recovery tool then we're in good shape.

    Let me know if your ready to remove tools and quarantine folders.
    I see that Farbar found 10 files. Trusting in your guidance, I believe that I am ready to remove tools and quarantine folders. Is there a risk in doing so?

    I note that we have seen no sign of the ransom ware. Does this surprise you?

  10. #30
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Quote Originally Posted by Chris Haslam View Post
    I see that Farbar found 10 files. Trusting in your guidance, I believe that I am ready to remove tools and quarantine folders. Is there a risk in doing so?

    I note that we have seen no sign of the ransom ware. Does this surprise you?
    The files we removed with FRST was a tidy up event, they were lose files that added nothing to the machine.
    As for having a Ransomeware infection, no signs of it.
    And there was no mention of any notes or alerts telling you your computer had been infected and of money to get your files back.

    The encrypted files for this specific infection will have the extension '.VXLOCK' appended to the end of the file name and on this machine there were none.

    I can't say why, but I think what you saw was a false-positive.

    Use this tool to remove quarantined items:

    Please download KpRm by Kernel-panik and save to your Desktop.
    • Click on KpRm.exe to run the tool.

      Vista/Windows 7/8/10 users right-click and select Run As Administrator.
    • Put a check mark next to these items:

      - Delete tools
      - Delete now
    • Click the "Run" button.



    • When the tool has finished, it will create and open a log report and delete itself.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •