Solved Trojan found on new PC


After four pages of discussions, it appears that no one has mentioned false positives. While I'm not advocating lowering your guard and assuming an alert is a false positive, it's an important possibility to keep in mind, especially if you're considering spending a lot of time rebuilding a system.

Sometimes all it takes is to check what has been quarantined and do a search online to determine what the file is and where it came from. Often that will reveal information about whether it's prone to cause false positives. For example. Nirsoft utilities often trigger false positives, as do many others, such as Cmdow, and my own WinSetView. Also, perfectly legit Cmd, VBS, and PowerShell scripts can trigger false positives, even ones you've written yourself.

The first question is always "where did this come from"? If it was in the Downloads folder (before being quarantined), look at when it was downloaded and what other files were downloaded at the same time. Is it your download or somebody else's (i.e. on a shared PC). Some basic investigation should start to give you a sense of whether it's likely to be a threat or not.
I have seen a few of them over the years, yes. In terms of spending a lot of time doing a full reinstall, that is something I have decided to do as I have already said. Maybe not something I need to do, but something I want to do.

Seeing as you mention about where it came from. I cannot remember 100% for sure but I remember downloading a program and noticed a download started called full install, or something similar. It came down as a zipped folder, which I unzipped, I then left it there in my downloads and completely forgot about it. Then I opened that unzipped folder and that is when I immediately got the notification saying it was a trojan. PC isn't shared or anything, it is just myself.
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
No dark art, just that some people are habitually riding out their egos, and yes, that can lead to wasted time :eek1:

Yes, I read the comments about Kaspersky and other conspiracy theories :eek1:

You don't a priori pick a tool that does not work (n) You pick a tool that does work (y)
I have seen a fair bit of this in this thread. I know the internet is full of this type of thing or people trying to outdo each other in many ways. But didn't expect to see it in here. Maybe it is the norm in this forum too, I don't know as I don't use the forum too much and I am a new member.

Let's see what @Hazel123 says about Trend Micro if she rejoins the thread.
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
I have seen a few of them over the years, yes. In terms of spending a lot of time doing a full reinstall, that is something I have decided to do as I have already said. Maybe not something I need to do, but something I want to do.

Seeing as you mention about where it came from. I cannot remember 100% for sure but I remember downloading a program and noticed a download started called full install, or something similar. It came down as a zipped folder, which I unzipped, I then left it there in my downloads and completely forgot about it. Then I opened that unzipped folder and that is when I immediately got the notification saying it was a trojan. PC isn't shared or anything, it is just myself.
Cool. Too bad you don't have more details on the download. It's always interesting to download the same files (using a VM) and see what's detected. If you happen to remember what program that was, I'd be happy to check it out.
 

My Computer

System One

  • OS
    Windows 10/11
    Computer type
    Laptop
    Manufacturer/Model
    Acer

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Cool. Too bad you don't have more details on the download. It's always interesting to download the same files (using a VM) and see what's detected. If you happen to remember what program that was, I'd be happy to check it out.
Cheers, if I happen to remember or come across it again, I will post back here (y)
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
I don't know why Trend Micro won't boot. I would try Kaspersky despite them being pushy and automatically downloading the file (yes it may be a way to avoid a virus laden computer blocking the download).
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Hi @Hazel123 I downloaded the software, installed it to my USB stick. Restarted. Tried to boot to the USB, it recognised it. But I keep getting a screen with the folowing message and it won't do anything, I keep having to power off and keep seeing the same screen.

Only 64-bit images supported
_


Any ideas? Of course this wouldn't work as it should for me, I knew it haha:confused:
The only thing I can think is the program you used to burn the usb burned it in 32 bit?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
I found exactly the same thing and didn't like it either. Very pushy. You go to their page and it starts downloading automatically.
A bit weird yeah. Any idea why I am getting this message when I try to boot the new USB with Trend Micro?

Only 64-bit images supported

Maybe Kaspersky would be worth a go? I had really hoped to get this offline scan done today :nope:
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
Cool. Too bad you don't have more details on the download. It's always interesting to download the same files (using a VM) and see what's detected. If you happen to remember what program that was, I'd be happy to check it out.
I think earlier on he gave the name of the virus - I looked it up and a suggestion was made it was a nasty one and to try bleeping computer for a clean up. Just in case his av didn't fully block or remove it.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
The only thing I can think is the program you used to burn the usb burned it in 32 bit?
Ah sorry, I had typed my reply before you posted this. I will have a look. I just followed the instructions to burn it to the USB. I formatted the USB to FAT32 beforehand...would that have anything to do with it?
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
As Kaspersky is so easy to download ha ha, maybe burn that to usb and start it off tonight. It might take a few hours. At least it has a graphical interface as well so may be simpler to use. Which program did you use to burn the usb?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Ah sorry, I had typed my reply before you posted this. I will have a look. I just followed the instructions to burn it to the USB. I formatted the USB to FAT32 beforehand...would that have anything to do with it?
No that shouldn't be it. When you downloaded Trend Micro and clicked on the file, did it ask you where to install it? Or did you need to use another program like Rufus to install it to the usb?

If the TM installer installs it to usb then maybe there was a setting to say do you want 32 bit or 64 bit. It sounds like you have a 32 bit installation on the USB which won't work on a 64 bit computer. But I may be wrong.

Hopefully you won't have the same issue with Kaspersky
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
As Kaspersky is so easy to download ha ha, maybe burn that to usb and start it off tonight. It might take a few hours. At least it has a graphical interface as well so may be simpler to use. Which program did you use to burn the usb?
I just downloaded the file you pointed me to. Then ran it and there was an option for USB and clicked on that, pointed it to the USB drive then it installed on it. I will format it again and retry, just to be sure
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
No that shouldn't be it. When you downloaded Trend Micro and clicked on the file, did it ask you where to install it? Or did you need to use another program like Rufus to install it to the usb?

If the TM installer installs it to usb then maybe there was a setting to say do you want 32 bit or 64 bit. It sounds like you have a 32 bit installation on the USB which won't work on a 64 bit computer. But I may be wrong.

Hopefully you won't have the same issue with Kaspersky
Nah, I jut downloaded the one you said and created the USB. No options for 32 or 64 bit that I noticed. Bog standard stuff...tried it again anyway and of course it still fails. What are the bets that the Windows 11 one I created also won't work?! If that doesn't work the guy who set the PC up for me made a mess of something by the looks of it. I won't jump to that conclusion yet though, maybe this Micro Trend is just sh*t?
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
OK I have it on the USB now, it's booting to the program also. But when I launch it, all I see is a black screen. Is it working/scanning in the background or am I meant to see something on screen? I tried both graphical interface and limited graphical interface. Both just blank screens.

Someone please help before I go off my mind here, what a waste of a day
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
If the Kaspersky tool does not work for you, move on to the next tool. I already pointed you to the thread Do you use portable anti-malware apps? Did you read it? The OP there lists 7 tools and the discussion mentions at least 5 more tools.

Move expediently through the one dozen tools, learning along the way how to use the tools, and at least some of them will work for you.

Before you drive yourself nuts, though, give my post #8 another fair read or you can easily go through another 100 posts.
 

My Computer

System One

  • OS
    Windows 10 Pro
I think earlier on he gave the name of the virus - I looked it up and a suggestion was made it was a nasty one and to try bleeping computer for a clean up. Just in case his av didn't fully block or remove it.
Yes, I saw that. I'm interested in replicating the reported infection to determine if it's real or a false positive. The only way to do that is to download exactly the same file, from the same location used by the OP. Unfortunately, those details are not known.
 

My Computer

System One

  • OS
    Windows 10/11
    Computer type
    Laptop
    Manufacturer/Model
    Acer
If the Kaspersky tool does not work for you, move on to the next tool. I already pointed you to the thread Do you use portable anti-malware apps? Did you read it? The OP there lists 7 tools and the discussion mentions at least 5 more tools.

Move expediently through the one dozen tools, learning along the way how to use the tools, and at least some of them will work for you.

Before you drive yourself nuts, though, give my post #8 another fair read or you can easily go through another 100 posts.
Trend Micro Rescue Disk wouldn't work for me. The same with Kaspersky. Nothing but a blank screen. I find that a bit hard to believe, to be honest.

These two problems that are so basic and random and worry me a little. They are meant to work. With all the knowledge people have on the forum here, I thought someone would be able to help to get one of them working. The fact they wouldn't even start has me thinking something is weird in the setup of my PC.

I had a read through your link, yes. To be honest, there is nothing in there that seems like it would be worth a shot. Maybe at this stage I will just assume the PC is 'OK' but just go ahead with my reinstall of Windows 11 anyway. Kind of shocking that two pretty well known rescue disk pieces of software wouldn't work though.

As for your now famous number 8, you will have to let me in on the secret - I have not got a clue what you are trying to say. Rephrease it here, thanks.
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
@RedLad Good luck to you, whatever you do!

P.S. @LesFerch is interested in your Trojan. If you still have it in your quarantine, offer to send it to him via email :eek1:
 

My Computer

System One

  • OS
    Windows 10 Pro

Latest Support Threads

Back
Top Bottom