Solved Trojan found on new PC


I think I may have found what's up.

It says here that USB 3.0 is not supported - I had put it on a USB 3.0 stick.

That has to be it, would I be right? Although it does say this article was LAST UPDATED: SEP 02, 2021

Can someone tell me do they mean the actual USB itself and/or the USB port it is plugged into? The ones at the front of the PC are labelled as USB 3.0. Maybe the ones at the back are older USB ports? Well, they haven't got 3.0 written next to them anyway. I could try find an older USB stick to see if that'll work.
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
It'll be the USB stick, not the ports. The ports are backwards compatible.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Sorry to hear you're having hassle with the antivirus usb's. I hope a USB2 stick works - it sounds like that is the issue.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Just a thought. Does your computer have nvidia graphics?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Heading off to bed here, like a zombie I am :-)
I will give this a go tomorrow, hopefully.
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
I don't know but maybe there isn't the right graphics driver in the rescue disk install. If Kaspersky doesn't work with USB2 then Trend Micro might - or vice versa. Sorry it's not going smoothly. Might have been quicker to go to bleeping computer!
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
I don't know but maybe there isn't the right graphics driver in the rescue disk install. If Kaspersky doesn't work with USB2 then Trend Micro might - or vice versa. Sorry it's not going smoothly. Might have been quicker to go to bleeping computer!
I tried both on a older USB stick and still no luck booting to either program, kind of shocking to be honest.

I will ask over on this Bleeping Computer to see if they have any ideas. I could prob just pretend everyting is alright and just say to heck with it and go with the fresh Windows 11 install. But I'd only be too paranoid about it!

Cheers for the help
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
I think Ghot mentioned an online scanner by Eset on another post recently. Maybe you could just run that as a secondline scan, then do a clean install. But still scan all drives. It is shocking that neither booted. My guess is something to do with nvidia graphics and the boot disks not having the drivers for that. But others may know more than me on that one.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
However if you want to be absolutely sure it's clean then Bleeping Computer will have a range of tools to guide you through. I'd still do a clean install afterwards though as running the tools adds all kinds of things I believe - just to be sure you have a full install with no unwanted additions.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Really sorry the rescue disk option wasn't helpful in the end.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
@Hazel123 thanks so much for all the help, it is hugely appreciated, honestly. Very kind of you to help as much as you did.

I am in the process of help over on Bleeping Computer right now. So I think I just have to try and go with that.

Oh yes for sure, whatever the outcome there I will 100% be wiping and doing a clean install. I cannot wait for that to be honest, as I have a good bit of work I want to test out on this new shiny PC. I will report back here to let you and the people in this thread know how it goes.

Thanks again and talk soon!
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
FYI this software update

HOSTS FILE EDITOR+
Version 1.5.11. (25.10.2022)

is infected by the same Trojan:MSIL/AgentTesla!MSR

and it is available for download in many websites
 

My Computer

System One

  • OS
    Windows 11 Insider (Latest)
    Computer type
    Laptop
Sometimes its easier to start over, especially if it's a really nasty type of infection.
But don't simply just reinstall Windows again. Install Linux, any one as it uses a completely different type of file system. Have it rewrite the entire drive, and then reinstall Windows. Or you can use Linux to simply reformat the drive, as long as you don't use FAT, FAT32, or NTFS file systems.
The few extra minutes required, is worth the time to really make sure the system is clean, and for that extra step reset the BIOS to default and clear the CMOS as nasties like to reside there. Needed, probably not, but it may be worth the time spent.
 

My Computer

System One

  • OS
    Linux Arch (Windows 11 in a VM)
Sometimes its easier to start over, especially if it's a really nasty type of infection.
But don't simply just reinstall Windows again. Install Linux, any one as it uses a completely different type of file system. Have it rewrite the entire drive, and then reinstall Windows. Or you can use Linux to simply reformat the drive, as long as you don't use FAT, FAT32, or NTFS file systems.
The few extra minutes required, is worth the time to really make sure the system is clean, and for that extra step reset the BIOS to default and clear the CMOS as nasties like to reside there. Needed, probably not, but it may be worth the time spent.
Thanks for the reply Thomas. For now I won't be going near Linux to do this. I won't be resetting any Bios either as that has been set up for me by someone else.

I don't want to be creating more issues than I need here ;-)
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler
How did you get on at Bleeping Computer :-)
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 14-ce3514sa
    CPU
    Core i5
    Memory
    16gb
    Hard Drives
    Samsung 970 evo plus 2TB
    Cooling
    Could be better
    Internet Speed
    200mbps Starlink
    Browser
    Firefox
    Other Info
    Originally installed with a 500gb H10 Optane ssd
Hi folks

Some of these "security experts" really haven't a clue when dealing with "Non Corporate or Home" computers. I view them with the same distain that I have for some of those "Financial advisors" who never pony up any of their own money .

My late dad who knew nothing about the shenanigans of the US/UK etc stock markets always use to quip "Then where are all the Investors Yachts then " while looking at the piles of expensive cars these people seem to drive around in packs. !!

Just today a friend of mine said that "her Financial advisor - had just posted that her account was now valued at 3 million EUR !! when really it was around 3,000 EUR. So as a joke she said --OK I'll cash it in --- within 35 mins the Police were around "investigating Money Laundering and possible Fraud" -- of course she was released within minutes so whatever advice you get from external services "ALWAYS CHECK AND VERIFY". Whatever the business etc.

Whether it's Linux or Windows on a home computer just use A REMOTE SYSTEM to run a cleansing process -- and if you are worried that the HDD / SSD has been compromised beyond normal recovery - then just "Low level format it" via writing random hex digits (or even x'00' to every sector on the drive --INCLUDING THE CACHE (often forgotten).

There's so much snake oil in this business --often I think that some of those "Big beefy men" standing outside various buildings in Amsterdam's notorious Red Light District have more value than some of the advice given by these "so called security experts". (Note -- Corporates and other national / international infrastructure is a totally different ballgame --my remarks are construed principally to people managing HOME type computers).

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7
How did you get on at Bleeping Computer :-)
I got on good so far, they said there is no evidence of malware on my computer, which I'm delighted to hear! They want me to download ESET Online Scanner and run a scan. I will get to it after I finish work. Apparently it can take several hours to do the scan.
 

My Computer

System One

  • OS
    Windows 11 Professional
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom build
    CPU
    AMD Ryzen™ 9 7950X
    Motherboard
    ASUS ROG Strix X670E-E Gaming WiFi
    Memory
    DOMINATOR® PLATINUM RGB 64GB (2x32GB) DDR5 DRAM 5200MHz
    Graphics Card(s)
    MSI GeForce RTX™ 3080 Ti SUPRIM X 12GB
    Hard Drives
    980 PRO NVMe M.2 SSD 1TB
    970 EVO Plus NVMe M.2 SSD 2TB
    PSU
    Corsair HX1000 1000 W 80+ Platinum
    Case
    Fractal Design Meshify 2
    Cooling
    iCUE H150i ELITE LCD Display Liquid CPU Cooler

Latest Support Threads

Back
Top Bottom