Solved Remove Trojan Kovter

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

BunniG

Thread Starter
Joined
May 11, 2017
Messages
85
I scanned my computer with Malwarebytes Free version. It identified and quarantined Trojan.Kovter. Do I need to do more to ensure it's removed from my system? Please advise.

Susan
 

BunniG

Thread Starter
Joined
May 11, 2017
Messages
85
Hi,

Here's the MBAM log showing where the Kovter was found. What are those PUP files?

Susan



Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/15/19
Scan Time: 10:56 PM
Log File: 09d01a8a-194b-11e9-a269-90e6ba32f965.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.8808
License: Free

-System Information-
OS: Windows 10 (Build 17134.523)
CPU: x64
File System: NTFS
User: GRAYECONSULTING\Susan Graye

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 534789
Threats Detected: 6
Threats Quarantined: 6
Time Elapsed: 24 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-2703550140-420306615-3034187051-1000\SOFTWARE\CSASTATS\ic, Quarantined, [419], [586068],1.0.8808

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 5
Trojan.Kovter, C:\USERS\SUSAN GRAYE\DOWNLOADS\FIREFOX-PATCH.JS, Quarantined, [6202], [444098],1.0.8808
PUP.Optional.FusionCore, C:\USERS\SUSAN GRAYE\DOWNLOADS\FILEZILLA_3.39.0_WIN64-SETUP_BUNDLED.EXE, Quarantined, [7743], [608779],1.0.8808
PUP.Optional.Babylon, C:\USERS\SUSAN GRAYE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [342], [455059],1.0.8808
PUP.Optional.Babylon, C:\USERS\SUSAN GRAYE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [342], [455059],1.0.8808
PUP.Optional.Babylon, C:\USERS\SUSAN GRAYE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [342], [455059],1.0.8808

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
I wouldn't worry, it looks like MalwareBytes got it all
The Js file identified as Kovter was the downloader for it. The last time that was seen spreading was about 18 months ago, so it has probably been sitting in your download folder since then
You can safely ignore the PUP detections
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top