Trojan.GenericKD.69812247 keeps returning

valuation100 · 2023-11-06T18:49:52+00:00

There was an error rendering this rich post.

valuation100

Windows

On the 22nd October I had a notification "Infected File Detected" See Document1.docx

and then the notification that it had been removed See TrojanRemoved.docx

TrojanRemoved.docx

Document1.docx

I kept getting pop ups saying: your pc is being disinfected (Bitdefender) so I find out whether there was a Registry compromise, but did not find any thing on the net. How File Detectedd

Move on to 6th November and more pop ups: your PC is being disinfected(Bitdefender)

Ran another Rescue Environment scan and the results summary:

Resolved items, Item Path

File:C:\Users\JC\AppData\Local\Google\Chrome\User Data\extensions_crx_cache....

and File:C:\Users\AppData \Local\Temp\chrome_url_fetcher_5348_1884829377\JGL....

Both Trojan.GenericKD.69812247. Final Satus Deleted

The question is how to prevent a reoccurance? Is there a Registry change required or what?

Running Windows 10 Home V 10.0.19045 Build 10045. Laptop ASUS UX305CA x64 based

James

Find more posts tagged with

Accepted answers

Gjoksi

Hello.

First, scan (and disinfect, if needed) your PC with Bitdefender Rescue Environment:

https://www.bitdefender.com/consumer/support/answer/29132/

Next, just to be sure that there is no malware left on your PC, do the steps below.

First, take screenshot(s) of the issue,

create a log file on your Windows device using Bitdefender Support Tool, by following these steps:

https://www.bitdefender.com/consumer/support/answer/1733/

and

create a log file on your Windows device using BDsysLog, by following these steps:

https://www.bitdefender.com/consumer/support/answer/1922/

Next, contact Bitdefender Consumer Support by e-mail:

https://www.bitdefender.com/consumer/support/help/

with short description of the issue.

After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.

NOTE: If any of the log file is larger than 25MB, you can upload the log file here:

https://upload.bitdefender.net/

After the upload is done, you will get a notification with the file's URL and then you can share the file's URL with the Bitdefender Consumer Support.

Regards.

Flexx

https://community.bitdefender.com/en/discussion/97734/trojan-generickd-69812247-keeps-returning

Since, as per your post, you have already run the Rescue Environment, for additional measures, kindly check if the following steps help you:

1) Restart your PC in safe mode. You can follow this guide: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234

2) Open the Run command and execute the following commands one by one:

temp – delete all the files in the folder.

%temp% – delete all the files in the folder.

prefetch – delete all the files in the folder.

3) Restart your PC in normal mode by unselecting the option to run the system in Safe Mode, then click 'Apply.'

4) Reset your web browsers: Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en

Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings

Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/

Opera: https://browsersolution.com/reset-opera-browser

Vivaldi: https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/

Brave: https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default-

5) Reset the Windows host file to default. You can find instructions here: https://support.microsoft.com/en-us/topic/how-to-reset-the-hosts-file-back-to-the-default-c2a43f9d-e176-c6f3-e4ef-3500277a6dae.

6) Run Disk Cleanup using this guide: https://support.microsoft.com/en-us/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68.

If issue persists, contact bitdefender support as stated by @Gjoksi in above comment.

Regards

All comments

Gjoksi

Hello.

First, scan (and disinfect, if needed) your PC with Bitdefender Rescue Environment:

https://www.bitdefender.com/consumer/support/answer/29132/

Next, just to be sure that there is no malware left on your PC, do the steps below.

First, take screenshot(s) of the issue,

create a log file on your Windows device using Bitdefender Support Tool, by following these steps:

https://www.bitdefender.com/consumer/support/answer/1733/

and

create a log file on your Windows device using BDsysLog, by following these steps:

https://www.bitdefender.com/consumer/support/answer/1922/

Next, contact Bitdefender Consumer Support by e-mail:

https://www.bitdefender.com/consumer/support/help/

with short description of the issue.

After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.

NOTE: If any of the log file is larger than 25MB, you can upload the log file here:

https://upload.bitdefender.net/

After the upload is done, you will get a notification with the file's URL and then you can share the file's URL with the Bitdefender Consumer Support.

Regards.

Flexx

https://community.bitdefender.com/en/discussion/97734/trojan-generickd-69812247-keeps-returning

Since, as per your post, you have already run the Rescue Environment, for additional measures, kindly check if the following steps help you:

1) Restart your PC in safe mode. You can follow this guide: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234

2) Open the Run command and execute the following commands one by one:

temp – delete all the files in the folder.

%temp% – delete all the files in the folder.

prefetch – delete all the files in the folder.

3) Restart your PC in normal mode by unselecting the option to run the system in Safe Mode, then click 'Apply.'

4) Reset your web browsers: Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en

Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings

Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/

Opera: https://browsersolution.com/reset-opera-browser

Vivaldi: https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/

Brave: https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default-

6) Run Disk Cleanup using this guide: https://support.microsoft.com/en-us/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68.

If issue persists, contact bitdefender support as stated by @Gjoksi in above comment.

Regards

valuation100

Hi Flexx and Gjoksi,

-Thank you for your help and the detailed solution; that I carried out today. So far I have not had the incorrect pop up advising that it is being disinfected. What I had, is a notification from Bitdefender:

Infected web page detected

3 minutes ago

Feature:

Online Threat Prevention

We blocked this dangerous page for your protection:

url removed by @Flexx

Threat name: Trojan.GenericKD.69812247

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

-This was received at the time I opened Google GMail and looks as if Bitdefender now recognises the threat having blocked the infected web page. I have been unable to find out what and how this web page is coming from.

Thanks, again