Trojan.GenericKD.69812247 keeps returning
Windows
On the 22nd October I had a notification "Infected File Detected" See Document1.docx
and then the notification that it had been removed See TrojanRemoved.docx
I kept getting pop ups saying: your pc is being disinfected (Bitdefender) so I find out whether there was a Registry compromise, but did not find any thing on the net. How File Detectedd
Move on to 6th November and more pop ups: your PC is being disinfected(Bitdefender)
Ran another Rescue Environment scan and the results summary:
Resolved items, Item Path
File:C:\Users\JC\AppData\Local\Google\Chrome\User Data\extensions_crx_cache....
and File:C:\Users\AppData \Local\Temp\chrome_url_fetcher_5348_1884829377\JGL....
Both Trojan.GenericKD.69812247. Final Satus Deleted
The question is how to prevent a reoccurance? Is there a Registry change required or what?
Running Windows 10 Home V 10.0.19045 Build 10045. Laptop ASUS UX305CA x64 based
James
Best Answers
-
Hello.
First, scan (and disinfect, if needed) your PC with Bitdefender Rescue Environment:
Next, just to be sure that there is no malware left on your PC, do the steps below.
First, take screenshot(s) of the issue,
create a log file on your Windows device using Bitdefender Support Tool, by following these steps:
and
create a log file on your Windows device using BDsysLog, by following these steps:
Next, contact Bitdefender Consumer Support by e-mail:
with short description of the issue.
After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.
Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.
Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.
Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.
NOTE: If any of the log file is larger than 25MB, you can upload the log file here:
After the upload is done, you will get a notification with the file's URL and then you can share the file's URL with the Bitdefender Consumer Support.
Regards.
0 -
Since, as per your post, you have already run the Rescue Environment, for additional measures, kindly check if the following steps help you:
1) Restart your PC in safe mode. You can follow this guide: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234
2) Open the Run command and execute the following commands one by one:
temp – delete all the files in the folder.
%temp% – delete all the files in the folder.
prefetch – delete all the files in the folder.
3) Restart your PC in normal mode by unselecting the option to run the system in Safe Mode, then click 'Apply.'
4) Reset your web browsers: Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en
Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/
Opera: https://browsersolution.com/reset-opera-browser
Vivaldi: https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/
Brave: https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default-
5) Reset the Windows host file to default. You can find instructions here: https://support.microsoft.com/en-us/topic/how-to-reset-the-hosts-file-back-to-the-default-c2a43f9d-e176-c6f3-e4ef-3500277a6dae.
6) Run Disk Cleanup using this guide: https://support.microsoft.com/en-us/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68.
If issue persists, contact bitdefender support as stated by @Gjoksi in above comment.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
0
Answers
-
Hi Flexx and Gjoksi,
-Thank you for your help and the detailed solution; that I carried out today. So far I have not had the incorrect pop up advising that it is being disinfected. What I had, is a notification from Bitdefender:
Infected web page detected
3 minutes ago
Feature:
Online Threat Prevention
We blocked this dangerous page for your protection:
url removed by @Flexx
Threat name: Trojan.GenericKD.69812247
Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.
-This was received at the time I opened Google GMail and looks as if Bitdefender now recognises the threat having blocked the infected web page. I have been unable to find out what and how this web page is coming from.
Thanks, again
0
