Hello, all.
I somehow had a trojan on my system in the last two days, and am not completely sure it actually hit my system or if it was totally removed. Just to put my mind at ease, I wanted to ask your opinions.
I've no idea how I even got it, as I'm always running MSE and have ABP on with FF (except once, it had to be turned off in order to deal with AdSense's webpage which doesn't work with it on) but it doesn't appear to have actually hit my system and I deleted it with MSE.
The trojan was: Win32/Urausy.C which is supposedly a bad trojan.
However, I had absolutely no symptoms.
I only found it because I happened to scan, which I do about every two days.
It was located nowhere else except in the \Users\AppData\Temp folder, two strings of it in the temp folder: 0xthqGPE.exe.part and tqcfHDY.exe.part and located nowhere else.
Supposedly, it will show up in the following ways:
- massive pop-up page that blocks you from your system as "ransomware" and you're unable to get past it
I never had this happen.
- runs as a process "random.exe"
I did not have this process running.
- registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\Trojan:Win32/Urausy.C
I did not find it anywhere in the registry.
- several places it's said to show up (all AppData folder locations), but I found absolutely no evidence of it anywhere
I removed it with MSE and have seen no sign in any Reg key or folder I've looked in, but supposedly it can also attack kernels on your system and it's good at hiding itself.
I think that's my biggest concern, if it attacked a kernel somewhere that cant be seen.
I also scanned with MBAM and it found nothing. Looked manually through everything but found nothing.
But, since it was only found in a temp folder, and no other places, signs or symptoms, I wanted to ask if people thought it had been caught before it hit my system and if MSE actually trashed what there was of it on my system.
I'm trying to avoid reformatting (I just recently did) but if I need to, I will.
Thanks in advance for you opinions/advice.
I somehow had a trojan on my system in the last two days, and am not completely sure it actually hit my system or if it was totally removed. Just to put my mind at ease, I wanted to ask your opinions.
I've no idea how I even got it, as I'm always running MSE and have ABP on with FF (except once, it had to be turned off in order to deal with AdSense's webpage which doesn't work with it on) but it doesn't appear to have actually hit my system and I deleted it with MSE.
The trojan was: Win32/Urausy.C which is supposedly a bad trojan.
However, I had absolutely no symptoms.
I only found it because I happened to scan, which I do about every two days.
It was located nowhere else except in the \Users\AppData\Temp folder, two strings of it in the temp folder: 0xthqGPE.exe.part and tqcfHDY.exe.part and located nowhere else.
Supposedly, it will show up in the following ways:
- massive pop-up page that blocks you from your system as "ransomware" and you're unable to get past it
I never had this happen.
- runs as a process "random.exe"
I did not have this process running.
- registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\Trojan:Win32/Urausy.C
I did not find it anywhere in the registry.
- several places it's said to show up (all AppData folder locations), but I found absolutely no evidence of it anywhere
I removed it with MSE and have seen no sign in any Reg key or folder I've looked in, but supposedly it can also attack kernels on your system and it's good at hiding itself.
I think that's my biggest concern, if it attacked a kernel somewhere that cant be seen.
I also scanned with MBAM and it found nothing. Looked manually through everything but found nothing.
But, since it was only found in a temp folder, and no other places, signs or symptoms, I wanted to ask if people thought it had been caught before it hit my system and if MSE actually trashed what there was of it on my system.
I'm trying to avoid reformatting (I just recently did) but if I need to, I will.
Thanks in advance for you opinions/advice.
Facebook
Twitter
Instagram