getting rid of Trojan:BAT/poweliks.A

Toggle sidebar Toggle sidebar
A

amcenhill

Prominent
Feb 12, 2018
1
0
510
Window Security Essentials keeps finding & quarantining the Trojan App. I can remove it w the Win Sec Ess program, but it keeps writing the bat file & another file into the directory. I've removed the write protect ATTRIB, & have deleted bot but they keep getting rewritten into the Directory... any help is appreciated. ps - I can't seem to even do a type on the bat file.
 
Sort by date Sort by votes
AtlBo

AtlBo

Distinguished
Jul 4, 2012
71
0
18,660


As SR-71 Blackbird said. If that doesn't completely resolve your issue, I like NVT EXE Radar Pro for tracking the activities of programs and command lines. Basically, you install ERP and then run your WSE scan. Allow and remember your WSE exes in ERP and then see what happens next. If the files show up again with no ERP alert, you know you need to harden ERP settings so that it won't allow Windows processes. If you get the alert, quarantine the files.

Command line monitoring is good with ERP, but it doesn't cover all of the possible ways to run command line. It can if you add some into the Vulnerables list, however. If the malware is using command line, you will need to see what is ultimately behind the activity to remove the threat unless you can find a really good scanner to do the removal.

Think Bitdefender has a good rescue disk btw. Here is the link for NVT ERP if you really get stuck. Great for a free app:

http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_15052015_BUILD1.exe

Final build before the dev took a break for some other work. He's back now if you want to keep an eye out for a new version.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom