Windows 10: Fileless Registry Trojan

Discus and support Fileless Registry Trojan in AntiVirus, Firewalls and System Security to solve the problem; First thing I noticed was my computer slowing and odd affects like mouse clicks not working. I opened event viewer and saw multiple user admin changes... Discussion in 'AntiVirus, Firewalls and System Security' started by Sevyrr, Apr 7, 2020.

  1. Sevyrr Win User

    Fileless Registry Trojan


    First thing I noticed was my computer slowing and odd affects like mouse clicks not working. I opened event viewer and saw multiple user admin changes via registry, effectivly locking my admin privileges. I ran Norton and Malwarebytes and nothing found. Tried Superantispyware same. Everythings good. Start up in task manager showed nothing, but multiple windows services are maxing my cpu on a decent gaming computer. I downloaded ccleaner and checked start up, it found powershell registry commands that supposedly run at start up. I was unable to affect these in anyway. I do not have authority for cmd or powershell, I can start them in admin mode but important commands pertaining to this do not work. Windows restore does not work. Windows reinstall does not work. Installing linux from a USB does not work. My windows registry key is gone from my computer info and cannot be retrieved from bios with cmd. Every windows machine on my system is affected, even the ones I thought were powered down. Hundreds of registry changes that are empty, research said these typically have javascript written in a language or gont or special chacters my computer can't resolve. The user name I use is changed slightly with the loss of admin rights, I can still see my old one in the registry has full access but cannot get to it. I don't care about the hard drive it's backed up. I do care about the windows key and would like to wipe the drive and reinstall. Also, it affects search results, had to use my phone for research. I used an old laptop I have, also affected, and took the wireless adapter out and installed a old hard drive and it triggered a power up admin lock that I never set, it's there no matter what hard drive I put in. There are also recent changes in reg that tell windows to never overwrite the dlls that the reg changes point to. Is it possible it's in my comcast modem? Any other devices, blue tooth, usb mouse, network cards etc? How did it spread to the powered off devices, I see there was a network kernal debug adapter active, and I saw these computers on my internet after turning them off. Unplugging and removing the batteries helped. Could it be in the bios? Comcast and Geeksquad were no help at all. How do I nuke it all and start over with out ruining the hard drive? Also I am a gamer and hate updates while playing so they were disabled, I know, I know, bad juju. Please help.

    :)
     
    Sevyrr, Apr 7, 2020
    #1

  2. Trojan in My Registry


    I have an older 15 inch HP with W10 that I recently updated.

    I have always had McAfee on the computer, it has never lapsed.

    I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup.

    When I recently bought a new printer it would not sync up with the laptop. I believe it was a driver issue as a result of the new upgrade.

    But I called HP (the manufacturer of my printer) and they said I had a Trojan embedded in my Registry.
    When I was online with him we went through various links and steps and yep ! There it was !

    When I went to the Event Viewer it indicated that about 35 -50 ? programs have crashed/failed.

    HP said they wanted to charge me 249 to fix it because it was not a printer issue.

    I went to Best Buy and they said they would have to have my computer for a week and it would cost 199.

    I bought a new computer, the one I have now for 239. Yeah me.

    But the computer is still good ......minus the nasty trojan.......it runs slow, it takes forever to do anything and I will never use it for personal information.

    I have transfered my files and links manually from the old computer to the new one...this one.

    Previously, when I have had a trojan or virus, it was always right click and delete.

    Not this time. Is there an easy way for a novice.......step by step........to delete it ?

    The computer itself is only 14 months old. It has a lot of life in it if I can get rid of the trojan.

    Can I fix it myself or should I trash it ?

    Thanks.
     
    RaymondWindoz10, Apr 7, 2020
    #2
  3. Trojan in My Registry


    That is typical for all computers. It is a scam, there is nothing to clean. I wonder, where you got HP's number?

     
    TairikuOkami, Apr 7, 2020
    #3
  4. Mel Tar Win User

    Fileless Registry Trojan

    Rooted Malware, Virus, and Trojan Infection, Keylogger Trojan Malware

    Hi,

    Please click the link below and follow Stephen Boots' suggestion on how to remove Trojan virus on your computer:

    Let us know if you need further assistance.
     
    Mel Tar, Apr 7, 2020
    #4
Thema:

Fileless Registry Trojan

Loading...
  1. Fileless Registry Trojan - Similar Threads - Fileless Registry Trojan

  2. Trojan

    in Windows 10 Gaming
    Trojan: i had a problem with trojan, and i saw a post telling me to scan it with Malwarebytes and Micrsoft Safety Scanning, i did and it said it solved the issue but im very paranoid so how do i check if its 100% gone? do i just full scan it with windows security?...
  3. Trojan

    in AntiVirus, Firewalls and System Security
    Trojan: i had a problem with trojan, and i saw a post telling me to scan it with Malwarebytes and Micrsoft Safety Scanning, i did and it said it solved the issue but im very paranoid so how do i check if its 100% gone? do i just full scan it with windows security?...
  4. trojan

    in AntiVirus, Firewalls and System Security
    trojan: my desk to computer said I had a Trojan and to call this number. not sure legit. Norton said to turn off computer for 3 hrs. thoughts https://answers.microsoft.com/en-us/protect/forum/all/trojan/398813f7-bde9-459c-8c58-da36e3e69a32
  5. Trojan

    in AntiVirus, Firewalls and System Security
    Trojan: Hi, The other day I received the following severe warning after doing a scan. Trojan:Win32/Dorv.D!rfn. Windows Defender acknowledges the threat but cannot remove it. I have read from others that they believe this to be a false positive. Please explain. MDS...
  6. trojan

    in AntiVirus, Firewalls and System Security
    trojan: defender says PC is infected by Win32/Vigram.A Is this a real trojan or an attempt to make me by a false malware scanner https://answers.microsoft.com/en-us/protect/forum/all/trojan/47a98ccd-615b-479b-85aa-ddbf0ba9155c
  7. Trojans

    in AntiVirus, Firewalls and System Security
    Trojans: I had very confidential files in my itunes backup on my PC but was not encrypted. Now when i scan my PC I found some trojans available. I google about the trojan and found that they can steal our files. Have they steal my itunes backup too? I am worried. What is the chance...
  8. Trojan in My Registry

    in AntiVirus, Firewalls and System Security
    Trojan in My Registry: I have an older 15 inch HP with W10 that I recently updated. I have always had McAfee on the computer, it has never lapsed. I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup. When I recently bought a new printer it would not sync up with the...
  9. Trojan or not ?

    in AntiVirus, Firewalls and System Security
    Trojan or not ?: Hi all, Not quite sure when this started but roughly somewhere around July I noticed a file called NTUSER.rhk that resides in "Users\My username". Googling for the .rhk file extension gave me a bit of a scare as most sites suggest this is associated with Trojan....
  10. Fileless malware: The smart person's guide

    in Windows 10 News
    Fileless malware: The smart person's guide: Fileless malware uses system files and functions native to the operating systems to evade detection and deliver its payload. Learn more about this invisible threat and the best approach to combat it. What is fileless malware? Fileless malware is a type of malware...