Jump to content

Persistent Trojan on my laptop


Recommended Posts

Hi guys. I am running KIS 2019 on my Dell XPS15 Windows 10 64 bit laptop. Recently, KIS red-flagged to inform a trojan had been detected at the following location, C:\Users\xxxx\AppData\Roaming\34270ECE-2DBB-F39F-B25B-462083AC4FDF\Hamelab.dat., and ordered a reboot to remove, which I did. However, upon restarting, the red-flag did not go away and I was ordered to do another reboot. After a couple more restarts, I decided enough was enough. This sucker is not going away that easily. I would like to know if anyone else has faced the same problem. Need help. Thank you.
Link to comment
Share on other sites

Hi, as well as all above posts. Just an "update" i never included the GSI Parser for the GSI Log. You will need to create the GSI Log here. https://forum.kaspersky.com/index.php?/topic/915-how-to-help-us-help-you-with-a-log-of-your-system/ Then drop the zip in here. https://www.getsysteminfo.com/ Copy and paste the easy to read link and put it in your report. You can post it back here to please.
Link to comment
Share on other sites

Hi KarDip, Thank you for your reply. I went to the link for the AVZ tool and found the following instructions.
  1. Download the AVZ tool executable file.
  2. Run the avz5.exe file on your computer. If the Windows Defender SmartScreen prevented avz5.exe from launching, in the Windows protected your PC window, click More infoRun anyway.
  3. Click FileCustom scripts.
  4. In the input field, enter the script you received from the Kaspersky Lab technical support specialist.
  5. Click Run.Wait until the tool has finished running and complete the rest of the Kaspersky Lab technical support specialist’s instructions.
Item 4 says I need to enter the script provided by Kaspersky technical support. Any idea? Thanks. Submariner
Link to comment
Share on other sites

Hi Wesly, Thank you for your interest in this problem. I tried looking for the file using the path in the red-flag to try delete the trojan manually but could not find it. My guess is Kaspersky must have removed and quarantined it. I am not sure if this is related but having been alerted to a trojan infection I began looking through my installed programs and running services and discovered Chromium had somehow been installed on my laptop. Now, I am not sure how it got installed because I know what Chromium does and would never have consciously installed it. The Hamelab.dat trojan could have been snuck in by Chromium. Regards. Submariner
Link to comment
Share on other sites

Hi Submariner. Yes Kaspersky does provide "scripts' to remove the offending "virus or etc". But first they need to know how to write the scripts viewing some software information about you computer. Yes AVZ Tool it looks confusing, but it is very easy to use. For now please send the GSI Log to get started, lets think about AVZ for later. Mean while just take a look here to study how to configure. http://www.z-oleg.com/secur/avz_doc_en/index.html?t_about.htm Please do not remove "anything" in testing. Lets do this the easy way first. Do your GSI Log. https://forum.kaspersky.com/index.php?/topic/915-how-to-help-us-help-you-with-a-log-of-your-system/ Please drop the Zip in the GSI Parse. Then "copy and paste post the "easy read link" back here and in your support "report" https://forum.kaspersky.com/index.php?/topic/915-how-to-help-us-help-you-with-a-log-of-your-system/ Thank you.
Link to comment
Share on other sites

  • 1 year later...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.