Jump to content

Recommended Posts

Posted

i got this trojan.win32.sepeh.gen malware it has been detected by kaspersky total security but when i want to disinfect it my pc start crashing and reboot it self but the malware still there pls help me out guys

  • 2 weeks later...
Wesly.Zhang
Posted

Hello, @DARKxx56

Have you installed any other security product just like huorong safety guard?

Regards.

  • 3 weeks later...
Posted

Hello, Admin

 

sorry if my english is not good. 
i have the same problem with this "Trojan.Win32.SEPEH.gen" and it is not resolved. I'm confused as to how I handled it.
when I tried to disinfect with Kaspersky. my pc suddenly black screen without being able to do anything.Please help me.

 

Thanks,

Bagus

Screenshot_3.png

Wesly.Zhang
Posted
30 minutes ago, Bagus1414 said:

Hello, Admin

 

sorry if my english is not good. 
i have the same problem with this "Trojan.Win32.SEPEH.gen" and it is not resolved. I'm confused as to how I handled it.
when I tried to disinfect with Kaspersky. my pc suddenly black screen without being able to do anything.Please help me.

 

Thanks,

Bagus

Screenshot_3.png

Hi, @Bagus1414

Could you export microsoft autoruns logs to me via pm?File-->Save...

https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Regards.

Wesly.Zhang
Posted

Hi, @Bagus1414

I have received your file and check some place. As an investigation, I need you to prevent some software from running in the background first, for example, to prevent some software from starting automatically at OS boot period. At this point, wait a while to see if the detection still occurs. Finally report the situation and give us feedback.

First, you should update the windows to install all hotfix or patch.

Second, Try to config some application settings.

Synapse3 - C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe //If you have some basic functions to use, you can terminate process

Lightshot - C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe //search its settings to uncheck start with system boot optional or kill its process.

Web Companion - C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe //search its settings to uncheck start with system boot optional or kill its process.

TrayApplication - C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe //search its settings to uncheck start with system boot optional or kill its process.

vksts - C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\vksts.exe //search its settings to uncheck start with system boot optional or kill its process.

CodecPackTrayMenu.lnk - C:\Windows\SysWOW64\Codecs\TrayMenu.exe //search its settings to uncheck start with system boot optional or kill its process.

BlueStacksHelper - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe //kill this process

Winrar - D:\Folder APP\WinrarFile\rarext.dll // I recommend you use 7zip instead of this software.

Regards.

 

  • Like 1
Wesly.Zhang
Posted

All the above operations about terminate the process are only valid for the current one. If you shut down and restart OS, please re-terminate the related process again.

  • Like 1
Posted

Dear Wesly.Zhang

 

I've followed your advice. My question means this virus will not go away? and this is only for temporary prevention? I've removed apps that aren't recommended and I've changed the winrar app to 7zip. but this warning still appeared.

Regards,

bagus

Screenshot_1.png

Screenshot_2.png

Wesly.Zhang
Posted

Hello, @Bagus1414

Have you updated any software or installed any software recently? As I think, Usually this detection is to find the existence of expanded memory in the memory process to store code. For example, this situation exists under the explorer.exe process. This operation may be due to a legitimate program (just a false alarm) or an illegal program. So now you need to troubleshoot the problem one by one, you can also report this situation to Kaspersky technical support.

 

Wesly.Zhang
Posted

Also, May I ask you what input method do you use, Microsoft input method or other third-party input method? Is this detection very regular, between 15 minutes and 20 minutes after the system starts up? Until there is no final solution, you can turn off background (rootkit) detection first.

https://support.kaspersky.com/KTS/21.3/en-US/199672.htm

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...