Author Topic: MSILPerseus.98526 - Trojan?  (Read 2199 times)

Offline Jomot

  • RootsChat Marquessate
  • *******
  • Posts: 3,658
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
MSILPerseus.98526 - Trojan?
« on: Sunday 07 January 18 02:48 GMT (UK) »
My virus scanner has identified the above but has not been able to remove it. 

I've googled and found a site telling me how to remove it, but it involves playing around in the registry, which I don't think I feel confident enough to do.   

Can anyone please advise how bad this is, and whether there is another way to remove it?

Thanks
MORGAN: Glamorgan, Durham, Ohio. DAVIS/DAVIES/DAVID: Glamorgan, Ohio.  GIBSON: Leicestershire, Durham, North Yorkshire.  RAIN/RAINE: Cumberland.  TAYLOR: North Yorks. BOURDAS: North Yorks. JEFFREYS: Worcestershire & Northumberland. FORBES: Berwickshire, CHEESMOND: Durham/Northumberland. WINTER: Durham/Northumberland. SNOWBALL: Durham.

Offline [Ray]

  • RootsChat Marquessate
  • *******
  • Posts: 6,270
  • UK Census information Crown Copyright
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #1 on: Sunday 07 January 18 09:48 GMT (UK) »
Hi

What anti-virus are you using?

There are some additional "options" here . . . . .
https://antivirus-blog.com/removal-guides/remove-genvariant-msilperseus-19245-virus-removal/

Ray
"The wise man knows how little he knows, the foolish man does not". My Grandfather & Father.

"You can’t give kindness away.  It keeps coming back". Mark Twain (?).

Offline Jomot

  • RootsChat Marquessate
  • *******
  • Posts: 3,658
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #2 on: Sunday 07 January 18 11:57 GMT (UK) »
Thanks, I'll probably try that this afternoon.   

I'm using F-Secure.  Not sure how I ended up with the trojan though as I'm usually very careful.
MORGAN: Glamorgan, Durham, Ohio. DAVIS/DAVIES/DAVID: Glamorgan, Ohio.  GIBSON: Leicestershire, Durham, North Yorkshire.  RAIN/RAINE: Cumberland.  TAYLOR: North Yorks. BOURDAS: North Yorks. JEFFREYS: Worcestershire & Northumberland. FORBES: Berwickshire, CHEESMOND: Durham/Northumberland. WINTER: Durham/Northumberland. SNOWBALL: Durham.

Offline AngusMcCoatup

  • RootsChat Member
  • ***
  • Posts: 116
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #3 on: Sunday 07 January 18 17:41 GMT (UK) »
Try malwarebytes - it's free but just be careful during installation that you don't select the premium trial option.

https://www.malwarebytes.com/


Offline Jomot

  • RootsChat Marquessate
  • *******
  • Posts: 3,658
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #4 on: Sunday 07 January 18 18:31 GMT (UK) »
Thanks - that's also what was suggested in Ray's link.   

I ran it this afternoon & nothing was detected so I don't really know whats going on.  Looking at the original F-Secure report there's some reference to FreeReg (I transcribe for them), although I haven't opened any of those files since before Xmas and have had several 'clean' scans since then.  I was planning to re-start transcribing next week, but now I'm nervous.

Its still sat in the F-Secure quarantine area - can/should I just delete it from there? 

MORGAN: Glamorgan, Durham, Ohio. DAVIS/DAVIES/DAVID: Glamorgan, Ohio.  GIBSON: Leicestershire, Durham, North Yorkshire.  RAIN/RAINE: Cumberland.  TAYLOR: North Yorks. BOURDAS: North Yorks. JEFFREYS: Worcestershire & Northumberland. FORBES: Berwickshire, CHEESMOND: Durham/Northumberland. WINTER: Durham/Northumberland. SNOWBALL: Durham.

Offline [Ray]

  • RootsChat Marquessate
  • *******
  • Posts: 6,270
  • UK Census information Crown Copyright
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #5 on: Sunday 07 January 18 19:04 GMT (UK) »
Hi

I'd talk to the tech staff at the website you are using . . . . .

I can only say that, if it were me, I'd delete everything in quarantine.

Ray
"The wise man knows how little he knows, the foolish man does not". My Grandfather & Father.

"You can’t give kindness away.  It keeps coming back". Mark Twain (?).

Offline AngusMcCoatup

  • RootsChat Member
  • ***
  • Posts: 116
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #6 on: Sunday 07 January 18 19:49 GMT (UK) »
Its still sat in the F-Secure quarantine area - can/should I just delete it from there?

Yes.

Offline [Ray]

  • RootsChat Marquessate
  • *******
  • Posts: 6,270
  • UK Census information Crown Copyright
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #7 on: Sunday 07 January 18 20:02 GMT (UK) »
 :)

That's 2x votes

 :)

Once deleted, then run your own antivirus again.
THEN reboot
Then download and run
http://www.microsoft.com/security/scanner/en-us/default.aspx
Then reboot immediately after

Then ( guess what? )
Rerun antivirus and reboot, until you get no warnings
( ie Get a clear run between 2 consecutive boots )
 
Ray

Possible (more recent) replacement for above . . . . .
https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx


"The wise man knows how little he knows, the foolish man does not". My Grandfather & Father.

"You can’t give kindness away.  It keeps coming back". Mark Twain (?).

Offline [Ray]

  • RootsChat Marquessate
  • *******
  • Posts: 6,270
  • UK Census information Crown Copyright
    • View Profile
Re: MSILPerseus.98526 - Trojan?
« Reply #8 on: Monday 08 January 18 20:26 GMT (UK) »
Hi

So what did they say?

Cheers!

Ray
"The wise man knows how little he knows, the foolish man does not". My Grandfather & Father.

"You can’t give kindness away.  It keeps coming back". Mark Twain (?).