This is in my virus chest 8 times in the last month. I never get any notifications of an infection or anything. I just happened to look in the virus chest.
I have read a lot on this supposed trojanhorse on websites, including AVG and avast. Is this a false positive?
Hello, I am not able to say if it is TP a FP detection based on the informations you supplied. Can you please upload the removal.log and detection2.log from C:\ProgramData\AVAST Software\Avast\log.
Also by the given detection name there must be always shown detection dialog waiting for user action unless You configure it in setting otherwise.
You are actually infected with fileless malware. It looks like You are on 18.3 version which is not able to completely remove persistence point of the malware and stopping only the malware execution. I suggest You to upgrade to 18.4 where we improved removing of malicious LNK files. If the problem persists please send me the output of this utility https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns and I can guide you through the malware persistence removal.
Probably because I ran malwarebytes first, the Avast full scan was clean. I ran the autoruns program, but I could not attach the data file as it is too large.
pdate: Ran rkill and it didn’t find any malware to stop. Ran hitmanpro3.8 and it found only PUPS but no malware. Just ran Emisoft Emergency kit and it found Trojan.Kovter and some pups. I quarantined them. Log is attached.
Laptop still acting up, but none of the antimalware are finding anything. So I downloaded ZEMANA and it found trojan.kovter. This time it was in
C:\useres\hemis\appdata\local\nbib\xbeqcep.lnk