Trotux?

Last week I got a popup that said all my files would be wiped unless I updated my drivers. There was a box to click to update drivers.

Even a dummie like me knows better than that.

I bailed.

I run virus scans and it shows 4 PUPs

Optional.Trotux
Optional.IStartPageing.ChrPRST
Optional.MySites1233.ShrtCln
Optional.YourSites123.ShrtCln

I quarantine them and delete them but they come right back.

It shows they are in my Firefox profile in prefs.js but that’s crazy because viruses don’t infect text files. At least that I’ve ever heard of.

I sent in a ticket last Friday but have not heard a damn thing back except the auto generated " we’ll get back to you"

WELL THEY HAVEN’T and it’s been almost a week.

When we are in trouble we need help NOW not in 3 weeks.

Has anyone else fought this and won?

Any suggestions?

This morning I disconnected all my other drives including my NAS so that if it does attempt to wipe my files it can’t get anything but C drive but that is a disaster all by itself. I forgot to turn off my automatic backup so now my backups are probably contaminated too.

The naming scheme doesn’t look like it’s from avast!. Is this detected by avast! or something else?

Umm, I think that list was from Malwarebytes but not sure now.

googled the PUPs and found articles that said Malware bytes would remove them completely but IT DID NOT.

Umm, I think that list was from Malwarebytes but not sure now.

googled the PUPs and found articles that said Malware bytes would remove them completely but IT DID NOT.


Then it is a Malwarebytes problem and you should post in MBAM forum

https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

If you search MBAM forum for trotux you get several hits

Yeah I’ve been there. Various articles claim Malwarebytes will clean it but it didn’t. Sent request for tech support this morning.

Also, this morning I disconnected most of my other drives including my NAS so if this thing actually can wipe my files it can’t get to those drives.

Yesterday I ran a boot scan with Avast and it found a LOT of infected files but those viruses still kept popping up in scans. Earlier yesterday Avast kept reporting viruses every time I did a scan too and I quarantined them and deleted them but next time I scanned they were back again.

Now this morning Avast is now not showing any viruses and MB is not showing any either but it did earlier today.

Now I don’t know if I got rid of it or if it is residing on one of the drives I disconnected this morning.

Since it threatened to wipe all my files if I didn’t do what they said, I’m leery they might be able to do exactly what they threatened. That’s why this morning I disconnected everything I could do without for awhile.

Think I’m gonna reboot and see if they show back up again.

It sounds to me the detections from avast where (almost?) all false positives due to a error in the VPS.
This has already been solved earlier today.

If you want us to check your system for malware, post in the correct forum.
https://forum.avast.com/index.php?topic=194892.0