Trojan causing duplicatiobn of all data files/folders?

Thanks - here goes...

n.b. not all examples of the serach term are unwanted files. The legitimate ones are the folders ...Documents\Infleunt and ...Documents\Influent 2024.

|All the imnstances of folders that comtain the word "Influent", as subfolders within other folders in the Documents library,  are the problem.  

Edited by Cumulo, 18 April 2024 - 01:17 PM.

This is very peculiar as the way the folders are organized.

Enclosed please find the list of files and folder related to influent.

 Influent_Folders.txt   26.6KB   1 downloads

Please review this list and remove the lines you do not want to remove, then save the rest as Fixlist.txt in the location FRST64 is saved. Run FRST64 and click on Fix.

Perform another search:

Edited by JSntgRvr, 18 April 2024 - 10:01 PM.

OK, thankyou.

Here is the list, atatcched.

What is peculair about the way the files are organised? You mean the Dcouments\My Documents thimg?    

OK, thankyou.

 

Here is the list, atatcched.

 

What is peculair about the way the files are organised? You mean the Dcouments\My Documents thimg?    

Is the way was distributed, such as, teaching, Legal and others. I won't touch the registry as seems to be related to Office.

How is it doing?

It's doing Ok in general.

I see there are still cases of /Infleunt and /Influent 2023 enscconced in other folders. And cannot be deleted still as apparent,ly not in tjhs e locations. But AFAIK not doing any harm. Would I be right in thinking we would need to get into the Registry to expunge them?

You mention the Hosts file in an earlier post. Is this the name of a virtis and could it have caused this mass duplication of certain folders?   

They will be cleaned now.

Congratulations.

Use this application to remove tools used and their quarantined items:
 
Please download KpRm by Kernel-panik and save to your Desktop.

• Click on KpRm.exe to run the tool.

Vista/Windows 7/8/10 users right-click and select Run As Administrator.

• Put a check mark next to these items:

- Delete tools

 -Delete Restore Points

- Create Restore Point

- Delete now

• Click the "Run" button.

• When the tool has finished, it will create and open a log report and delete itself.

A few final recommendations:
 
The following information will help you to keep your computer and data safer as well as improve your overall privacy

• Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
  https://www.howtogeek.com/780233/best-password-manager/
• Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
• Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download     https://patchmypc.com/about-us
• Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
• Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/
• Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

•   Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee
•   Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser
•   Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/

uBlock Origin

• Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
• Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak
• Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin

Cybersecurity basics & protection
 
Everything you need to know about cybercrime
https://www.malwarebytes.com/cybersecurity
 
Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/
 
Please review the following to help you better protect your computer and privacy
 
Tips to help protect from infection
 
Hopefully, we've been able to assist you with correcting your system issues.
 
Thank you for using BleepingComputer. Please tell your friends and family if they too need assistance with malware removal.

Thankyou very much.

I  have installed some browser extensions.

I notice the Infleunt folders still persist in some locations but as they seem to be doing no harm, it does not overly boyther me.  

You mention the Hosts file in an earlier post. Is this the name of a virtis and could it have caused this mass duplication of certain folders?   

 

No. The Hosts file just helps you to block or allows sites to be reached. It is not a carrier of viruses.

Bets regards.