Trojan:win64 Anyone know what this is?

andrewmengvang

Prominent
Dec 4, 2017
8
0
510
0
Hello, I have this thing I keeps popping up on my windows defender I says Trojan:win64 I have tried deleting it but it just doesn’t delete. Is it a virus? It makes my computer act weird I can’t repair steam when the pop up shows I also can’t update games on steam unless I shut down and turn my pc back on. Anyone got a solution thank you
 
Feb 10, 2018
6
0
20
1
Win64/patched.az.gen!dll may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations. I recommend downloading SpyHunter. SpyHunter is a powerful on-demand scanner, which will scan for malicious programs that may have been installed on your PC alongside Win64/patched.az.gen!dll.

manual way is :

Hold together the Start Key and R. Type appwiz.cpl –> OK

In Safe Mode (if you skipped the previous step, go back and do it) type cmd in the Search Field. Righ Click it —> Run as Administrator. In the new window, type sfc /scannow and press Enter. Wait for the verification process to finish

At this point, you successfully removed the DNSAPI.dll missing error.

Hold the Start Key and R – copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom.

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the Start Menu, type “Control Panel” in the search box —> Enter. Network and Internet —> Network and Sharing Center —> Change Adapter Settings. Right-click your Internet connection —> Properties.

In Networking, left click Internet Protocol Version 4 —> Properties.

Right click on the Taskbar —> “Start Task Manager.”

Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
 

Mustangace

Commendable
Nov 5, 2016
13
0
1,570
4


If Phillip Corcoran's link doesn't help you get rid of it, download the free version of Malwarebytes here:

https://www.malwarebytes.com/mwb-download/

Malwarebytes is very good at detecting Trojan malware and then quarantining it so you can either keep it (why would you) or delete it. Malwarebytes puts it in a corner so it can't hurt you and your computer any longer.

Many use Malwarebytes as their go-to anti-malware elimination software. I use it randomly just to check once in a while to make sure I haven't picked up something that Windows Defender either doesn't catch or can't eliminate.

Good luck!

 

andrewmengvang

Prominent
Dec 4, 2017
8
0
510
0


Thank you for the answer I will try this to see if it works
 
Feb 10, 2018
6
0
20
1
Win64/patched.az.gen!dll may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations. I recommend downloading SpyHunter. SpyHunter is a powerful on-demand scanner, which will scan for malicious programs that may have been installed on your PC alongside Win64/patched.az.gen!dll.

manual way is :

Hold together the Start Key and R. Type appwiz.cpl –> OK

In Safe Mode (if you skipped the previous step, go back and do it) type cmd in the Search Field. Righ Click it —> Run as Administrator. In the new window, type sfc /scannow and press Enter. Wait for the verification process to finish

At this point, you successfully removed the DNSAPI.dll missing error.

Hold the Start Key and R – copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom.

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the Start Menu, type “Control Panel” in the search box —> Enter. Network and Internet —> Network and Sharing Center —> Change Adapter Settings. Right-click your Internet connection —> Properties.

In Networking, left click Internet Protocol Version 4 —> Properties.

Right click on the Taskbar —> “Start Task Manager.”

Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
 
Thread starter Similar threads Forum Replies Date
DCB007 Antivirus / Security / Privacy 4
G Antivirus / Security / Privacy 1
M Antivirus / Security / Privacy 3
D Antivirus / Security / Privacy 6
B Antivirus / Security / Privacy 1
C Antivirus / Security / Privacy 1
G Antivirus / Security / Privacy 9
Z Antivirus / Security / Privacy 4
A Antivirus / Security / Privacy 1
M Antivirus / Security / Privacy 1
T Antivirus / Security / Privacy 7
D Antivirus / Security / Privacy 5
R Antivirus / Security / Privacy 1
G Antivirus / Security / Privacy 7
L Antivirus / Security / Privacy 1
Jeffery414 Antivirus / Security / Privacy 14
M Antivirus / Security / Privacy 3
D Antivirus / Security / Privacy 3
G Antivirus / Security / Privacy 2
A Antivirus / Security / Privacy 1

ASK THE COMMUNITY