Kaspersky
Question

Detected object (process memory) not processed C:\Windows\Temp\temp72108.bat Trojan program.

  • 6 July 2019
  • 5 replies
  • 1645 views

if i read this correctly i have a Trojan that i can't get rid of

5 replies

Userlevel 7
Badge +11
Hello TouchuvGrey,
Welcome!
Please tell us:
  1. Windows version, build?
  2. Kaspersky software, version, patch?
  3. Has any software from unknown or possibly unsafe sources recently been installed? If "YES", please let us know the name, version of software?
  4. Has the issue recently started or been existing for a lengthy time?
  5. What steps have you taken to "get rid" of temp72108.bat?
  6. Is temp72108.bat actually located in C:Windows\Temp?
  7. Are any .bat files located in C:Windows\Temp?
  8. Is their any evidence of temp72108.bat contamination in the system apart from the detection by Kaspersky software?
  9. Is temp72108.bat in Kaspersky QUARANTINE?
  10. If "YES", please tell us how the system is being affected?
Have you performed the following procedure / steps (if not please do so):
  1. Create a system image.
  2. Create a restore point.
  3. Make sure all critical documents/data is backed up.
  4. Delete everything in C:Windows\Temp, there will be 3 or 4 files/folders in use, unable to be deleted - select "skip" for those, there may be several files/folders that require Admin permission to delete, grant the Admin access to ensure as many objects are deleted as is possible.
  5. Clear the contents of Temp folder, instructions: http://support.kaspersky.com/1161
  6. Full PC power off/on
  7. Uninstall any recently installed junk
  8. Full PC power off/on
  9. Uninstall any and all junk toolbars
  10. Full PC power off/on
  11. Uninstall/disable any and all junk browser add-ons and extensions and plugins in all of your browsers.
  12. Remove the junk argument from the target field of the browser shortcut properties.
  13. Remove any and all junk search providers in all browsers.
  14. If necessay, change the home page, of all browsers.
  15. Clean up all browsers: http://support.kaspersky.com/us/viruses/solutions/10319
  16. Full PC power off/on
  17. Make sure Kaspersky software is active.
  18. Run manual database update
  19. Run manual full scan with nothing else active, allow the full scan to complete
  20. Check Kaspersky REPORTS for temp72108.bat ?
Result:
  • temp72108.bat no longer reported , great, please post back and let us know?
  • temp72108.bat still being reported - not great, please collect a GSI & Windows logs, https://support.kaspersky.com/common/diagnostics/3632#block7, upload to cloud storage of your choice, post back the link and any additional details so we can further assist please?
Thanks!
  1. Windows 10 version 1809
  2. Kaspersky Total Security 19.0.0.1088 (f)
  3. Wise Care 365, Tweaking.com Windows repair ( neither of which i would consider questionable )
  4. Issue is recent, past week
  5. deleted all temp files
  6. No, nor can i find it anywhere else.
  7. No
  8. No
  9. No
  10. At about the same time i noticed this the K icon changed from green to red
Mike
Userlevel 7
Badge +11
Hello Mike,
If you wish to invert the Kaspersky red/black icon to green shield

  • Open the "Information" window of the Kaspersky software, as shown in the image


  • Press the following keyboard keys: IDDQD

The icon should change.
Thanks.
Additional notes

Neither a full nor selective scan by Kaspersky show anything
Full scan by Malware Bytes shows nothing.
No toolbars junk or otherwise

Browsers are Firefox and Chrome
Userlevel 7
Badge +11
Hello Mike:

Please follow each of the steps in order: 1 thru to 20, advise the [Result] & if necessary take the requested followup actions
  1. Create a system image.
  2. Create a restore point.
  3. Make sure all critical documents/data is backed up.
  4. Delete everything in C:Windows\Temp, there will be 3 or 4 files/folders in use, unable to be deleted - select "skip" for those, there may be several files/folders that require Admin permission to delete, grant the Admin access to ensure as many objects are deleted as is possible.
  5. Clear the contents of Temp folder, instructions: http://support.kaspersky.com/1161
  6. Full PC power off/on
  7. Uninstall any recently installed junk
  8. Full PC power off/on
  9. Uninstall any and all junk toolbars
  10. Full PC power off/on
  11. Uninstall/disable any and all junk browser add-ons and extensions and plugins in all of your browsers.
  12. Remove the junk argument from the target field of the browser shortcut properties.
  13. Remove any and all junk search providers in all browsers.
  14. If necessay, change the home page, of all browsers.
  15. Clean up all browsers: http://support.kaspersky.com/us/viruses/solutions/10319
  16. Full PC power off/on
  17. Make sure Kaspersky software is active.
  18. Run manual database update
  19. Run manual full scan with nothing else active, allow the full scan to complete
  20. Check Kaspersky REPORTS for temp72108.bat ?
Result:
  • temp72108.bat no longer reported , great, please post back and let us know?
  • temp72108.bat still being reported - not great, please collect a GSI & Windows logs, https://support.kaspersky.com/common/diagnostics/3632#block7, upload to cloud storage of your choice, post back the link and any additional details so we can further assist please?
Thanks!

Reply