UKH Forums - "Filecoach" malware? How to remove

"Filecoach" malware? How to remove

This topic has been archived, and won't accept reply postings.

gneiss boots 25 Mar 2020

Any experts here who know about such things? It seems today that while browsing education resources this has got itself installed on Windows 10 PC and it is really hard to remove and Norton has been no help. Any other tips?

JimbotheScot 25 Mar 2020

In reply to gneiss boots:

'education resources' suuuure

Have you tried

https://www.malwarebytes.com/

Post edited at 19:45

OP gneiss boots 25 Mar 2020

In reply to JimbotheScot: Thanks. Will give it a go. Definitely educational stuff but clicked through on something via a teaching site on Pinterest and Norton Power Eraser has not worked and it may have knackered a registery file. May be re-installing windows 😦

freeflyer 25 Mar 2020

In reply to gneiss boots:

Hi, this doesn't come up on a malware search. What are the symptoms that make you think it's a bad guy?

Also try HijackThis, and kapersky.

john arran 25 Mar 2020

In reply to gneiss boots:

The reason why Norton won't help is that Norton itself is a kind of malware. It needs to pester you relentlessly so you think it's doing something worthwhile that's justifying the wasted cash you spent on it.

OP gneiss boots 26 Mar 2020

In reply to freeflyer:

It was installed yesterday. It won't uninstall and requires admin password prompt when try to do for no effect and a reference to zoremov makes me suspicious.

what is filecoach and then a search on 'zoremov' don't bring up much on google but enough to worry me and I think it should be gone before we do anything on pc.

freeflyer 26 Mar 2020

In reply to gneiss boots:

Fair enough. Could be some kind of browser extension. The various tools posted above should help identify what and where it is.

You could search the file system for anything that looks like filecoach or zoremov etc, and if you find something with a recent date, consider renaming it and rebooting. Google the file name in question first though!

OP gneiss boots 26 Mar 2020

In reply to freeflyer: Thanks. It was easier to reset Windows and re-load things like chrome and office and keep things simple as started getting libcurl.dll errors after removal efforts.

wercat 26 Mar 2020

In reply to gneiss boots:

using Clonezilla to make a system image is a useful technique for getting everything back. Takes a little time to master though.

captain paranoia 26 Mar 2020

In reply to wercat:

Macrium Reflect is also good for system image backups. It's free.

captain paranoia 26 Mar 2020

In reply to gneiss boots:

Simple Google search finds this:

https://maltiverse.com/sample/fed07785b26645cf648ee5cc702f4c70222d45c71e453...

wercat 26 Mar 2020

In reply to captain paranoia:

will have a look at that, thanks

I learned about the Clonezilla stuff trying to replicate a very specific linux version for a very old Asus 701 netbook with only 4GB SSD on to another identical machine and after completely failing to find a workable distribution on tintinet

Post edited at 17:15

New Topic

This topic has been archived, and won't accept reply postings.

Latest Jobs 2 New

Jobs Website Merchandiser

Elsewhere on the site

Press Release Arc'teryx Climb Academy returns to the Lake District: May 25th – 27th

Podcast Lyme Disease - What You Need to Know

News Lorraine McCall Starts Grahams Round

Lorraine McCall began her attempt today at a continuous, self-powered round of the Grahams, a four-month tour of upland Scotland combining walking and bikepacking. If successful, she'll be the first person that we know of to do it.

16 Apr

Gear News Cocoon's Innovative Travel Towels

UKH Advertising