Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HEUR:Trojan-Downloader.Script.Generic

Started by Webslinger64 , Aug 05 2016 03:01 PM

  • This topic is locked This topic is locked

#16
Webslinger64
Posted 07 August 2016 - 03:27 PM

Webslinger64

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 567 posts

Did you see my last post on EST Scanner? 


  • 0

Advertisements

#17
zep516
Posted 07 August 2016 - 03:58 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
When you accept the agreement, is there a line of text that says "advanced settings" you can click on ?

On the ESET page when I click on scan, a box pops up asking me to download. I'm Using Firefox here.
  • 0

#18
Webslinger64
Posted 07 August 2016 - 04:07 PM

Webslinger64

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 567 posts

Ahh, I think I got it now.  It says, "Clean threats Automatically".  I missed it.


Edited by Webslinger64, 07 August 2016 - 04:08 PM.

  • 0

#19
zep516
Posted 07 August 2016 - 04:10 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Clean threats automatically, just make sure that is not checked and in your screen shot it is not checked. So you're ok to start it.

Looks like ESET changed some things so I'll need to adjust my instructions.

Thanks
Joe :)
  • 0

#20
Webslinger64
Posted 07 August 2016 - 05:42 PM

Webslinger64

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 567 posts

So, the ESET Online Scanner was almost finished when it froze up.  It had found 13 infections.  It's still open on the desktop, but it's blank and when I look for the logfile, there's nothing to be found.


  • 0

#21
zep516
Posted 07 August 2016 - 05:54 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Reboot the computer if you need to get out of ESET, I doubt 13 infections so don't panic ESET flags a lot of things as infections that are not necessarily infections, that's reason for not removing found threats.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom. Click on it and copy and paste the report (even if it says nothing found).

Then run your Kaspersky scan and see if still finds HEUR:Trojan-Downloader.Script.Generic
  • 0

#22
Webslinger64
Posted 07 August 2016 - 06:25 PM

Webslinger64

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 567 posts

QuickScan 32-bitv0.9.9.147
--------------------------
Scan date:  Sun Aug 07 18:24:08 2016
Machine ID: 6DFD98



No infection found.
-------------------



Processes
---------
(unsigned)  D-Link WLAN Application                  2164    C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
(unsigned)  NetworkManager                           2756    C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe

(verified)  Avast Antivirus                          3592    C:\Program Files\AVAST Software\Avast\avastui.exe
(verified)  CyberLink MediaLibray Service            3024    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(verified)  Firefox                                  3040    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(verified)  Firefox                                  3492    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(verified)  Intel® USB 3.0 Monitor                 2764    C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(verified)  Java Platform SE Auto Updater            4856    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(verified)  Java Platform SE Auto Updater            4220    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(verified)  Kaspersky Security Scan                  1240    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(verified)  Kaspersky Security Scan                  3800    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(verified)  Kaspersky Security Scan                  4832    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(verified)  Kaspersky Software Updater Beta          2256    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(verified)  Microsoft OneNote                        4168    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(verified)  Power2Go Desktop Burning Gadget           528    C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe


Network activity
----------------
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 216.58.217.2
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 52.10.49.22
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 52.85.209.155
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 52.41.47.134
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 77.234.42.43
Process firefox.exe (3040) connected on port 80 (HTTP) --> 37.59.67.149
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 52.6.63.163
Process firefox.exe (3040) connected on port 443 (HTTP over SSL) --> 52.6.63.163
Process firefox.exe (3040) connected on port 80 (HTTP) --> 37.59.67.149
Process firefox.exe (3040) connected on port 80 (HTTP) --> 192.229.210.142
Process firefox.exe (3040) connected on port 80 (HTTP) --> 216.58.217.2
Process firefox.exe (3040) connected on port 80 (HTTP) --> 66.235.141.145
Process firefox.exe (3040) connected on port 80 (HTTP) --> 70.42.104.36
Process firefox.exe (3040) connected on port 80 (HTTP) --> 70.42.104.64
Process firefox.exe (3040) connected on port 80 (HTTP) --> 66.235.141.145



Autoruns and critical files
---------------------------
(verified)  Kaspersky Security Scan                  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(verified)  Kaspersky Software Updater Beta          C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(unsigned)  D-Link WLAN Application                  C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe

(verified)  Avast Antivirus                          C:\Program Files\AVAST Software\Avast\avastui.exe
(verified)  CyberLink MediaLibray Service            C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(verified)  CyberLink Virtual Drive                  C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
(verified)  Intel® USB 3.0 Monitor                 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(verified)  Java Platform SE Auto Updater            C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(verified)  Microsoft Office 2010                    C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
(verified)  Microsoft Office 2010                    c:\program files (x86)\microsoft office\Office14\GROOVEEX.DLL
(verified)  Microsoft OneNote                        C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(verified)  Microsoft® Windows® Operating System     c:\Windows\System32\userinit.exe
(verified)  Power2Go Desktop Burning Gadget          C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(verified)  SUPERAntiSpyware                         C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe


Browser plugins
---------------
(verified)  Bitdefender QuickScan                    C:\Windows\Downloaded Program Files\qsax.dll
(unsigned)  VLC Web Plugin                           C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

(verified)  Adobe Acrobat                            C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
(verified)  Adobe Content Decryption Module for Fir  C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\gmp-eme-adobe\17\eme-adobe.dll
(verified)  Bitdefender QuickScan                    C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified)  gmpopenh264.dll                          C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\gmp-gmpopenh264\1.5.3\gmpopenh264.dll
(verified)  IE Webrep plugin                         c:\program files\avast software\Avast\aswwebrepie.dll
(verified)  Intel® Identity Protection Technology    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
(verified)  Intel® Identity Protection Technology    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
(verified)  Internet Explorer                        c:\Windows\SysWOW64\ieframe.dll
(verified)  Java Deployment Toolkit 8.0.250.18       C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
(verified)  Java™ Platform SE 8 U25               c:\program files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
(verified)  Java™ Platform SE 8 U25               C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
(verified)  Java™ Platform SE 8 U25               c:\program files (x86)\Java\jre1.8.0_25\bin\ssv.dll
(verified)  Microsoft Office 2010                    c:\program files (x86)\microsoft office\Office14\GROOVEEX.DLL
(verified)  Microsoft Office 2010                    C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
(verified)  Microsoft Office 2010                    C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
(verified)  Microsoft Office 2010                    c:\program files (x86)\microsoft office\Office14\URLREDIR.DLL
(verified)  Microsoft® CoReXT                        c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
(verified)  Microsoft® CoReXT                        C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
(verified)  Microsoft® CoReXT                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\mswsock.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\NapiNSP.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\nlaapi.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\pnrpnsp.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll
(verified)  NPSWF32_22_0_0_209.dll                   C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
(verified)  Photo Gallery                            C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
(verified)  Widevine Content Decryption Module       C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\gmp-widevinecdm\1.4.8.866\widevinecdm.dll


Scan
----
MD5: 3b20ee7e73c2f2aa37d2b4116d1e0a88  C:\Program Files (x86)\CyberLink\Power2Go8\ToolkitPro1110vc90U.dll
MD5: 3e87fbaa0c77cec39e01d21da436e915  C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
MD5: 7327e4f583689eb5f90539cceefc01b6  C:\Program Files (x86)\D-Link\DWA-121 revA\ANIWConnService.exe
MD5: f6458218c78936638f67538ec87f6054  C:\Program Files (x86)\D-Link\DWA-121 revA\ANPDApi.dll
MD5: 2a1414dd31866cbb2b207ee60c7e688b  C:\Program Files (x86)\D-Link\DWA-121 revA\wlanapp.dll
MD5: 84bd6f19222851b08786e8ebea523f75  C:\Program Files (x86)\D-Link\DWA-121 revA\wnicapi.dll
MD5: d208b82330eb0ca9e1285520630183f1  C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
MD5: 0bf08c786f96bf483c67bf3c38dfaa3c  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MD5: c82a94ab2ed78e12c62d1b75c5898fe3  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ac_meta.dll
MD5: 11c712e0461ef94ea464d96972fdc350  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\am_meta.dll
MD5: 49640149822ef033a6dd9165d5c9c949  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\app_core_legacy.dll
MD5: e6a3496a09792b24edbaedb0bcf83783  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\app_core_meta.dll
MD5: 56347198589de9f5aa3ff3cb11b11917  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\cleanapi.dll
MD5: c5b362bce86bb0ad3149c4540201331d  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\d3dcompiler_47.dll
MD5: 330c2cc733e11898f3306604eb2afbde  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
MD5: b386c69bea7754a5cbf6957398ba6fee  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\exp.dll
MD5: 89b1f852bf1b06ecf87e32d472f1f676  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\instrumental_services.dll
MD5: 1c0db0af1fb38ca2519870d4e7b1a1ca  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\key_value_storage.dll
MD5: d3a27e4bb24c7bd08de5b1a1c6c49291  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kl_remote.dll
MD5: 424ccb79168437e5521dc6cf7577836c  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ksn_meta.dll
MD5: e3903b56c24368124ee5ae6e4e6d6566  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
MD5: 97bfbb7a52a1ef1b9972180c4507a037  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss_meta.dll
MD5: 679e56f7d7c61185bce9f6f75cc3464a  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
MD5: f05cf145bbe625e732596abfb380ef8a  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libeay32.dll
MD5: 45f91ace911aab6e0f8a17f3ec0de5c1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
MD5: 26ab87cdfb1353e7e1ae18b348b96f0f  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
MD5: 211e00b31957ce5b0b3c58e05e7b1c64  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\localization_manager.dll
MD5: bc83108b18756547013ed443b8cdb31b  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\msvcp100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\msvcr100.dll
MD5: 7b904442c6d795a9af1ca088154b6eea  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\params.ppl
MD5: f82dda742c7d1bb1697e81753dc16182  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\prcore.dll
MD5: bfbd06cc477df570792b17dea9f195b1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\prremote.dll
MD5: dd19ac01eb3f9bea6d8d25a1db1538b0  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\pxstub.ppl
MD5: d00e7a5de9dde19763046ba472a4be4d  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ssleay32.dll
MD5: 97e87c511290913f6cc5a7a3067e562a  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\system_interceptors_meta.dll
MD5: 3dff53c61f4182ec9e4d1d447f0122b0  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ucp_meta.dll
MD5: 16f20c4ab3b992a45ae24d48267c23c2  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\updater_meta.dll
MD5: 9d41b4155c95c127076bbd5f855041eb  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\webcore.dll
MD5: 5fc4ed197c89c110d0fd1adac155526e  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\kl_service.dll
MD5: a67b078709f7c2deda542ff7f6f60d31  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
MD5: bc83108b18756547013ed443b8cdb31b  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\msvcp100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\msvcr100.dll
MD5: 80098415750b9cbbf8352139b2091168  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\vlns3_engine_mpm.dll
MD5: 93a98396bf918770ca34f552e9d1b32f  C:\Program Files (x86)\Mozilla Firefox\mozavcodec.dll
MD5: 3946c87521f93608cbb3b15bdeb25420  C:\Program Files (x86)\Mozilla Firefox\mozavutil.dll
MD5: cbfe3156904ab2d1a097f5e74a6c62f3  C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
MD5: 30083e8402cc43648b421de70edf6277  C:\Program Files\AVAST Software\Avast\defs\16080700\aswCmnBS.dll
MD5: fd2510710349cabe33c19ed95fb56cf9  C:\Program Files\AVAST Software\Avast\libcef.dll
MD5: 0db1e3f6189c628675f855c0eb510419  C:\Program Files\Intel\iCLS Client\HeciServer.exe
MD5: 86d9a906b8467ae1e331296afe0f083f  C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
MD5: 08e45607cf22453358bb53a15f077813  C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
MD5: 839fd7c9e08308ebd10b962684c6a673  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MD5: ae332088fce777565795c175d717bf8b  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b4ac7fc8e399a65501bc24ed145da83e\System.Configuration.ni.dll
MD5: 9938b49e56a2d82d8445a6856fdba3c9  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a0754f93fe7541681b6966aee5ab48c2\System.Core.ni.dll
MD5: 1e6c9600f67f1b302022d388ca64927c  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9332dc973032df65d7cd10f450790e01\System.Drawing.ni.dll
MD5: 189f8e7927a6a879daf1e2dd40f94ee5  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2b5ee5e1cebe62297c66fee44c2809aa\System.Windows.Forms.ni.dll
MD5: 4c14def557ac8eb05a31ad2c5aacd7fb  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68b023e4ca0c078c48e6834c324ed86f\System.Xml.ni.dll
MD5: dc3678e145a7fabcb8fd44b3e8467bd6  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\7006c51c12a329ca333484758266f07f\System.ni.dll
MD5: 56940b50ab0e5923822f47b0e4463885  C:\Windows\Downloaded Program Files\qsax.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6  C:\Windows\SysWOW64\d3d9.dll


No file uploaded.

Scan finished - communication took 1 sec
Total traffic - 0.00 MB sent, 0.17 KB recvd
Scanned 469 files and modules - 10 seconds

==============================================================================
 


  • 0

#23
Webslinger64
Posted 07 August 2016 - 06:34 PM

Webslinger64

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 567 posts

Ran Kaspersky and it did not find those infections.  Looks good. 

 

So, since I have Avast installed, should I uninstall Kaspersky?  Obviously, Avast didn't flag these infections.  The Kaspersky online scanner doesn't seem to be as in depth as the Avast.  Kaspersky scanner runs and completes its scan in 2-3 minutes or so, so I'm not sure if that is a legit anti-virus program to use to protect my PC.

 

Let me know what you think and thank you for all your help.


  • 0

#24
zep516
Posted 07 August 2016 - 06:42 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Yes you can uninstall Kaspersky, those infections were located in the temp files and FRST got rid of them on the fist run when we "empty temp". Yes keep avast.

It's also important to remove all the tools and log files we created see below:

The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).


Why we need to remove some of our tools:
Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight. They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.



Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.

  • 0

#25
Webslinger64
Posted 07 August 2016 - 07:47 PM

Webslinger64

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 567 posts

# DelFix v1.013 - Logfile created 07/08/2016 at 19:41:23
# Updated 17/04/2016 by Xplode
# Username : Helena - HELENA-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.1.0.8_12.12.2015_08.02.38_log.txt
Deleted : C:\Users\Helena\Desktop\Addition.txt
Deleted : C:\Users\Helena\Desktop\AdwCleaner[S3].txt
Deleted : C:\Users\Helena\Desktop\Fixlog.txt
Deleted : C:\Users\Helena\Desktop\FRST.txt
Deleted : C:\Users\Helena\Desktop\FRST64(1).exe
Deleted : C:\Users\Helena\Desktop\JRT.txt
Deleted : C:\Users\Helena\Desktop\TFC.exe
Deleted : C:\Users\Helena\Downloads\Addition.txt
Deleted : C:\Users\Helena\Downloads\adwcleaner_5.201(1).exe
Deleted : C:\Users\Helena\Downloads\adwcleaner_5.201.exe
Deleted : C:\Users\Helena\Downloads\ComboFix.exe
Deleted : C:\Users\Helena\Downloads\FRST.txt
Deleted : C:\Users\Helena\Downloads\FRST64.exe
Deleted : C:\Users\Helena\Downloads\JRT.exe
Deleted : C:\Users\Helena\Downloads\tdsskiller.exe
Deleted : C:\Users\Helena\Downloads\TFC.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Cleaning system restore ...

Deleted : RP #314 [Scheduled Checkpoint | 05/26/2016 01:59:41]
Deleted : RP #315 [Scheduled Checkpoint | 06/02/2016 18:29:26]
Deleted : RP #316 [Scheduled Checkpoint | 06/09/2016 18:31:06]
Deleted : RP #317 [Scheduled Checkpoint | 06/17/2016 20:15:00]
Deleted : RP #318 [Scheduled Checkpoint | 06/25/2016 17:38:57]
Deleted : RP #319 [Scheduled Checkpoint | 07/03/2016 06:00:01]
Deleted : RP #320 [Scheduled Checkpoint | 07/10/2016 23:02:02]
Deleted : RP #321 [JRT Pre-Junkware Removal | 07/13/2016 16:03:11]
Deleted : RP #322 [Checkpoint by HitmanPro | 07/13/2016 16:14:23]
Deleted : RP #323 [Checkpoint by HitmanPro | 07/13/2016 16:15:17]
Deleted : RP #324 [Scheduled Checkpoint | 07/22/2016 02:07:44]
Deleted : RP #325 [Scheduled Checkpoint | 07/29/2016 02:15:10]
Deleted : RP #326 [Scheduled Checkpoint | 08/05/2016 17:43:04]
Deleted : RP #328 [Restore Point Created by FRST | 08/07/2016 04:46:53]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 


  • 0

Advertisements

#26
zep516
Posted 08 August 2016 - 03:54 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP