Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Brand new computer-- malware? Trackid=sp-006

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby ElPajamaPants » November 22nd, 2014, 1:26 pm

SHA256: cf32379c7d6580061bc035924111757666dfec83919c39f07002e6859f8135a9
File name: hstart.exe
Detection ratio: 1 / 54
Analysis date: 2014-11-22 17:24:54 UTC ( 0 minutes ago )

 Probably harmless! There are strong indicators suggesting that this file is safe to use.


ESET-NOD32 a variant of Win32/HiddenStart.A 20141122
AVG  20141122
AVware  20141121
Ad-Aware  20141122
AegisLab  20141122
Agnitum  20141121
AhnLab-V3  20141122
Antiy-AVL  20141122
Avast  20141122
Avira  20141122
Baidu-International  20141122
BitDefender  20141122
Bkav  20141120
ByteHero  20141122
CAT-QuickHeal  20141122
ClamAV  20141122
Comodo  20141122
Cyren  20141122
DrWeb  20141122
Emsisoft  20141122
F-Prot  20141122
F-Secure  20141122
Fortinet  20141122
GData  20141122
Ikarus  20141122
Jiangmin  20141121
K7AntiVirus  20141121
K7GW  20141121
Kaspersky  20141122
Kingsoft  20141122
Malwarebytes  20141122
McAfee  20141122
McAfee-GW-Edition  20141122
MicroWorld-eScan  20141122
Microsoft  20141122
NANO-Antivirus  20141122
Norman  20141122
Panda  20141122
Qihoo-360  20141122
Rising  20141122
SUPERAntiSpyware  20141122
Sophos  20141122
Symantec  20141122
Tencent  20141122
TheHacker  20141121
TotalDefense  20141122
TrendMicro  20141122
TrendMicro-HouseCall  20141122
VBA32  20141121
VIPRE  20141122
ViRobot  20141122
Zillya  20141122
Zoner  20141120
nProtect  20141121
ElPajamaPants
Active Member
 
Posts: 14
Joined: November 12th, 2014, 9:51 pm
Advertisement
Register to Remove

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby ElPajamaPants » November 22nd, 2014, 1:29 pm

SHA256: 4229d8b4e6dba683308283512bd7d6dc4847ab66b8772c37c27c077f73dbc175
File name: 00000000
Detection ratio: 8 / 54
Analysis date: 2014-11-22 17:28:09 UTC ( 1 minute ago )

AhnLab-V3 Trojan/Win32.Agent 20141122
Avira APPL/4Shared.43944 20141122
Comodo Application.Win32.4Shared.FG 20141122
ESET-NOD32 a variant of Win32/4Shared.Z 20141122
K7AntiVirus Unwanted-Program ( 004b0a9b1 ) 20141121
K7GW Unwanted-Program ( 004b0a9b1 ) 20141121
McAfee-GW-Edition BehavesLike.Win32.Downloader.pm 20141122
VBA32 suspected of Trojan.Downloader.gen.h 20141121
AVG  20141122
AVware  20141121
Ad-Aware  20141122
AegisLab  20141122
Agnitum  20141121
Antiy-AVL  20141122
Avast  20141122
Baidu-International  20141122
BitDefender  20141122
Bkav  20141120
ByteHero  20141122
CAT-QuickHeal  20141122
ClamAV  20141122
Cyren  20141122
DrWeb  20141122
Emsisoft  20141122
F-Prot  20141122
F-Secure  20141122
Fortinet  20141122
GData  20141122
Ikarus  20141122
Jiangmin  20141121
Kaspersky  20141122
Kingsoft  20141122
Malwarebytes  20141122
McAfee  20141122
MicroWorld-eScan  20141122
Microsoft  20141122
NANO-Antivirus  20141122
Norman  20141122
Panda  20141122
Qihoo-360  20141122
Rising  20141122
SUPERAntiSpyware  20141122
Sophos  20141122
Symantec  20141122
Tencent  20141122
TheHacker  20141121
TotalDefense  20141122
TrendMicro  20141122
TrendMicro-HouseCall  20141122
VIPRE  20141122
ViRobot  20141122
Zillya  20141122
Zoner  20141120
nProtect 
ElPajamaPants
Active Member
 
Posts: 14
Joined: November 12th, 2014, 9:51 pm

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby ElPajamaPants » November 22nd, 2014, 1:37 pm

SHA256: 8a8da2d247e5d2772a809fdcae8e21b372429e066a030af4b3746853e625b47a
File name: Avalanche GUI v2.0.8.exe
Detection ratio: 15 / 51
Analysis date: 2014-11-22 17:31:41 UTC ( 4 minutes ago )

AVware Trojan.Win32.Generic!BT 20141121
Agnitum Riskware.HackTool!TwSggdTx6Vk 20141121
Avira TR/Offend.2.2262 20141122
Baidu-International Trojan.Win32.Agent.AGt 20141122
CAT-QuickHeal (Suspicious) - DNAScan 20141122
Comodo ApplicUnsaf.Win32.HackTool.Agent.~BABT 20141122
ESET-NOD32 a variant of Win32/HackTool.Patcher.A 20141122
Kingsoft Win32.Troj.Generic.(kcloud) 20141122
McAfee Artemis!2B9774C208C8 20141122
McAfee-GW-Edition Generic PUP.z!gz 20141122
NANO-Antivirus Trojan.Win32.Offend.qzbzy 20141122
Norman Suspicious_Gen2.QVQGN 20141122
Qihoo-360 Win32/Trojan.0da 20141122
Symantec Trojan.ADH 20141122
VIPRE Trojan.Win32.Generic!BT 20141122
AVG  20141122
Ad-Aware  20141122
AegisLab  20141122
AhnLab-V3  20141122
Antiy-AVL  20141122
Avast  20141122
BitDefender  20141122
Bkav  20141120
ByteHero  20141122
CMC  20141121
ClamAV  20141122
Cyren  20141122
DrWeb  20141122
Emsisoft  20141122
F-Prot  20141122
F-Secure  20141122
Fortinet  20141122
GData  20141122
Ikarus  20141122
Jiangmin  20141121
K7AntiVirus  20141121
K7GW  20141121
Kaspersky  20141122
Malwarebytes  20141122
MicroWorld-eScan  20141122
Microsoft  20141122
Panda  20141122
Rising  20141122
SUPERAntiSpyware  20141122
Sophos  20141122
Tencent  20141122
TheHacker  20141121
TotalDefense  20141122
TrendMicro  20141122
TrendMicro-HouseCall  20141122
VBA32  20141121
ViRobot  20141122
Zillya  20141122
Zoner  20141120
nProtect  20141121
ElPajamaPants
Active Member
 
Posts: 14
Joined: November 12th, 2014, 9:51 pm

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby ElPajamaPants » November 22nd, 2014, 1:42 pm

SHA256: 3c25812c75bcef1340e3d4d5e6146fe7026bcdfcca90a23a89084b7464c1899c
File name: AvastSetup.exe
Detection ratio: 9 / 53
Analysis date: 2014-11-22 17:38:34 UTC ( 1 minute ago )

AVG Generic.E47 20141122
AVware AirInstaller (fs) 20141121
ESET-NOD32 a variant of Win32/DownloadAssistant.A 20141122
GData Win32.Application.DownloadAssistant.A 20141122
Ikarus PUA.DownloadAssistant 20141122
K7GW Unwanted-Program ( 004b04aa1 ) 20141121
Malwarebytes PUP.Optional.DownloadAssistant 20141122
Sophos AirInstaller 20141122
VIPRE AirInstaller (fs) 20141122
Ad-Aware  20141122
AegisLab  20141122
Agnitum  20141121
AhnLab-V3  20141122
Antiy-AVL  20141122
Avast  20141122
Avira  20141122
Baidu-International  20141122
BitDefender  20141122
Bkav  20141120
ByteHero  20141122
CAT-QuickHeal  20141122
ClamAV  20141122
Comodo  20141122
Cyren  20141122
DrWeb  20141122
Emsisoft  20141122
F-Prot  20141122
F-Secure  20141122
Fortinet  20141122
Jiangmin  20141121
K7AntiVirus  20141121
Kaspersky  20141122
Kingsoft  20141122
McAfee  20141122
McAfee-GW-Edition  20141122
MicroWorld-eScan  20141122
Microsoft  20141122
NANO-Antivirus  20141122
Norman  20141122
Panda  20141122
Qihoo-360  20141122
Rising  20141122
SUPERAntiSpyware  20141122
Symantec  20141122
Tencent  20141122
TheHacker  20141121
TotalDefense  20141122
TrendMicro  20141122
VBA32  20141121
ViRobot  20141122
Zillya  20141122
Zoner  20141120
nProtect  20141121
ElPajamaPants
Active Member
 
Posts: 14
Joined: November 12th, 2014, 9:51 pm

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby ElPajamaPants » November 22nd, 2014, 1:46 pm

I'm not so worried about the FF7 executables, because they're widely used by the modding community and known to create false positives since by nature they're modifying program files. But the 00000 one in the Chrome folder worries me since it's marked GoSave. That's the malware I believe I was originally was infected with, and I tried my best to clean the infection on my own before I came to this forum.

Also, there are files in my NBA2k15 Steam folder identified as GoSave under the File Type heading. Maybe these files were corrupted by the original infection? I'm not sure, and not knowledgeable enough about GoSave to understand if the files are dangerous, or if it's a legit file type.
ElPajamaPants
Active Member
 
Posts: 14
Joined: November 12th, 2014, 9:51 pm

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby Gary R » November 25th, 2014, 11:40 am

Sorry to be so late getting back to you, I didn't get a notification e-mail to tell me that you'd replied.

OK, let's take care of the following files, I think there's enough indications to warrant their removal.

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad (don't include Code: Select all).
Code: Select all
C:\Users\Elusi_000\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000
C:\Users\Elusi_000\Downloads\Final Fantasy VII Mod Files\Bootleg\Avalanche GUI v2.0.8.exe
C:\Users\Elusi_000\Downloads\Program Installer\AvastSetup.exe
EmptyTemp:
FindFolder: *NBA2k15*

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

Let me know how your computer is behaving now please.




.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Brand new computer-- malware? Trackid=sp-006

Unread postby Gary R » November 29th, 2014, 1:18 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 325 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware