GeekPolice Tech TutorialsLog in

 


infected laptop

Share

descriptionSolvedRe: infected laptop

more_horiz
ESET Online Scanner
Note : If you use Internet Explorer to get the ESET Online Scanner, you won't have to download, nor install the tool, as everything will be ran in a contextual (pop-up) window of Internet Explorer. However, for every other browsers, you will have to download and install ESET Online Scanner. In this set of instruction, I'll use Google Chrome to download it and run it (since a lot of people will do it), however, except for the download and installation procedure, the same instructions applies if you use Internet Explorer. Please note that two or three prompts will appear if you use Internet Explorer asking you to reload the page, authorize the application, execute it, etc. Accept all of them in order to run ESET Online Scanner.

    Download and execute ESET OnlineScan (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
    Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :

        Enable detection of potentially unwanted applications;
        Scan archives;
        Scan for potentially unsafe applications;
        Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;

  

    After you're done checking these options, click on Start and ESET Online Scanner will download it's virus signature database before starting the scan;
   

    Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
   

    After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
   


    Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
   


    Once you're done, click on the Back button;
    Check both checkboxes at the bottom: Uninstall application on close and Delete quarantined files before clicking on the Finish button;

descriptionSolvedRe: infected laptop

more_horiz
C:\Program Files (x86)\Insley\arto.exe a variant of MSIL/TrojanClicker.Agent.NTD trojan
C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\wtoolex\wpsupdate.exe a variant of Win32/KingSoft.D potentially unwanted application
C:\Program Files (x86)\mois\arto.dll a variant of MSIL/TrojanClicker.Agent.NTD trojan
C:\Program Files (x86)\mois\arto.exe a variant of MSIL/TrojanClicker.Agent.NTD trojan
C:\Program Files (x86)\mois\mois.exe a variant of MSIL/TrojanClicker.Agent.NTD trojan
C:\Users\Darshana\AppData\Local\arto.exe a variant of MSIL/TrojanClicker.Agent.NTD trojan
C:\Users\Darshana\AppData\Local\Temp\is-N4OPB.tmp\gztit.dll a variant of Win32/Adware.Adposhel.AU application
C:\Users\Darshana\AppData\Local\Temp\nspEE2C.tmp\NMoona.exe a variant of MSIL/Adware.Dotdo.CM application
C:\Users\Darshana\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\fpdata_1.0.0.0\download.7z a variant of Win32/KingSoft.D potentially unwanted application
C:\Users\Darshana\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\fpdata_1.0.0.0\wpsupdate.exe a variant of Win32/KingSoft.D potentially unwanted application
Autostart locations multiple threats,a variant of Win32/KingSoft.D potentially unwanted application,a variant of MSIL/TrojanClicker.Agent.NTD trojan

descriptionSolvedRe: infected laptop

more_horiz
I still keep getting notification about Skeeyah.G in win defender i have attached the screenshot and i hope the location is in quarantined files.

descriptionSolvedRe: infected laptop

more_horiz

descriptionSolvedRe: infected laptop

more_horiz
i have attached the screenshot and i hope the location is in quarantined files.

Go into Windows Defender and clear the quarantine files and then we'll see if it shows again.

descriptionSolvedRe: infected laptop

more_horiz
i did that and right now i am running full scan instead of quick scan if i find anything than I'll post it. Please let me know if any more steps are needed unless after running eset laptop should be clean.

descriptionSolvedRe: infected laptop

more_horiz
If the scan comes up clean and there are no other problems we'll be done.

descriptionSolvedRe: infected laptop

more_horiz
Thank you for the help, really appreciate it.

descriptionSolvedRe: infected laptop

more_horiz
Darshmeet wrote:
Thank you for the help, really appreciate it.

Please let me know the results of the scan.

descriptionSolvedRe: infected laptop

more_horiz

descriptionSolvedRe: infected laptop

more_horiz
Image above is yesterday's full scan with win defender

descriptionSolvedRe: infected laptop

more_horiz
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***************************************


I suggest using WOT - Web of Trust . WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

descriptionSolvedRe: infected laptop

more_horiz
Thought I'd run the scan to see if anything is there and.....it was there... . Quarantined and deleted them

Malwarebytes
www.malwarebytes.com
.
-Log Details-
Scan Date: 4/5/18
Scan Time: 4:32 PM
Log File: d91af9ea-3918-11e8-aa24-b05ada9b9dda.json
Administrator: Yes

-Software Information-
Version: 3.4.4.2398
Components Version: 1.0.322
Update Package Version: 1.0.4630
License: Free

-System Information-
OS: Windows 10 (Build 16299.309)
CPU: x64
File System: NTFS
User: PANCHALFAMILY\Darshana

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335627
Threats Detected: 3
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 5 min, 20 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
Adware.DotDo.Generic.TskLnk, C:\PROGRAM FILES (X86)\INSLEY\ARTO.VEXE, No Action By User, [11717], [506907],1.0.4630
Adware.DotDo.Generic.TskLnk, C:\PROGRAM FILES (X86)\MOIS\ARTO.VEXE, No Action By User, [11717], [506907],1.0.4630
Adware.DotDo.Generic.TskLnk, C:\USERS\DARSHANA\APPDATA\LOCAL\ARTO.VEXE, No Action By User, [11717], [506907],1.0.4630

Physical Sector: 0
(No malicious items detected)


(end)

descriptionSolvedRe: infected laptop

more_horiz
That looks good. Is there anything else before I lock this thread?

descriptionSolvedRe: infected laptop

more_horiz
Did a check with eset again and it found 1 threat and deleted it so hope now laptop is all clean. Go ahead and lock the thread. Thank you again for the help

descriptionSolvedRe: infected laptop

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum