Jump to content

IHSelfDeleteTASK and IHUninstallTrackingTASK virus?


Gabu
 Share

Recommended Posts

Hello Gabu and welcome to Malwarebytes,

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Protection Scroll to and make sure the following are selected:
    Scan for Rootkits
    Scan within Archives
     
  • Scroll further to Potential Threat Protection make sure the following are set as follows:
    Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
    Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
     
  • Click on the Scan make sure Threat Scan is selected,
  • A Threat Scan will begin.
  • When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
  • If asked to restart your computer to complete the removal, please do so
  • When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more to retrieve the log.


To get the log from Malwarebytes do the following:
 
  • Click on the Reports tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply



Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

https://www.microsoft.com/en-gb/download/malicious-software-removal-tool-details.aspx


Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your reply, also let me know if there are any remaining issues or concerns...

Thank you,

Kevin......

fixlist.txt

Link to post
Share on other sites

Fixlog is attached, and Malwarebytes is below. Will post the rest of what's needed as soon as I get them

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/21/17
Scan Time: 4:06 PM
Log File: fe43ba50-e6ab-11e7-80d8-b870f42ba503.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3539
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin-PC\Admin

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 302125
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 17 min, 17 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Fixlog.txt

Link to post
Share on other sites

# AdwCleaner 7.0.6.0 - Logfile created on Fri Dec 22 00:43:53 2017
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Deleted: C:\Program Files (x86)\AVG SafeGuard toolbar
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Deleted: C:\ProgramData\EmailNotifier
Deleted: C:\ProgramData\Application Data\EmailNotifier
Deleted: C:\Users\All Users\EmailNotifier
Deleted: C:\ProgramData\AVG Security Toolbar
Deleted: C:\ProgramData\Application Data\AVG Security Toolbar
Deleted: C:\Users\All Users\AVG Security Toolbar
Deleted: C:\Users\All Users\Documents\Downloaded Installers
Deleted: C:\Users\Public\Documents\Downloaded Installers
Deleted: C:\Users\Admin\AppData\Local\slimware utilities inc
Deleted: C:\Users\Admin\AppData\Local\SlimWare Utilities Inc
Deleted: C:\ProgramData\Avg_Update_1214av


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: 1214avUpdateInfo


***** [ Registry ] *****

Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{760D8978-A929-41AD-8CB2-5BCA2602BF5A}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B769D021-926E-49AC-B77F-84F614E6A097}
Deleted: [Key] - HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKU\S-1-5-21-3796045819-3892262662-470605462-1000\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKU\S-1-5-21-3796045819-3892262662-470605462-1000\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Key] - HKLM\SOFTWARE\Email Notifier
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc
Deleted: [Key] - HKU\S-1-5-21-3796045819-3892262662-470605462-1000\Software\SlimWare Utilities Inc
Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1214avUpdateInfo


***** [ Firefox (and derivatives) ] *****

SearchProvider deleted: amazon.com - Amazon Search Suggestions


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

 

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3603 B] - [2017/12/22 0:39:13]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Link to post
Share on other sites


---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.13, June 2014 (build 5.13.10300.0)
Started On Wed Jun 11 22:37:14 2014

Engine: 1.1.10600.0
Signatures: 1.175.1113.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 11 22:38:06 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.14, July 2014 (build 5.14.10402.0)
Started On Wed Jul 09 20:34:34 2014

Engine: 1.1.10701.0
Signatures: 1.177.949.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jul 09 20:36:27 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)
Started On Fri Aug 15 03:06:32 2014

Engine: 1.1.10802.0
Signatures: 1.179.1796.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Fri Aug 15 03:08:33 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0)
Started On Sat Sep 13 17:52:47 2014

Engine: 1.1.10904.0
Signatures: 1.183.882.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Sat Sep 13 17:56:52 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.17, October 2014 (build 5.17.10700.0)
Started On Wed Oct 15 21:51:20 2014

Engine: 1.1.11005.0
Signatures: 1.185.2035.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 15 21:55:20 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.18, November 2014 (build 5.18.10802.0)
Started On Thu Nov 13 20:29:57 2014

Engine: 1.1.11104.0
Signatures: 1.187.1116.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Nov 13 20:35:41 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.19, December 2014 (build 5.19.10902.0)
Started On Wed Dec 10 23:24:04 2014

Engine: 1.1.11202.0
Signatures: 1.189.872.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 10 23:26:47 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)
Started On Thu Jan 15 19:17:15 2015

Engine: 1.1.11302.0
Signatures: 1.191.1276.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Jan 15 19:25:23 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)
Started On Fri Feb 13 19:29:38 2015

Engine: 1.1.11302.0
Signatures: 1.191.3593.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 13 19:36:11 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
Started On Tue Mar 10 21:48:43 2015

Engine: 1.1.11400.0
Signatures: 1.193.1181.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Mar 10 21:53:33 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
Started On Thu Apr 16 09:44:48 2015

Engine: 1.1.11502.0
Signatures: 1.195.1215.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 09:50:23 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.24, May 2015 (build 5.24.11401.0)
Started On Tue May 12 23:06:26 2015

Engine: 1.1.11602.0
Signatures: 1.197.1100.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue May 12 23:13:01 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.25, June 2015 (build 5.25.11502.0)
Started On Tue Jun 09 23:01:55 2015

Engine: 1.1.11701.0
Signatures: 1.199.892.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jun 09 23:07:56 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.26, July 2015 (build 5.26.11604.0)
Started On Tue Jul 14 22:48:10 2015

Engine: 1.1.11804.0
Signatures: 1.201.883.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jul 14 22:55:03 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0)
Started On Wed Aug 12 00:04:56 2015

Engine: 1.1.11903.0
Signatures: 1.203.693.0

Results Summary:
----------------
No infection found.
Failed to submit clean hearbeat MAPS report: 0x83760002
Microsoft Windows Malicious Software Removal Tool Finished On Wed Aug 12 00:11:08 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.28, September 2015 (build 5.28.11802.0)
Started On Tue Sep 08 21:49:24 2015

Engine: 1.1.12002.0
Signatures: 1.205.646.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Sep 08 21:56:52 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)
Started On Tue Oct 13 22:22:16 2015

Engine: 1.1.12101.0
Signatures: 1.207.1429.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Oct 13 22:29:31 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)
Started On Wed Nov 11 00:28:55 2015

Engine: 1.1.12205.0
Signatures: 1.209.673.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Nov 11 00:34:03 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.31, December 2015 (build 5.31.12100.0)
Started On Wed Dec 09 00:25:37 2015

Engine: 1.1.12300.0
Signatures: 1.211.637.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 09 00:31:41 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.32, January 2016 (build 5.32.12202.0)
Started On Tue Jan 12 23:42:18 2016

Engine: 1.1.12400.0
Signatures: 1.213.1308.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jan 12 23:47:34 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.33, February 2016 (build 5.33.12300.0)
Started On Wed Feb 10 00:53:05 2016

Engine: 1.1.12400.0
Signatures: 1.213.4702.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 10 01:00:07 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.34, March 2016 (build 5.34.12400.0)
Started On Tue Mar  8 22:18:42 2016

Engine: 1.1.12400.0
Signatures: 1.213.7173.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Mar  8 22:26:39 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.35, April 2016 (build 5.35.12524.0)
Started On Wed Apr 13 09:58:54 2016

Engine: 1.1.12603.0
Signatures: 1.217.515.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 13 10:04:13 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.36, May 2016 (build 5.36.12600.0)
Started On Tue May 10 23:15:18 2016

Engine: 1.1.12706.0
Signatures: 1.219.58.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue May 10 23:28:41 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.37, June 2016 (build 5.37.12704.0)
Started On Wed Jun 15 10:51:18 2016

Engine: 1.1.12805.0
Signatures: 1.221.539.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 15 10:56:57 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.38, July 2016 (build 5.38.12803.0)
Started On Wed Jul 13 00:05:56 2016

Engine: 1.1.12902.0
Signatures: 1.223.2956.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jul 13 00:15:18 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.39, August 2016 (build 5.39.12900.0)
Started On Tue Aug 09 22:54:47 2016

Engine: 1.1.12902.0
Signatures: 1.225.2592.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Aug 09 23:01:36 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.40, September 2016 (build 5.40.13000.0)
Started On Tue Sep 13 21:28:19 2016

Engine: 1.1.13000.0
Signatures: 1.227.1155.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Sep 13 21:36:23 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.41, October 2016 (build 5.41.13100.0)
Started On Thu Oct 13 12:08:20 2016

Engine: 1.1.13000.0
Signatures: 1.227.2846.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Thu Oct 13 12:37:38 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.42, November 2016 (build 5.42.13202.0)
Started On Tue Dec 20 03:04:02 2016

Engine: 1.1.13202.0
Signatures: 1.231.682.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 20 03:11:13 2016


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.44, January 2017 (build 5.44.13400.0)
Started On Tue Jan 17 18:32:44 2017

Engine: 1.1.13303.0
Signatures: 1.233.3409.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jan 17 18:37:49 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.45, February 2017 (build 5.45.13501.0)
Started On Thu Feb 23 22:21:27 2017

Engine: 1.1.13407.0
Signatures: 1.235.1858.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 23 22:24:51 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.46, March 2017 (build 5.46.13601.0)
Started On Tue Mar 14 23:55:26 2017

Engine: 1.1.13504.0
Signatures: 1.237.571.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Mar 14 23:58:39 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.47, April 2017 (build 5.47.13703.0)
Started On Tue Apr 11 21:14:55 2017

Engine: 1.1.13601.0
Signatures: 1.239.313.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.48, May 2017 (build 5.48.13801.0)
Started On Tue May 09 21:34:05 2017

Engine: 1.1.13701.0
Signatures: 1.241.491.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue May 09 21:37:23 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.48, May 2017 (build 5.48.13803.0)
Started On Tue May 23 21:08:53 2017

Engine: 1.1.13704.0
Signatures: 1.243.729.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue May 23 21:12:49 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.49, June 2017 (build 5.49.13902.0)
Started On Wed Jun 14 22:14:52 2017

Engine: 1.1.13804.0
Signatures: 1.245.112.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 14 22:18:32 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.50, July 2017 (build 5.50.14000.0)
Started On Tue Jul 11 21:39:09 2017

Engine: 1.1.13903.0
Signatures: 1.247.28.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jul 11 21:42:45 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0)
Started On Tue Aug 08 22:55:48 2017

Engine: 1.1.14003.0
Signatures: 1.249.316.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Aug 08 22:59:58 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.52, September 2017 (build 5.52.14201.0)
Started On Tue Sep 12 22:18:37 2017

Engine: 1.1.14104.0
Signatures: 1.251.334.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Sep 12 22:33:09 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.53, October 2017 (build 5.53.14306.0)
Started On Tue Oct 10 23:59:03 2017

Engine: 1.1.14104.0
Signatures: 1.251.1312.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 11 00:03:40 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.54, November 2017 (build 5.54.14383.1)
Started On Tue Nov 14 22:53:56 2017

Engine: 1.1.14306.0
Signatures: 1.257.0.0
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 14 23:19:43 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.55, December 2017 (build 5.55.14421.1)
Started On Thu Dec 21 16:53:28 2017

Engine: 1.1.14405.2
Signatures: 1.257.1160.0
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Thu Dec 21 16:57:55 2017


Return code: 0 (0x0)

 

Link to post
Share on other sites

Nothing weird going on with my laptop at all from what I can tell. I recently installed AVG PC TuneUp and my laptop's been running noticeably smoother, if anything. Seeing IHSelfDeleteTASK and IHUninstallTracking listed in TuneUp's list of programs to put to sleep was the only reason I knew about their existence at all.

Only strange behavior I can think of is the UNCServer is occasionally visible as an open window, and even shows up in Task Manager. Doing a quick google search, that shouldn't be the case, though.

Link to post
Share on other sites

Yes, it's a Lenovo. Checking the post you linked, there still doesn't seem to be a solution, but it looks harmless enough..?

Is there anything else I should do for IHSelfDeleteTASK and IHUninstallTrackingTASK, or should those problems be solved by now?

Link to post
Share on other sites

I believe we`ve moved those problems from task manager so they should be gone now. Run FRST one more time, lets see what the logs show..

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

Thanks,

Kevin..

Link to post
Share on other sites

Those logs look good, no obvious malware or infection. Unless you have any remaining issues or concerns run the following to clean up:

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we may have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.