Malware detected but unable to remove.

<<

TamalB

Posts: 1

Joined: Thu Feb 05, 2015 1:11 am

Post Thu Feb 05, 2015 1:41 am

Malware detected but unable to remove.

There is a registry entry "ASProtect" in my computer and my Quick Heal antivirus says that there is malwares inside. Quick Heal remove it, it removed but every time I reboot my system it comes again. I don't install " ASProtect", I don't even know what is it. I try to remove this manually from registry and in safe mode but it comes again when I reboot my computer. Quick Heal can't quarantined the malwares.

Malware Name: SoftActivity

Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: C1F38
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------

Malware Name: DataApples

Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: SpyMyPC
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect (Cleaned)
------------------------------------------------------------------------------------
Malware Name: 1354F
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: OsMonitor Server 1.0
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: POL
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: Personal PC Spy
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: ElcomSoft Proactive Password Auditor
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: ToolsAnywhere Keylogger Lite 2.0
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData, (Cleaned)
------------------------------------------------------------------------------------
Malware Name: AntiSpyware Protector
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)
------------------------------------------------------------------------------------
Malware Name: SpyMyPC PRO
Registry entries:
HKEY_CURRENT_USER\SOFTWARE\ASProtect\SpecData (Cleaned)


When i reboot they all get back. I try boottime scan but nothing happened.
Please help.
<<

Sumit N

Posts: 100

Joined: Tue Sep 23, 2014 11:22 am

Post Thu Feb 05, 2015 3:14 pm

Re: Malware detected but unable to remove.

Hi ,

It seems issue need deep troubleshooting.
Kindly contact Quick Heal technical support on below number,

Support Number : +91-927-22-33-000

Thanks and regards .
Sumit N
<<

newwaysys

Posts: 25

Joined: Wed Apr 15, 2015 4:47 pm

Post Wed Jun 10, 2015 12:13 pm

Re: Malware detected but unable to remove.

you can follow the below steps:

Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.vehicle registration details by vehicle number
If you are using Windows XP, Vista or 7 press and hold the F8 key as your computer restarts.Please keep in mind that you need to press the F8 key before the Windows start-up logo appears.
Note: With some computers, if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the “F8 key”, tap the “F8 key” continuously until you get the Advanced Boot Options screen.If you are using Windows 8, press the Windows key + C, and then click Settings. Click Power, hold down Shift on your keyboard and click Restart, then click on Troubleshoot and select Advanced options.
In the Advanced Options screen, select Startup Settings, then click on Restart.
If you are using Windows XP, Vista or 7 in the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking , and then press ENTER.
visit:http://mobilenumbertrackr.com
<<

abhi618

Posts: 2

Joined: Sat Sep 28, 2013 11:42 am

Post Sat Oct 01, 2016 12:05 pm

Re: Malware detected but unable to remove.

Hi

In my system after performed Full Scan then this is status and malware is skipped please tell me how to do this

File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 25.zip/C\Users\swami\Downloads\Programs\FinalTorrentSetup.exe Detected: "Generic.Downloader.A8" File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 25.zip File is skipped

C:\hiberfil.sys File does not exist C:\pagefile.sys File does not exist C:\Program Files\Quick Heal\Quick Heal Total Security\REPORT\MTR7353445400000684.MTR Access is denied C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Access is denied C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Access is denied C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Access is denied C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Access is denied C:\ProgramData\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.67 Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.7E Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.80 Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.87 Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.A0 Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.CB Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.CC Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.VE0 Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.VE1 Access is denied C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.VF Access is denied C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSS.log Access is denied C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSStmp.log Access is denied C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\tmp.edb Access is denied C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb Access is denied C:\Users\All Users\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.67 Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.7E Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.80 Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.87 Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.A0 Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.CB Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.CC Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.VE0 Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.VE1 Access is denied C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-D163D7DCC1B31989721BF66A49F9DE07EE479A07.bin.VF Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\UsrClass.dat Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\WebCache\V01.log Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp Access is denied C:\Users\swami\AppData\Local\Microsoft\Windows\WebCacheLock.dat Access is denied C:\Users\swami\Downloads\Programs\Setup_FLVConverter.exe Detected: "PUA.Greentreea.Gen" File is skipped C:\Users\swami\ntuser.dat Access is denied C:\Users\swami\ntuser.dat.LOG1 Access is denied C:\Users\swami\ntuser.dat.LOG2 Access is denied C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Access is denied C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Access is denied C:\Windows\ServiceProfiles\LocalService\ntuser.dat Access is denied C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 Access is denied C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 Access is denied C:\Windows\ServiceProfiles\NetworkService\ntuser.dat Access is denied C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 Access is denied C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 Access is denied C:\Windows\System32\catroot2\edb.log Access is denied C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Access is denied C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Access is denied C:\Windows\System32\config\default Access is denied C:\Windows\System32\config\DEFAULT.LOG1 Access is denied C:\Windows\System32\config\DEFAULT.LOG2 Access is denied C:\Windows\System32\config\RegBack\DEFAULT Access is denied C:\Windows\System32\config\RegBack\SAM Access is denied C:\Windows\System32\config\RegBack\SECURITY Access is denied C:\Windows\System32\config\RegBack\SOFTWARE Access is denied C:\Windows\System32\config\RegBack\SYSTEM Access is denied C:\Windows\System32\config\sam Access is denied C:\Windows\System32\config\SAM.LOG1 Access is denied C:\Windows\System32\config\SAM.LOG2 Access is denied C:\Windows\System32\config\security Access is denied C:\Windows\System32\config\SECURITY.LOG1 Access is denied C:\Windows\System32\config\SECURITY.LOG2 Access is denied C:\Windows\System32\config\software Access is denied C:\Windows\System32\config\SOFTWARE.LOG1 Access is denied C:\Windows\System32\config\SOFTWARE.LOG2 Access is denied C:\Windows\System32\config\system Access is denied C:\Windows\System32\config\SYSTEM.LOG1 Access is denied C:\Windows\System32\config\SYSTEM.LOG2 Access is denied C:\Windows\SysWOW64\log.txt Access is denied No files found on the drive E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 12.zip/C\Program Files (x86)\GreenTree Applications\FLV.com FLV Converter\flvcomconverter.exe Detected: "PUA.Greentreea.Gen" File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 12.zip/C\Program Files (x86)\GreenTree Applications\FLV.com FLV Converter\Uninstall.exe/noname.tmp Detected: "PUA.Greentreea.Gen" File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 12.zip File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 24.zip/C\Users\swami\Downloads\2014031621384783ef14_IPLCricketFever_49.0.apk/classes.dex Detected: "Android.Viser.A (AdWare)" File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 24.zip/C\Users\swami\Downloads\AdobeFlashPlayerActiveXSetup-15080263-tfsb.exe Detected: "Generic.Downloader.A8" File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 24.zip/C\Users\swami\Downloads\flvplayersetup.exe/noname.tmp Detected: "PUA.Conduitltd.Gen" File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 24.zip File is skipped E:\SWAMI-VAIO\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 25.zip/C\Users\swami\Downloads\YTDSetup.exe Detected: "PUA.Greentreea.Gen"

Return to Infection Detection and Prevention

Who is online

Users browsing this forum: No registered users and 1 guest

cron
© 2016 Quick Heal Technologies Ltd. All rights reserved. Privacy Policy