Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Trojan.Tasker.TP Infection
Message
<blockquote data-quote="joelCAMEL" data-source="post: 1115394" data-attributes="member: 119458"><p>Malwarebytes</p><p><a href="http://www.malwarebytes.com" target="_blank">www.malwarebytes.com</a></p><p></p><p>-Log Details-</p><p>Scan Date: 1/18/2025</p><p>Scan Time: 12:48 PM</p><p>Log File: 8b60d9d6-d5dd-11ef-bc5b-309c2323e2a4.json</p><p></p><p>-Software Information-</p><p>Version: 5.2.4.157</p><p>Components Version: 1.0.5116</p><p>Update Package Version: 1.0.94646</p><p>License: Free</p><p></p><p>-System Information-</p><p>OS: Windows 10 (Build 18363.1556)</p><p>CPU: x64</p><p>File System: NTFS</p><p>User: DESKTOP-J2J3S28\User</p><p></p><p>-Scan Summary-</p><p>Scan Type: Threat Scan</p><p>Scan Initiated By: Manual</p><p>Result: Cancelled</p><p>Objects Scanned: 172868</p><p>Threats Detected: 4</p><p>Threats Quarantined: 4</p><p>Time Elapsed: 43 min, 33 sec</p><p></p><p>-Scan Options-</p><p>Memory: Enabled</p><p>Startup: Enabled</p><p>File system: Enabled</p><p>Archives: Enabled</p><p>Rootkits: Enabled</p><p>Heuristics: Enabled</p><p>PUP: Detect</p><p>PUM: Detect</p><p></p><p>-Scan Details-</p><p>Process: 0</p><p>(No malicious items detected)</p><p></p><p>Module: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Key: 3</p><p>Trojan.Tasker.TP, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Google_Maintenance_Worker, Quarantined, 7324, 1273521, 1.0.94646, , ame, , ,</p><p>Trojan.Tasker.TP, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AD4734E6-0005-4514-8777-BBADB8FE8B07}, Quarantined, 7324, 1273521, 1.0.94646, , ame, , ,</p><p>Trojan.Tasker.TP, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{AD4734E6-0005-4514-8777-BBADB8FE8B07}, Quarantined, 7324, 1273521, 1.0.94646, , ame, , ,</p><p></p><p>Registry Value: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data: 0</p><p>(No malicious items detected)</p><p></p><p>Data Stream: 0</p><p>(No malicious items detected)</p><p></p><p>Folder: 0</p><p>(No malicious items detected)</p><p></p><p>File: 1</p><p>Trojan.Tasker.TP, C:\WINDOWS\SYSTEM32\TASKS\Google_Maintenance_Worker, Quarantined, 7324, 1273521, 1.0.94646, , ame, , D3DD0469388B6D933156BC51CE449AE8, 1B694E8D8209D4070CED4B814D6F4E2909A33C68725ACBEAA1D61C4B80324502</p><p></p><p>Physical Sector: 0</p><p>(No malicious items detected)</p><p></p><p>WMI: 0</p><p>(No malicious items detected)</p><p></p><p></p><p>(end)</p><p></p><p></p><p></p><p># -------------------------------</p><p># Malwarebytes AdwCleaner 8.4.2.0</p><p># -------------------------------</p><p># Build: 03-04-2024</p><p># Database: 2024-10-23.4 (Cloud)</p><p># Support: <a href="https://www.malwarebytes.com/support" target="_blank">https://www.malwarebytes.com/support</a></p><p>#</p><p># -------------------------------</p><p># Mode: Clean</p><p># -------------------------------</p><p># Start: 01-18-2025</p><p># Duration: 00:00:01</p><p># OS: Windows 10 (Build 18363.1556)</p><p># Cleaned: 30</p><p># Failed: 0</p><p></p><p></p><p>***** [ Services ] *****</p><p></p><p>No malicious services cleaned.</p><p></p><p>***** [ Folders ] *****</p><p></p><p>Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion</p><p>Deleted C:\ProgramData\Lavasoft\Web Companion</p><p>Deleted C:\ProgramData\SecuritySuite</p><p>Deleted C:\Users\User\AppData\Roaming\Tencent</p><p>Deleted C:\Users\User\Documents\TotalAV</p><p>Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare</p><p>Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV</p><p></p><p>***** [ Files ] *****</p><p></p><p>Deleted C:\END</p><p>Deleted C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lbhfh77v.default-release\invalidprefs.js</p><p></p><p>***** [ DLL ] *****</p><p></p><p>No malicious DLLs cleaned.</p><p></p><p>***** [ WMI ] *****</p><p></p><p>No malicious WMI cleaned.</p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p>No malicious shortcuts cleaned.</p><p></p><p>***** [ Tasks ] *****</p><p></p><p>No malicious tasks cleaned.</p><p></p><p>***** [ Registry ] *****</p><p></p><p>Deleted HKCU\Software\Lavasoft\Web Companion</p><p>Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com</p><p>Deleted HKCU\Software\SSProtect</p><p>Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare</p><p>Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare</p><p>Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare</p><p>Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare</p><p>Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare</p><p>Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant</p><p>Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant</p><p>Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant</p><p>Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}</p><p>Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}</p><p>Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}</p><p>Deleted HKLM\Software\Classes\totalav</p><p>Deleted HKLM\Software\Wow6432Node\IOBIT\ASC</p><p>Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare</p><p>Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector</p><p>Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}</p><p>Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}</p><p>Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService</p><p></p><p>***** [ Chromium (and derivatives) ] *****</p><p></p><p>No malicious Chromium entries cleaned.</p><p></p><p>***** [ Chromium URLs ] *****</p><p></p><p>No malicious Chromium URLs cleaned.</p><p></p><p>***** [ Firefox (and derivatives) ] *****</p><p></p><p>No malicious Firefox entries cleaned.</p><p></p><p>***** [ Firefox URLs ] *****</p><p></p><p>No malicious Firefox URLs cleaned.</p><p></p><p>***** [ Hosts File Entries ] *****</p><p></p><p>No malicious hosts file entries cleaned.</p><p></p><p>***** [ Preinstalled Software ] *****</p><p></p><p>No Preinstalled Software cleaned.</p><p></p><p></p><p>*************************</p><p></p><p>[+] Delete Tracing Keys</p><p>[+] Reset Winsock</p><p></p><p>*************************</p><p></p><p>AdwCleaner[S00].txt - [1542 octets] - [22/11/2021 00:30:52]</p><p>AdwCleaner[C00].txt - [1674 octets] - [22/11/2021 00:31:04]</p><p>AdwCleaner[S01].txt - [1528 octets] - [22/11/2021 00:32:09]</p><p>AdwCleaner[C01].txt - [1718 octets] - [22/11/2021 00:32:24]</p><p>AdwCleaner[S02].txt - [1650 octets] - [22/11/2021 00:36:31]</p><p>AdwCleaner[S03].txt - [1711 octets] - [22/11/2021 18:58:34]</p><p>AdwCleaner[C03].txt - [1901 octets] - [22/11/2021 18:58:47]</p><p>AdwCleaner[S04].txt - [4631 octets] - [18/01/2025 13:47:20]</p><p></p><p>########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########</p></blockquote><p></p>
[QUOTE="joelCAMEL, post: 1115394, member: 119458"] Malwarebytes [URL="http://www.malwarebytes.com"]www.malwarebytes.com[/URL] -Log Details- Scan Date: 1/18/2025 Scan Time: 12:48 PM Log File: 8b60d9d6-d5dd-11ef-bc5b-309c2323e2a4.json -Software Information- Version: 5.2.4.157 Components Version: 1.0.5116 Update Package Version: 1.0.94646 License: Free -System Information- OS: Windows 10 (Build 18363.1556) CPU: x64 File System: NTFS User: DESKTOP-J2J3S28\User -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Cancelled Objects Scanned: 172868 Threats Detected: 4 Threats Quarantined: 4 Time Elapsed: 43 min, 33 sec -Scan Options- Memory: Enabled Startup: Enabled File system: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 Trojan.Tasker.TP, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Google_Maintenance_Worker, Quarantined, 7324, 1273521, 1.0.94646, , ame, , , Trojan.Tasker.TP, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AD4734E6-0005-4514-8777-BBADB8FE8B07}, Quarantined, 7324, 1273521, 1.0.94646, , ame, , , Trojan.Tasker.TP, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{AD4734E6-0005-4514-8777-BBADB8FE8B07}, Quarantined, 7324, 1273521, 1.0.94646, , ame, , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Trojan.Tasker.TP, C:\WINDOWS\SYSTEM32\TASKS\Google_Maintenance_Worker, Quarantined, 7324, 1273521, 1.0.94646, , ame, , D3DD0469388B6D933156BC51CE449AE8, 1B694E8D8209D4070CED4B814D6F4E2909A33C68725ACBEAA1D61C4B80324502 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) # ------------------------------- # Malwarebytes AdwCleaner 8.4.2.0 # ------------------------------- # Build: 03-04-2024 # Database: 2024-10-23.4 (Cloud) # Support: [URL]https://www.malwarebytes.com/support[/URL] # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-18-2025 # Duration: 00:00:01 # OS: Windows 10 (Build 18363.1556) # Cleaned: 30 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion Deleted C:\ProgramData\Lavasoft\Web Companion Deleted C:\ProgramData\SecuritySuite Deleted C:\Users\User\AppData\Roaming\Tencent Deleted C:\Users\User\Documents\TotalAV Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV ***** [ Files ] ***** Deleted C:\END Deleted C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lbhfh77v.default-release\invalidprefs.js ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\SSProtect Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} Deleted HKLM\Software\Classes\totalav Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1542 octets] - [22/11/2021 00:30:52] AdwCleaner[C00].txt - [1674 octets] - [22/11/2021 00:31:04] AdwCleaner[S01].txt - [1528 octets] - [22/11/2021 00:32:09] AdwCleaner[C01].txt - [1718 octets] - [22/11/2021 00:32:24] AdwCleaner[S02].txt - [1650 octets] - [22/11/2021 00:36:31] AdwCleaner[S03].txt - [1711 octets] - [22/11/2021 18:58:34] AdwCleaner[C03].txt - [1901 octets] - [22/11/2021 18:58:47] AdwCleaner[S04].txt - [4631 octets] - [18/01/2025 13:47:20] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ########## [/QUOTE]
Insert quotes…
Verification
Post reply
Top
