Handy142

May 31, 2021

excude from the scan no its not worth the effort

May 31, 2021

@Handy142

Not-a-Virus: What is it ? : https://www.kaspersky.com/blog/not-a-virus/18015/

sorry you have miss under stood i know the files are not bad for me as but i am not gonna share names with the internet

May 31, 2021

Today, 31/05/2021 11:53:44 Task completed Task completed DESKTOP-R85VD5V\handy Active user

had to edit this as it was showing file names I was not happy sharing with the internet - the files was of names I know are NOT a virus and NOT infected

Today, 31/05/2021 11:46:36

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\

Today, 31/05/2021 11:46:36 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected File C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected
Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected File C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\ Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\936\Attachments\ Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected DESKTOP-R85VD5V\handy Active user
Today, 31/05/2021 11:46:35

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected archive detected

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:46:35 C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\ Password-protected Password-protected archive detected File

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\

Password-protected DESKTOP-R85VD5V\handy Active user
Today, 31/05/2021 11:46:34

C:\Users\handy\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\   Password-protected

Today, 31/05/2021 11:45:56   C:\ProgramData\Malwarebytes\MBAMService\tmp\bf328db6c1fc11eb91e6d8bbc11446d7\bf328db6c1fc11eb91e6d8bbc11446d7.zip\       Password-protected   Password-protected archive detected           File

C:\ProgramData\Malwarebytes\MBAMService\tmp\bf328db6c1fc11eb91e6d8bbc11446d7\bf328db6c1fc11eb91e6d8bbc11446d7.zip// PROTECTORPACKAGE2027X64A[1].EXE Password-protected DESKTOP-R85VD5V\handy Active user
Today, 31/05/2021 11:45:56

C:\ProgramData\Malwarebytes\MBAMService\tmp\be82919ac1fc11ebadffd8bbc11446d7\be82919ac1fc11ebadffd8bbc11446d7.zip\ Password-protected Password-protected archive detected File

C:\ProgramData\Malwarebytes\MBAMService\tmp\be82919ac1fc11ebadffd8bbc11446d7\be82919ac1fc11ebadffd8bbc11446d7.zip// REIMAGEPACKAGE1956X64B[1].EXE Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:45:56 C:\ProgramData\Malwarebytes\MBAMService\tmp\bac8da50c1fc11eba338d8bbc11446d7\bac8da50c1fc11eba338d8bbc11446d7.zip\AU_.EXE Password-protected Password-protected archive detected File

C:\ProgramData\Malwarebytes\MBAMService\tmp\bac8da50c1fc11eba338d8bbc11446d7\bac8da50c1fc11eba338d8bbc11446d7.zip// AU_.EXE Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:45:56 C:\ProgramData\Malwarebytes\MBAMService\tmp\b7b56ca2c1fc11eb8c9ad8bbc11446d7\b7b56ca2c1fc11eb8c9ad8bbc11446d7.zip\BU_.EXE Password-protected Password-protected archive detected File

C:\ProgramData\Malwarebytes\MBAMService\tmp\b7b56ca2c1fc11eb8c9ad8bbc11446d7\b7b56ca2c1fc11eb8c9ad8bbc11446d7.zip// BU_.EXE Password-protected DESKTOP-R85VD5V\handy Active user

Today, 31/05/2021 11:45:56 C:\ProgramData\Malwarebytes\MBAMService\tmp\b66eb09cc1fc11eba571d8bbc11446d7\b66eb09cc1fc11eba571d8bbc11446d7.zip\$RH1HK60.EXE Password-protected

-

   Today, 31/05/2021 11:10:51   C:\Program Files (x86)\MSI\One Dragon Center\Smart Tool\7zip\7z.exe   Detected   Detected legitimate software that can be used by intruders to damage your computer or personal data   11240   Databases   File   C:\Program Files (x86)\MSI\One Dragon Center\Smart Tool\7zip   7z.exe   Detected   Vulnerability   Low   Exactly   DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 11:10:48       Task started   Task started                                       DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 10:25:47       Task completed   Task completed                                       DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 10:25:24   C:\Program Files (x86)\MSI\One Dragon Center\Smart Tool\7zip\7z.exe   Detected   Detected legitimate software that can be used by intruders to damage your computer or personal data   11240   Databases   File   C:\Program Files (x86)\MSI\One Dragon Center\Smart Tool\7zip   7z.exe   Detected   Vulnerability   Low   Exactly   DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 10:25:21       Task started   Task started                                       DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 10:24:56       Task completed   Task completed                                       DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 10:24:33   C:\Program Files (x86)\MSI\One Dragon Center\Smart Tool\7zip\7z.exe   Detected   Detected legitimate software that can be used by intruders to damage your computer or personal data   11240   Databases   File   C:\Program Files (x86)\MSI\One Dragon Center\Smart Tool\7zip   7z.exe   Detected   Vulnerability   Low   Exactly   DESKTOP-R85VD5V\handy   Active user
Today, 31/05/2021 10:24:30       Task started   Task started

i have removed 7 zip as i dint like the fact Kaspersky flagged it

May 31, 2021

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support />#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-31-2021
# Duration: 00:00:05
# OS: Windows 10 Pro
# Scanned: 31988
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [2110 octets] - [31/05/2021 18:44:44]
AdwCleaner[C00].txt - [2152 octets] - [31/05/2021 18:46:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

after doing the reinstall and additional scans ive not seen another Trovi redirect i think its stopped for now.

if it comes back all do another and ask the question again ?

May 31, 2021

thanks for the reply

did the reset & clean up before it came back

I've today gone in to safe mode emptied out the temp folder fully.

but i did the extra of running Kaspersky in safe mode as expected nothing.

I've uninstalled and reinstalled google chrome.

fingers crossed that's the end of it, i am surprised that the most temperamental virus scanner I've seen didn't stop this thing flat out sounds like there's a hole or two in the iron Curtain.

as Trovi can hijack downloaded programs and you may not know that its getting installed.

May 31, 2021

Found it, its moved in Internet security 21.3.10 to its own option.

Its already on yet i've had Trovi come back twice now.

May 30, 2021

My browser randomly uses TROVI i've looked, looked and looked more scanned till blue in face and this bloody thing will not go away i've tried malware bytes even that turns out nothing found,

yet randomly the bloody thing comes back.

i am using Google Chrome - ive looked at enabled extensions - Nothing

ive just cleard out %temp%

am i missing something ?

Trovi keeps coming back. Am I missing something?

Handy142

Posts

Joined

Last visited

Content Type

Forums

Posts posted by Handy142

Trovi keeps coming back. Am I missing something?

Trovi keeps coming back. Am I missing something?

Trovi keeps coming back. Am I missing something?

Trovi keeps coming back. Am I missing something?

Trovi keeps coming back. Am I missing something?

Trovi keeps coming back. Am I missing something?

Forum

Products

Support

Personal Account