Unwanted antivirus

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
116,967
Please download SystemLook and save it to your Desktop.

  • Double-click SystemLook_x64.exe to run it.
  • Copy the content of the following code box into the main text field:
    Code:
    :regfind
    360 Total Security
    :folderfind
    *360 Total Security*
    :filefind
    *360 Total Security*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 

Brigham

John
Thread Starter
Joined
Aug 24, 2010
Messages
1,437
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QHActiveDefense]
"DisplayName"="360 Total Security"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QHActiveDefense]
"Description"="360 Total Security"
[HKEY_USERS\S-1-5-21-2691670774-4041252366-1336271814-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"0"="C:\Users\ryswi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\360 Total Security.lnk C:\Program Files (x86)\360\Total Security\QHSafeMain.exe"
[HKEY_USERS\S-1-5-21-2691670774-4041252366-1336271814-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\Users\ryswi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Patch Up.lnk C:\Program Files (x86)\360\Total Security\QHSafeMain.exe /leakfix"
[HKEY_USERS\S-1-5-21-2691670774-4041252366-1336271814-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\Users\ryswi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Sandbox.lnk C:\Program Files (x86)\360\Total Security\ipc\360boxmain.exe"
[HKEY_USERS\S-1-5-21-2691670774-4041252366-1336271814-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"3"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\360 Total Security.lnk C:\Program Files (x86)\360\Total Security\QHSafeMain.exe"
[HKEY_USERS\S-1-5-21-2691670774-4041252366-1336271814-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"4"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Patch Up.lnk C:\Program Files (x86)\360\Total Security\QHSafeMain.exe /leakfix"
[HKEY_USERS\S-1-5-21-2691670774-4041252366-1336271814-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"5"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Sandbox.lnk C:\Program Files (x86)\360\Total Security\ipc\360boxmain.exe"

========== folderfind ==========

Searching for "*360 Total Security*"
No folders found.

========== filefind ==========

Searching for "*360 Total Security*"
No files found.

-= EOF =-
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
116,967
System Look didn't change anything. There are some registry entries that need to be removed. I will prepare a registry fix to merge into the registry to delete those but first please run System Look again, the same way you did before except use the script in the code box below and post the results:
Code:
:folderfind
*360*
*360 Security Center*
 

Brigham

John
Thread Starter
Joined
Aug 24, 2010
Messages
1,437
SystemLook 04.09.10 by jpshortstuff
Log created at 22:06 on 29/06/2020 by ryswi
Administrator - Elevation successful

========== folderfind ==========

Searching for "*360*"
C:\$360Section d--hs-- [18:39 11/12/2018]
C:\360SANDBOX dr-hs-- [19:19 28/06/2020]
C:\$360Section\360Safe d--hs-- [18:39 11/12/2018]
C:\Program Files (x86)\360 d------ [09:26 26/03/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360AV d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360Central d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360EvtMgr d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360hipsPopWnd d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360InternationSafe d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360InternationTray d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360leakfix d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360liveupdate d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360sandbox d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360searchlite d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360skinview d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360UDisk d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\config\newui\themes\default\360wdui d------ [19:18 28/06/2020]
C:\Program Files (x86)\360\Total Security\Utils\360DrvMgr d------ [19:18 28/06/2020]
C:\ProgramData\360safe d------ [19:20 28/06/2020]
C:\ProgramData\360TotalSecurity d------ [09:16 29/06/2020]
C:\ProgramData\360safe\360Disabled d------ [19:23 28/06/2020]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
C:\Users\All Users\360safe d------ [19:20 28/06/2020]
C:\Users\All Users\360TotalSecurity d------ [09:16 29/06/2020]
C:\Users\All Users\360safe\360Disabled d------ [19:23 28/06/2020]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
C:\Users\ryswi\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\Q360AFF4 d--hs-- [07:48 27/03/2020]
C:\Users\ryswi\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\Favicons\TopSites\3236081240 d------ [16:12 23/02/2020]
C:\Users\ryswi\AppData\Local\Temp\360_install_20200628201745_816117062 d------ [19:17 28/06/2020]
C:\Users\ryswi\AppData\LocalLow\360WD d------ [19:20 28/06/2020]
C:\Users\ryswi\AppData\LocalLow\Gametop\Lucky Spider Solitaire\Unity\8aec2d25-24f8-41f6-a488-80ab2fb360d2 d------ [15:07 03/02/2020]
C:\Users\ryswi\AppData\LocalLow\Gametop\Lucky Spider Solitaire\Unity\8aec2d25-24f8-41f6-a488-80ab2fb360d2\Cloud\Analytics\1593360009287 d------ [16:00 28/06/2020]
C:\Users\ryswi\AppData\Roaming\360DrvMgr d------ [15:44 29/06/2020]
C:\Users\ryswi\AppData\Roaming\360Quarant d--hs-- [19:23 28/06/2020]
C:\Users\ryswi\AppData\Roaming\360safe d------ [19:20 28/06/2020]
C:\Users\ryswi\AppData\Roaming\360TotalSecurity d------ [09:18 29/06/2020]
C:\Users\ryswi\AppData\Roaming\360safe\360Disabled d------ [19:23 28/06/2020]
C:\Users\ryswi\AppData\Roaming\360safe\360ScanLog d------ [19:20 28/06/2020]
C:\Users\ryswi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-h..ls_server.resources_31bf3856ad364e35_10.0.18362.329_pl-pl_43a0d5eee56ea2f8 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-onecore-d..onmanager.resources_31bf3856ad364e35_10.0.18362.836_ru-ru_3f360043bdf9280a d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-c...appxmain.resources_31bf3856ad364e35_10.0.18362.752_nb-no_a360e358e9caff9d d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-c..fications.resources_31bf3856ad364e35_10.0.18362.815_zh-cn_07e0efd085360a53 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-d..adam-core.resources_31bf3856ad364e35_10.0.18362.719_it-it_64603609dbd79963 d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-devinst-adm.resources_31bf3856ad364e35_10.0.18362.387_ko-kr_78a06e03607272f0 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-lddmcore_31bf3856ad364e35_10.0.18362.836_none_01ac7360751d7faa d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-resourcemanager-server_31bf3856ad364e35_10.0.18362.267_none_75ae136039c726d7 d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-runtime-windows-media_31bf3856ad364e35_10.0.18362.836_none_9d4d46d3600e0849 d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-s..andwidthlimitfilter_31bf3856ad364e35_10.0.18362.329_none_5c2596113605714b d------ [06:59 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-s..ivebackup.resources_31bf3856ad364e35_10.0.18362.836_lv-lv_f91d360a57595982 d------ [06:59 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\amd64_microsoft-windows-setup360-media-base_31bf3856ad364e35_10.0.18362.719_none_8055a5b3061ad881 d------ [06:59 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_fdssdp_31bf3856ad364e35_10.0.18362.657_none_9b01d4513a3f3475 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_microsoft-windows-tracedatahelper_31bf3856ad364e35_10.0.18362.329_none_5ca91cc29815023d d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_microsoft-windows-crypt32-dll_31bf3856ad364e35_10.0.18362.592_none_bb63608da3f98dd8 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_microsoft-windows-eapttls.resources_31bf3856ad364e35_10.0.18362.836_da-dk_b6d3603d62f3afc6 d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_11.0.18362.836_none_eb9443607bea4455 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_microsoft-windows-tapiservice_31bf3856ad364e35_10.0.18362.657_none_4360ba95aaf36b93 d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\wow64_microsoft-windows-u..istration.resources_31bf3856ad364e35_10.0.18362.836_fi-fi_62e10333360e8b9f d------ [06:59 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\x86_microsoft-windows-win32calc.resources_31bf3856ad364e35_10.0.18362.387_sk-sk_b5322bd4e391360d d------ [07:00 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.836.1.6\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.18362.836_ro-ro_8b360527a6bbacb7 d------ [07:01 14/05/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-h..ls_server.resources_31bf3856ad364e35_10.0.18362.329_pl-pl_43a0d5eee56ea2f8 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-wifinetworkmanager_31bf3856ad364e35_10.0.18362.900_none_c2bd25f10d250404 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-c...appxmain.resources_31bf3856ad364e35_10.0.18362.752_nb-no_a360e358e9caff9d d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-c..fications.resources_31bf3856ad364e35_10.0.18362.815_zh-cn_07e0efd085360a53 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-d..adam-core.resources_31bf3856ad364e35_10.0.18362.719_it-it_64603609dbd79963 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-d..guard-wmi.resources_31bf3856ad364e35_10.0.18362.900_nb-no_a394360be2b20588 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-devinst-adm.resources_31bf3856ad364e35_10.0.18362.387_ko-kr_78a06e03607272f0 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-e..t-service.resources_31bf3856ad364e35_10.0.18362.900_pt-br_f6de8d24af745360 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-m..ents-mdac-ado15-dll_31bf3856ad364e35_10.0.18362.900_none_622f2d3602247c4e d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-m..on-client.resources_31bf3856ad364e35_10.0.18362.900_th-th_b20a136057707b15 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.18362.900_none_67360923819d459b d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-photoviewer_31bf3856ad364e35_10.0.18362.900_none_323cd5ec613604a8 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-resourcemanager-server_31bf3856ad364e35_10.0.18362.267_none_75ae136039c726d7 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-runtime-windows-media_31bf3856ad364e35_10.0.18362.836_none_9d4d46d3600e0849 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-s..andwidthlimitfilter_31bf3856ad364e35_10.0.18362.329_none_5c2596113605714b d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-setup360-media-base_31bf3856ad364e35_10.0.18362.719_none_8055a5b3061ad881 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\amd64_microsoft-windows-shell32.resources_31bf3856ad364e35_10.0.18362.900_lt-lt_25ad62360c38017f d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\wow64_fdssdp_31bf3856ad364e35_10.0.18362.657_none_9b01d4513a3f3475 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\wow64_microsoft-windows-crypt32-dll_31bf3856ad364e35_10.0.18362.592_none_bb63608da3f98dd8 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\wow64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_11.0.18362.836_none_eb9443607bea4455 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\wow64_microsoft-windows-p..worker-v2.resources_31bf3856ad364e35_10.0.18362.900_ru-ru_3238179cae3606e6 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\wow64_microsoft-windows-tapiservice_31bf3856ad364e35_10.0.18362.657_none_4360ba95aaf36b93 d------ [13:22 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\x86_microsoft-windows-l..-oem-serverstandard_31bf3856ad364e35_10.0.18362.900_none_880a69496e2fc360 d------ [13:23 12/06/2020]
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.900.1.8\x86_microsoft-windows-win32calc.resources_31bf3856ad364e35_10.0.18362.387_sk-sk_b5322bd4e391360d d------ [13:22 12/06/2020]
C:\Windows\SoftwareDistribution\Download\1e1bae6345a78cbcc4771b55add8c76a\Package_for_KB4560959~~amd64~~18362.892.1.3\amd64_microsoft-windows-s..k-transformers-core_31bf3856ad364e35_10.0.18362.892_none_c1d294bd67360a6d d------ [13:17 12/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bb0c.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bc08.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bc58.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bcc7.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bcd9.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bd67.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bdf6.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70be27.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70be77.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70bfe0.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c011.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c023.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c083.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c150.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c1fe.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c22e.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c2ad.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c3a9.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-18a4-2360-a70c457.tmp d------ [09:15 21/06/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417e410.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417e922.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417e934.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417e936.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417e967.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417e9b7.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417eb9d.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ebaf.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ebe0.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ec01.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ec03.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ec24.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ec65.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ecc5.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ecc7.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ecf8.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ed09.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ed1b.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-299c-417ed4c.tmp d------ [09:40 23/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea2703f.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea27070.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea27072.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea27093.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea270b5.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea270c6.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea270c8.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea270f9.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea2710b.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea2711c.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea2712e.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea2714f.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea27161.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea273b5.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea274a1.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea275ad.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea277e1.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea27b10.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-2360-864-ea27b8f.tmp d------ [06:45 27/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-424-23e4-ad3a360.tmp d------ [17:03 24/05/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-1988-82c-831fb43.tmp d------ [06:49 10/04/2020]
C:\Windows\System32\config\systemprofile\AppData\Local\tw-21e4-798-197c2924.tmp d------ [07:32 19/05/2020]
C:\Windows\System32\DriverStore\FileRepository\buttonconverter.inf_amd64_36095deba75a01f3 d------ [15:20 16/12/2019]
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\360safe d------ [09:27 26/03/2020]
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\360safe\360ScanLog d------ [09:28 26/03/2020]
C:\Windows\Tasks\360Disabled d------ [09:30 26/03/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-wifinetworkmanager_31bf3856ad364e35_10.0.18362.900_none_c2bd25f10d250404 d------ [13:26 12/06/2020]
C:\Windows\WinSxS\amd64_c_processor.inf.resources_31bf3856ad364e35_10.0.18362.1_en-gb_04c69af54436041e d------ [15:13 16/12/2019]
C:\Windows\WinSxS\amd64_hyperv-gpupvdev_31bf3856ad364e35_10.0.18362.1_none_0a38360cf72a0e23 d------ [15:13 16/12/2019]
C:\Windows\WinSxS\amd64_lsi_sas.inf.resources_31bf3856ad364e35_10.0.18362.1_en-us_df1360e3f6d75be3 d------ [15:13 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-onecore-b..h-bthserv.resources_31bf3856ad364e35_10.0.18362.1_en-us_1354360141673bea d------ [15:13 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-ppiprojec...appxmain.resources_31bf3856ad364e35_10.0.18362.1_en-gb_1e1678360c4288a4 d------ [15:13 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-allowbuildpreview-adm_31bf3856ad364e35_10.0.18362.1_none_08c494428213b360 d------ [15:13 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-d..providers.resources_31bf3856ad364e35_10.0.18362.1_en-us_43603227e5c4370a d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-dpapisrv.resources_31bf3856ad364e35_10.0.18362.1_en-us_0041536087c1af96 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-g..cy-gptext.resources_31bf3856ad364e35_10.0.18362.1_en-gb_8d632936035de336 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-hotspotauth-api_31bf3856ad364e35_10.0.18362.1_none_04fa29fcc360ed8c d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-lddmcore_31bf3856ad364e35_10.0.18362.836_none_01ac7360751d7faa d------ [07:11 14/05/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-m..ents-mdac-ado15-dll_31bf3856ad364e35_10.0.18362.900_none_622f2d3602247c4e d------ [13:29 12/06/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_10.0.18362.1_none_7a13609bbda07c2c d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.18362.900_none_67360923819d459b d------ [13:26 12/06/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-nfs-adminmmc.resources_31bf3856ad364e35_10.0.18362.1_en-us_9819b836093b44e3 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-p..g-xpsdocumentwriter_31bf3856ad364e35_10.0.18362.1_none_f5360ee5e03eb891 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-photoviewer_31bf3856ad364e35_10.0.18362.900_none_323cd5ec613604a8 d------ [13:30 12/06/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-platformid-wmi_31bf3856ad364e35_10.0.18362.1_none_180360bdea428aac d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-resourcemanager-server_31bf3856ad364e35_10.0.18362.267_none_75ae136039c726d7 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-runtime-windows-media_31bf3856ad364e35_10.0.18362.836_none_9d4d46d3600e0849 d------ [07:14 14/05/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-s..cingstack-onecoreds_31bf3856ad364e35_10.0.18362.772_none_0a0d15c7b3602506 d------ [10:16 16/04/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-s..gevolumewmiprovider_31bf3856ad364e35_10.0.18362.1_none_ea31360287251ee9 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-s..k-transformers-core_31bf3856ad364e35_10.0.18362.892_none_c1d294bd67360a6d d------ [13:17 12/06/2020]
C:\Windows\WinSxS\amd64_microsoft-windows-s..ropertiesprotection_31bf3856ad364e35_10.0.18362.1_none_360fc6c999bc2281 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-t..alservices-allroles_31bf3856ad364e35_10.0.18362.1_none_3605df6aa1002ffb d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-t..languages.resources_31bf3856ad364e35_10.0.18362.1_es-es_8505d7dd761cf360 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-tieringengine_31bf3856ad364e35_10.0.18362.1_none_81d53607e1a48f3a d------ [15:14 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-usbconnectorapi_31bf3856ad364e35_10.0.18362.1_none_8810ce7e08063607 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-uxinit_31bf3856ad364e35_10.0.18362.1_none_2fb36099696b0d61 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft.packagema..ource.packagesource_31bf3856ad364e35_10.0.18362.1_none_d9b977d3607149cf d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_multipoint-logcollector.resources_31bf3856ad364e35_10.0.18362.1_en-gb_06462c3cd53603d8 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_multipoint-srcres_31bf3856ad364e35_10.0.18362.1_none_25b519d36056d2c9 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_10.0.18362.1_none_79fae4360e1d80cb d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_netfx35linq-addinutil_31bf3856ad364e35_10.0.18362.1_none_9d7ba92360944a03 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_netwbw02.inf.resources_31bf3856ad364e35_10.0.18362.1_en-us_264942e4572ba360 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_netwmbclass.inf.resources_31bf3856ad364e35_10.0.18362.1_en-us_0d36096602267a26 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_windows-application..haringsvc.resources_31bf3856ad364e35_10.0.18362.1_en-us_04ca360cfd425918 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_wpf-winfxlist_31bf3856ad364e35_10.0.18362.1_none_133a43606d4183b3 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\amd64_microsoft-windows-security-spp-wmi_31bf3856ad364e35_10.0.18362.1_none_d401a5b21f18dca6 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\msil_microsoft.isam.esent.interop_31bf3856ad364e35_10.0.18362.1_none_966ad5393606ccfc d------ [15:15 16/12/2019]
C:\Windows\WinSxS\msil_microsoft.windows.d..perlicense.commands_31bf3856ad364e35_10.0.18362.1_none_cd360eb4bf3907aa d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_fdssdp_31bf3856ad364e35_10.0.18362.657_none_9b01d4513a3f3475 d------ [10:32 13/02/2020]
C:\Windows\WinSxS\wow64_microsoft-windows-tracedatahelper_31bf3856ad364e35_10.0.18362.329_none_5ca91cc29815023d d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_microsoft-onecore-tetheringservice_31bf3856ad364e35_10.0.18362.1_none_6a62360c9895354e d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_microsoft-windows-crypt32-dll_31bf3856ad364e35_10.0.18362.592_none_bb63608da3f98dd8 d------ [16:56 16/01/2020]
C:\Windows\WinSxS\wow64_microsoft-windows-defaultprinterprovider_31bf3856ad364e35_10.0.18362.1_none_0b36f7dcf360eedf d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_10.0.18362.1_none_36006d3d01af6845 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_11.0.18362.836_none_eb9443607bea4455 d------ [07:13 14/05/2020]
C:\Windows\WinSxS\wow64_microsoft-windows-peertopeerdrt_31bf3856ad364e35_10.0.18362.1_none_360e88ce4c943a5e d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_microsoft-windows-quickassist.resources_31bf3856ad364e35_10.0.18362.1_de-de_360ec0408c2ae74f d------ [15:15 16/12/2019]
C:\Windows\WinSxS\wow64_microsoft-windows-tapiservice_31bf3856ad364e35_10.0.18362.657_none_4360ba95aaf36b93 d------ [10:36 13/02/2020]
C:\Windows\WinSxS\wow64_microsoft-windows-wusa_31bf3856ad364e35_10.0.18362.1_none_89b2abcaca360c07 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\x86_microsoft-windows-m..ss-components-jetes_31bf3856ad364e35_10.0.18362.1_none_acf0eb3191c3601d d------ [15:15 16/12/2019]
C:\Windows\WinSxS\x86_microsoft-windows-m..vider-rll.resources_31bf3856ad364e35_10.0.18362.1_en-us_f53604d869272bbe d------ [15:15 16/12/2019]
C:\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.18362.836_ro-ro_8b360527a6bbacb7 d------ [07:13 14/05/2020]
C:\Windows\WinSxS\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_10.0.18362.1_none_345f80633603abcd d------ [15:15 16/12/2019]
C:\Windows\WinSxS\x86_netfx4-aspnet_webadmin_res_res_b03f5f7f11d50a3a_4.0.15788.0_none_6aa4360050cff7f2 d------ [15:15 16/12/2019]
C:\Windows\WinSxS\x86_netfx4-msbuild_rsp_b03f5f7f11d50a3a_4.0.15788.0_none_4bcef2429d360caf d------ [15:15 16/12/2019]
C:\Windows\WinSxS\x86_netfx4-system_core_ni_b03f5f7f11d50a3a_4.0.15788.0_none_86ffbd683d8a3606 d------ [15:16 16/12/2019]
C:\Windows\WinSxS\Temp\InFlight\2e8955af9a44d60103000000981ec012\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.18362.778_fr-fr_9f54d32932ac89ac d------ [10:30 16/04/2020]
C:\Windows\WinSxS\Temp\InFlight\2e8955af9a44d60103000000981ec012\amd64_microsoft-windows-runtime-windows-media_31bf3856ad364e35_10.0.18362.145_none_9d41695360171ed2 d------ [15:14 16/12/2019]
C:\Windows\WinSxS\Temp\InFlight\2e8955af9a44d60103000000981ec012\wow64_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_11.0.18362.693_none_588fccb0c66360b8 d------ [08:48 12/03/2020]
C:\Windows\WinSxS\Temp\InFlight\2e8955af9a44d60103000000981ec012\x86_microsoft-windows-license-default-core_31bf3856ad364e35_10.0.18362.778_none_74a3608c96785ff0 d------ [10:28 16/04/2020]
C:\Windows\WinSxS\Temp\InFlight\4e8c6f49d40fd60109030000a02ba411\amd64_microsoft-windows-r..pdate-oob-component_31bf3856ad364e35_10.0.18362.657_none_4365c61336020ec6 d------ [10:37 13/02/2020]
C:\Windows\WinSxS\Temp\InFlight\4e8c6f49d40fd60109030000a02ba411\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_5.82.18362.657_sv-se_254f360cbb3dd6b8 d------ [10:36 13/02/2020]
C:\Windows\WinSxS\Temp\InFlight\bad8a81cbc29d601800300006c16a423\amd64_dual_prnms002.inf_31bf3856ad364e35_10.0.18362.449_none_436090155b151288 d------ [15:13 16/12/2019]
C:\Windows\WinSxS\Temp\InFlight\bad8a81cbc29d601800300006c16a423\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_5.82.18362.720_el-gr_878360ca87c5576a d------ [19:10 13/03/2020]
C:\Windows\WinSxS\Temp\InFlight\ce91c6096af9d5010e030000e8037813\amd64_dual_vhdmp.inf_31bf3856ad364e35_10.0.18362.356_none_e49e7dab8b36021e d------ [15:13 16/12/2019]
C:\Windows\WinSxS\Temp\InFlight\ce91c6096af9d5010e030000e8037813\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_5.82.18362.592_he-il_6e87587360efe797 d------ [16:56 16/01/2020]
C:\Windows\WinSxS\Temp\InFlight\e2fc6f689a44d60101000000981ec012\amd64_microsoft-onecore-cdp-winrt_31bf3856ad364e35_10.0.18362.1_none_360a3bd370cb4ee6 d------ [15:13 16/12/2019]
C:\Windows\WinSxS\Temp\InFlight\e2fc6f689a44d60101000000981ec012\amd64_microsoft-onecore-coremessaging_31bf3856ad364e35_10.0.18362.1_none_19e0438360c05db5 d------ [15:13 16/12/2019]
C:\Windows.old\Users\All Users\360safe d------ [19:20 28/06/2020]
C:\Windows.old\Users\All Users\360TotalSecurity d------ [09:16 29/06/2020]
C:\Windows.old\Users\All Users\360safe\360Disabled d------ [19:23 28/06/2020]
C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]

Searching for "*360 Security Center*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
C:\Users\ryswi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]

-= EOF =-
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
116,967
I knew searching for "360" would give a lot of unrelated results but it was necessary.

You didn't install this intentionally? It appears it was installed yesterday. Did you download anything at all yesterday?
 

Brigham

John
Thread Starter
Joined
Aug 24, 2010
Messages
1,437
I knew searching for "360" would give a lot of unrelated results but it was necessary.

You didn't install this intentionally? It appears it was installed yesterday. Did you download anything at all yesterday?
I wasn't in for most of the day yesterday but I didn't notice anything downloaded.
 

Brigham

John
Thread Starter
Joined
Aug 24, 2010
Messages
1,437
It is 11.15 at night so I will be going to bed soon. I usually get up around 7am just to let you know. From the look of the task ahead of you, it could take a long time, so I will just pop in and out, and think about poor you with all that work. (I'm very grateful)
 

Macboatmaster

Trusted Advisor
Spam Fighter
Joined
Jan 14, 2010
Messages
23,791
Cookiegal
To throw in my brief suggestion, although you may I think have spotted it
The 360 Total security is that product that purports to be an AV from Qihoo
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QHActiveDefense]
"DisplayName"="360 Total Security"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QHActiveDefense]
"Description"="360 Total Security"
as here
https://www.360totalsecurity.com/en/about/

It appears that either the system has just been reinstalled OR the AV has been there for sometime as it is also in the Windows Old Folder
C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\360 Security Center d------ [19:19 28/06/2020]
and yet it suggests the last install date was 16.12.2019
If it was not there before and has managed to get into the windows old folder ?
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
116,967
Yes, I saw that it was also in the .old folders.

It's supposed to be a legitimate program but rather iffy it tseems to me yet it's offered for download at Bleeping Computer. I'm signing off for the night and I will study this a bit more tomorrow morning.
 

Macboatmaster

Trusted Advisor
Spam Fighter
Joined
Jan 14, 2010
Messages
23,791
Cheers
Hope you did not mind me coming, I am sure you spotted it, but it is sometimes confused with Norton (Symantec) 360 Total security, but I spotted the QH.
| will leave it now as getting rid of it, is outisde of my knowledge.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
116,967
I think the safest way to remove it would be to reinstall it and then uninstall it through Programs and Features. It's created a sandbox and hidden directories with system attributes. We wouldn't have found all of the components with these searches and if we try to pick it apart we aren't going to remove everything and may cause other issues.

If Bleeping Computer is offering it for download then it must be trustworthy as they are very well-known in the malware work and would never provide a malicious program for download.

There are two options to download it from Bleeping Computer or from the author's site I would suggest using the Bleeping Computer download button on the left side.

https://www.bleepingcomputer.com/download/360-total-security/

Then uninstall it through the Control Panel - Programs and Features then reboot the computer. Lastly run the TSG Sysinfo utility again and post the new results.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top