So one in my family got hit by support scammers , sence they used Remote c software i dont know exactly what they did , but the remote session logfile was left behind
I ran Avira full scan archives and all , it found , JS/Dldr.Locky.LQ in a rarfile , and 3 suspected dll files .in some folder
Ran MBAR beta : found nothing
Ran MBAM Custom all files scan , found nothing
Ran roguekiller a few times between , runs with Junkware removal tool from MB witch found 2 entries witch it deleted , and adwcleaner found nothing.
ill attach the log of the 3 rogkiller instances 1 delete log and 2 scan logs.
Ran firewalltest on grc.com and it came out all good and comfy
Solicited TCP Packets: RECEIVED (FAILED)
so i pulled the plug untill i can find some more info on that specificly
Now scanned it again after i had the comp runing with internet unplugged for 1h
and it came clean. noly thing is the "VT.Unknown MBR Code" im scratching my head about.
i dont have physical access to the laptop in question atm so my reply might take 2 days or so