Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • This topic is locked This topic is locked
1 reply to this topic

#1 homefree89


  • Members
  • 7 posts
  • Local time:09:33 AM

Posted 17 November 2017 - 04:32 AM

I have a virus slowing my computer and preventing me from even going to kaspersky.com.  I get constant ERR_CONNECTION_TIMED_OUT errors on google and other sites and I am fed up. I tried the Google clean up tool, and I had nothing.  I tried the F-Secure online scan and got nothing but its clearly something!


I need help please! I have tried Rkill.exe and it detects nothing except this:



Rkill 2.9.1 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 11/17/2017 03:24:29 AM in x64 mode.
Windows Version: Windows 10 Home 
Checking for Windows services to stop:
 * No malware services found to stop.
Checking for processes to terminate:
 * No malware processes found to kill.
Checking Registry for malware related settings:
 * No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
 * Windows Defender Disabled
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001


I used malwarebytes and found this:


-Log Details-
Scan Date: 11/17/17
Scan Time: 4:15 AM
Log File: 3c12ccaa-cb80-11e7-a25c-dc4a3ef0a23d.json
Administrator: Yes
-Software Information-
Components Version: 1.0.236
Update Package Version: 1.0.3280
License: Trial
-System Information-
OS: Windows 10 (Build 16299.64)
CPU: x64
File System: NTFS
User: LAPTOP-Q6RMJCH7\homef
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 464048
Threats Detected: 4
Threats Quarantined: 4
Time Elapsed: 10 min, 38 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-1400650498-136449433-1628322994-1002\SOFTWARE\csastats, Quarantined, [2], [260986],1.0.3280
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 3
PUP.Optional.InstallCore, C:\USERS\HOMEF\DOWNLOADS\CAMSTUDIO.EXE, Quarantined, [2], [301065],1.0.3280
PUP.Optional.Dregol, C:\USERS\HOMEF\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [9334], [455074],1.0.3280
PUP.Optional.Conduit, C:\USERS\HOMEF\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [578], [454832],1.0.3280
Physical Sector: 0
(No malicious items detected)
Malwarebytes quarantines it, then I click delete it forever and it still comes back!
and it worked! YAY!!! Have a nice day! (sorry no clue how to delete this post.)

Edited by homefree89, 17 November 2017 - 06:46 AM.

BC AdBot (Login to Remove)


#2 nasdaq


  • Malware Response Team
  • 40,461 posts
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:33 AM

Posted 17 November 2017 - 08:40 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users