A download started on my computer but I stopped it, how to locate and delete it?

[Pondus]

The best way to get infected is using pirated software, they don't recive security updates and they may also include some extra unwanted software you don't want

Let's see what the malware expert say when he arrive

[Eddy]

I suggest to install Windows from scratch and register it legally.

[Sass Drake]

Did you personally configured proxy server settings in Firefox?

[REDACTED]

I'm not sure what you mean by configuring proxy settings in Firefox....
I have not touched that part in Firefox.

[Sass Drake]

• Open Notepad (click Start button -> type notepad.exe -> press Enter)
• Copy text from code block below and paste it into Notepad

Code: [Select]

FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> backup.ftp", "107.172.100.23"
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> backup.ftp_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> backup.socks", "107.172.100.23"
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> backup.socks_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> backup.ssl", "107.172.100.23"
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> backup.ssl_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> ftp", "107.172.100.23"
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> ftp_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> socks", "107.172.100.23"
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> socks_port", 3128
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> ssl", "107.172.100.23"
FF NetworkProxy: Mozilla\Firefox\Profiles\0yd7j2jx.default -> ssl_port", 3128

• Go to File -> Save As
• Make sure that  UTF-8 is selected as Encoding (left side of Save button)
• Save it as fixlist.txt on Desktop
• Open again FRST and click on button Fix
• Wait until FRST finishes
• fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.

[REDACTED]

If you mean those, they are part of my freelance work. And has nothing to do with any malware.

My original question was about that aborted download for the game. That is all. My guess is that it was harmless and did not show up in the reading of those files.....But instead you guys are trying to fish me for additional info? 

If you guys, are still trying to interrogate me - I'm calling this off.

Geez, all I'm getting is an interrogation and no "expert" has actually helped me on this issue.

It's as easy as a reformat.

If that is what it takes.

What a joke this help section of Avast is. And *Avast* seems to constantly badger users to get the paid version because it apparently knows all our stored passwords in the browser, eh? I wonder what else it knows (or wants to know), and I'm not surprised by the help section either!

My mistake for coming here and asking for help.

[Sass Drake]

I'm not sure what you mean by configuring proxy settings in Firefox....
I have not touched that part in Firefox.

If you mean those, they are part of my freelance work. And has nothing to do with any malware.

Was it so hard to say that you configured it instead of telling you never touched that part in Firefox.

Your PC was malware free according to logs in a first place so:


• The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.]
Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.