I received notice from Windows Defender of threats found. Upon receipt of the notice, I ran a scan with Windows Defender which reported clean. I tried to run FRST64 to post to this forum, but the application would immediately close. I ran Adaware, which reported a fraud-click trojan, powelik. I cleaned through Adaware. I ran SpyBot Search & Destroy 2.0, which uncovered Win32.Ransomware.loc. I clean, quarantined, and purged the Ransomware through Spybot.
Upon startup, I receive a Script Error notice. It reports the following:
Line: 1
Char: 78
Error: Invalid root in registry key "HKCU\software\jqaf\jxkm".
Code: 0
URL:
When I click No to continuing the scripts, I receive another popup with a title concerning javascript, ActiveXObject("WScript.Shell.") for the same registry key above.
The FRST.txt and Addition.txt logs are attached.
Attachments
Addition.txt
Addition.txt
(52.54 KiB) Downloaded 5 times
FRST.txt
FRST.txt
(57.77 KiB) Downloaded 3 time