Jump to content

Infected with something!

Deano253

By Deano253
in Resolved Malware Removal Logs

 Share
Go to solution Solved by kevinf80,

Recommended Posts

Deano253

Deano253

Posted
Posted

Hello,

I stumbled onto an infected website on Nov 21 and according to my web history in Firefox, systemsupport.club tried, or did, something.

My address bar in the Windows taskbar, although set to use Google, now returns search results from Bing.

Also, over the last couple of days, I'm losing access to Office 365 apps. They report they've "run into an error that is preventing" (app) from working correctly" and will need to be closed as a result. Three dialog boxes are presented: repair now, help, or close.

Malwarebytes Premium 4.2.1 reports no problems, nor does Windows Defender.

MWB and Farbar logs attached; grateful for any assistance!

 

Deano253

 

mware bytes scan.txt Addition.txt FRST.txt

Link to post
Share on other sites
  • Solution
kevinf80

kevinf80

Posted
  • Solution
Posted

Hello Deano253 and welcome to Malwarebytes,

Continue with the following:

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.

NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed.

The following directories are emptied:
 
  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin


Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

user posted image

The system will be rebooted after the fix has run.

Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,


Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.


Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Let me see those logs in your reply....

Thank you,

Kevin...

fixlist.txt

Link to post
Share on other sites
Deano253

Deano253

Posted
  • Author
Posted

Hi, Kevin,

I don't know what happened with fixlog from FRST. I ran it Tuesday and again Wednesday; the window stayed open on-screen for less than a minute and then closed. I ran it again later Wednesday and the third time was the charm. Log is attached.  The adwcleaner log is also attached for continuity's sake; that program did find and delete a couple of things as per the second posting above.

After running the above, I found that Sophos had apparently left some of itself behind while trying to install. I got rid of that using Windows Control Panel install/uninstall and then Sophos installed. It found one thing; as per your original instructions, below I've copied and pasted the results.

Thanks so much for your assistance!

Deano253

2020-12-02 23:25:52.626    Sophos Virus Removal Tool version 2.8.0
2020-12-02 23:25:52.626    Copyright (c) 2009-2020 Sophos Limited. All rights reserved.

2020-12-02 23:25:52.626    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2020-12-02 23:25:52.626    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 WOW64
2020-12-02 23:25:52.626    Checking for updates...
2020-12-02 23:25:52.636    Update progress: proxy server not available
2020-12-02 23:25:58.242    Downloading updates...
2020-12-02 23:25:58.242    Update progress: [I96736] sdds.svrt_v1.20: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2020-12-02 23:25:58.242    Update progress: [I95020] sdds.svrt_v1.20: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-12-02 23:25:58.242    Update progress: [I22529] sdds.svrt_v1.20: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-12-02 23:25:58.242    Update progress: [V81533] SU::createCachedPackageSource creating cached package source for http://d2.sophosupd.com/update-B: url=SOPHOS
2020-12-02 23:25:58.242    Update progress: [V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
2020-12-02 23:25:58.242    Update progress: [V81533] SU::createCachedPackageSource creating package source to download customer file
2020-12-02 23:25:58.242    Update progress: [V81533] SU::createCachedPackageSource creating cached package source
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: catalogue/sdds.data0910.xml
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: catalogue/sdds.data0910.xml: 47 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1b20fcaf8e0d81ecf8076c4b42a5dfa2x000.xml: 2305 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1b20fcaf8e0d81ecf8076c4b42a5dfa2x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b3553b48017737bbb3eec8674844b166x000.xml: 8673 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b3553b48017737bbb3eec8674844b166x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE582/0b3fc481278f5d42b8e676b24c69598ax000.xml: 590 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE582/0b3fc481278f5d42b8e676b24c69598ax000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 598 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE579/26a1a097a14b8e0bbd28be53a2aafb1ex000.xml: 601 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE579/26a1a097a14b8e0bbd28be53a2aafb1ex000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE580/44559335c6f1bc63dde9d811db091136x000.xml: 601 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE580/44559335c6f1bc63dde9d811db091136x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE577/55f0b0a4e526c2d0401e01357d48129ax000.xml: 601 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE577/55f0b0a4e526c2d0401e01357d48129ax000.xml: 31 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE576/7ed1ad18698b36122cfd3eb25407d6e6x000.xml: 601 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE576/7ed1ad18698b36122cfd3eb25407d6e6x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE575/f655ae2aebfe5da4ab6db868c674ba43x000.xml: 601 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE575/f655ae2aebfe5da4ab6db868c674ba43x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE578/fd09277a9cc316c7820beadc29555583x000.xml: 601 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE578/fd09277a9cc316c7820beadc29555583x000.xml: 0 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE581/70389dd54185c89d6b99959a44dd78c6x000.xml: 2559 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE581/70389dd54185c89d6b99959a44dd78c6x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 94ee76f75cc2a222a79a6d5a305ac005x000.xml: 615 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 94ee76f75cc2a222a79a6d5a305ac005x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c3b05924f8bebb2144ddae058798a9e0x000.xml: 320 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c3b05924f8bebb2144ddae058798a9e0x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 753 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 331 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f68284d0c844770e160f65625b572b5ex000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f68284d0c844770e160f65625b572b5ex000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b6237eb64a0908d40c9415a7c7ba3843x000.xml: 338 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b6237eb64a0908d40c9415a7c7ba3843x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 664cf44531a491f6d94d8e883ebd8013x000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 664cf44531a491f6d94d8e883ebd8013x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e633c35f2a494780bd5b5266ac06f13ax000.xml: 338 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e633c35f2a494780bd5b5266ac06f13ax000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d48b68b7041bde7c1484c5cb94897672x000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d48b68b7041bde7c1484c5cb94897672x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 28bb8eb241a254452f85129686b027e5x000.xml: 338 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 28bb8eb241a254452f85129686b027e5x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2a074ff18c7f3222667dc2edfa46e75fx000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2a074ff18c7f3222667dc2edfa46e75fx000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9bb8aeca1b234665832ec72c609610cex000.xml: 338 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9bb8aeca1b234665832ec72c609610cex000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7009c81b29e1d232da816176e143ae49x000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7009c81b29e1d232da816176e143ae49x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 51d6e7beb10ae1cf1b534f59c6e58e86x000.xml: 338 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 51d6e7beb10ae1cf1b534f59c6e58e86x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ff82765819ae95b2d888a3384d7f2c2cx000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ff82765819ae95b2d888a3384d7f2c2cx000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d9a77a07892e11509435eeb503ebcbafx000.xml: 338 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d9a77a07892e11509435eeb503ebcbafx000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: bc2c5e7314423265da7857c71bf782e5x000.xml: 877 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: bc2c5e7314423265da7857c71bf782e5x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5e7460873006b214fd68e9307c8b01cfx000.xml: 336 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5e7460873006b214fd68e9307c8b01cfx000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f222f289153e3ed05abafd3fa3e91c64x000.xml: 877 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f222f289153e3ed05abafd3fa3e91c64x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5460d93c864bcac80628c717f3c5cad4x000.xml: 336 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5460d93c864bcac80628c717f3c5cad4x000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: df3a4de52142d5fc6506775e1114924cx000.xml: 877 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: df3a4de52142d5fc6506775e1114924cx000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c9d868240075771bc631fd70ffeb16ex000.xml: 336 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c9d868240075771bc631fd70ffeb16ex000.xml: 15 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4eac5d58eaa7027016f336e941c20e03x000.xml: 877 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4eac5d58eaa7027016f336e941c20e03x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b4b5ea57a2c3ebf1d2d8b13470bee761x000.xml: 336 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b4b5ea57a2c3ebf1d2d8b13470bee761x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4ba8c60481a8187a78cfe377e27311aax000.xml: 1027 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4ba8c60481a8187a78cfe377e27311aax000.xml: 0 ms
2020-12-02 23:25:58.242    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 00221b86018a1a9f486e7f8d3afc1607x000.xml: 336 bytes
2020-12-02 23:25:58.242    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 00221b86018a1a9f486e7f8d3afc1607x000.xml: 16 ms
2020-12-02 23:25:58.242    Update progress: [I49502] sdds.data0910.xml: found supplement IDE579 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2020-12-02 23:25:58.242    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE579 LATEST path=
2020-12-02 23:25:58.242    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE579 LATEST path=
2020-12-02 23:25:58.242    Update progress: [I49502] sdds.data0910.xml: found supplement IDE580 LATEST path= baseVersion= [included from product IDE579 LATEST path=]
2020-12-02 23:25:58.246    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE580 LATEST path=
2020-12-02 23:25:58.246    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE580 LATEST path=
2020-12-02 23:25:58.246    Update progress: [I49502] sdds.data0910.xml: found supplement IDE581 LATEST path= baseVersion= [included from product IDE580 LATEST path=]
2020-12-02 23:25:58.246    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE581 LATEST path=
2020-12-02 23:25:58.246    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE581 LATEST path=
2020-12-02 23:25:58.246    Update progress: [I49502] sdds.data0910.xml: found supplement IDE582 LATEST path= baseVersion= [included from product IDE581 LATEST path=]
2020-12-02 23:25:58.246    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE582 LATEST path=
2020-12-02 23:25:58.246    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE582 LATEST path=
2020-12-02 23:25:58.246    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-12-02 23:25:58.246    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c90fc61d20c95b97fb8f24a79b020a22x000.xml: 58196 bytes
2020-12-02 23:25:58.246    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c90fc61d20c95b97fb8f24a79b020a22x000.xml: 63 ms
2020-12-02 23:25:58.246    Update progress: [I19463] Product download size 175118518 bytes
2020-12-02 23:25:59.816    Update progress: [I19463] Syncing product IDE579 LATEST path=
2020-12-02 23:25:59.816    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e4c2bcd4c718673e16f63e09efff1a8ex000.xml: 38198 bytes
2020-12-02 23:25:59.816    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e4c2bcd4c718673e16f63e09efff1a8ex000.xml: 31 ms
2020-12-02 23:25:59.816    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d88614f5e04b39cdbbff43d399efbccex000.xml: 397 bytes
2020-12-02 23:25:59.816    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d88614f5e04b39cdbbff43d399efbccex000.xml: 32 ms
2020-12-02 23:25:59.816    Update progress: [I19463] Product download size 3365148 bytes
2020-12-02 23:25:59.998    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a090dc05ce65e143ba06fc14e001e076x000.xml: 3183 bytes
2020-12-02 23:25:59.998    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a090dc05ce65e143ba06fc14e001e076x000.xml: 16 ms
2020-12-02 23:26:00.129    Option all = no
2020-12-02 23:26:00.129    Option recurse = yes
2020-12-02 23:26:00.129    Option archive = no
2020-12-02 23:26:00.129    Option service = yes
2020-12-02 23:26:00.129    Option confirm = yes
2020-12-02 23:26:00.129    Option sxl = yes
2020-12-02 23:26:00.131    Option max-data-age = 35
2020-12-02 23:26:00.131    Option vdl-logging = yes
2020-12-02 23:26:00.131    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2020-12-02 23:26:00.131    Machine ID:    3b73a83963dc41b5ad3147c68a04a8f6
2020-12-02 23:26:00.152    Component SVRTcli.exe version 2.8.0
2020-12-02 23:26:00.152    Component control.dll version 2.8.0
2020-12-02 23:26:00.152    Component SVRTservice.exe version 2.8.0
2020-12-02 23:26:00.152    Component engine\osdp.dll version 1.44.1.2490
2020-12-02 23:26:00.152    Component engine\veex.dll version 3.79.0.2490
2020-12-02 23:26:00.152    Component engine\savi.dll version 9.0.20.2490
2020-12-02 23:26:00.172    Component rkdisk.dll version 1.5.33.1
2020-12-02 23:26:00.172    Version info:    Product version    2.8.0
2020-12-02 23:26:00.172    Version info:    Detection engine    3.79.0
2020-12-02 23:26:00.172    Version info:    Detection data    5.78
2020-12-02 23:26:00.172    Version info:    Build date    9/8/2020
2020-12-02 23:26:00.172    Version info:    Data files added    384
2020-12-02 23:26:00.172    Version info:    Last successful update    (not yet updated)
2020-12-02 23:26:00.255    Update progress: [I19463] Syncing product IDE580 LATEST path=
2020-12-02 23:26:00.255    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: fa14ac969204291e5569af27e2082366x000.xml: 39399 bytes
2020-12-02 23:26:00.255    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: fa14ac969204291e5569af27e2082366x000.xml: 250 ms
2020-12-02 23:26:00.255    Update progress: [I19463] Product download size 2835246 bytes
2020-12-02 23:26:00.447    Update progress: [I19463] Syncing product IDE581 LATEST path=
2020-12-02 23:26:00.447    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 31eee1aee03f5022e368661a28fc484dx000.xml: 19048 bytes
2020-12-02 23:26:00.447    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 31eee1aee03f5022e368661a28fc484dx000.xml: 16 ms
2020-12-02 23:26:00.447    Update progress: [I19463] Product download size 1348758 bytes
2020-12-02 23:26:00.626    Update progress: [I19463] Syncing product IDE582 LATEST path=
2020-12-02 23:26:00.626    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f430c089bf466bb070b959d79391e4c2x000.xml: 124 bytes
2020-12-02 23:26:00.626    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f430c089bf466bb070b959d79391e4c2x000.xml: 16 ms
2020-12-02 23:26:00.656    Installing updates...
2020-12-02 23:26:01.096    Error level 1
2020-12-02 23:26:03.636    Update successful
2020-12-02 23:26:18.187    Option all = no
2020-12-02 23:26:18.187    Option recurse = yes
2020-12-02 23:26:18.187    Option archive = no
2020-12-02 23:26:18.187    Option service = yes
2020-12-02 23:26:18.187    Option confirm = yes
2020-12-02 23:26:18.187    Option sxl = yes
2020-12-02 23:26:18.187    Option max-data-age = 35
2020-12-02 23:26:18.187    Option vdl-logging = yes
2020-12-02 23:26:18.311    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2020-12-02 23:26:18.311    Machine ID:    3b73a83963dc41b5ad3147c68a04a8f6
2020-12-02 23:26:18.327    Component SVRTcli.exe version 2.8.0
2020-12-02 23:26:18.327    Component control.dll version 2.8.0
2020-12-02 23:26:18.327    Component SVRTservice.exe version 2.8.0
2020-12-02 23:26:18.327    Component engine\osdp.dll version 1.44.1.2490
2020-12-02 23:26:18.327    Component engine\veex.dll version 3.79.0.2490
2020-12-02 23:26:18.327    Component engine\savi.dll version 9.0.20.2490
2020-12-02 23:26:18.327    Component rkdisk.dll version 1.5.33.1
2020-12-02 23:26:18.327    Version info:    Product version    2.8.0
2020-12-02 23:26:18.327    Version info:    Detection engine    3.79.0
2020-12-02 23:26:18.327    Version info:    Detection data    5.78
2020-12-02 23:26:18.327    Version info:    Build date    9/8/2020
2020-12-02 23:26:18.327    Version info:    Data files added    387
2020-12-02 23:26:18.327    Version info:    Last successful update    12/2/2020 3:26:03 PM

2020-12-03 02:15:18.796    Could not open C:\swapfile.sys
2020-12-03 02:15:18.984    Could not open C:\System Volume Information\{2f02968d-34f3-11eb-bba3-502b73e40e80}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-12-03 02:15:18.984    Could not open C:\System Volume Information\{2f0296b7-34f3-11eb-bba3-502b73e40e80}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-12-03 02:15:18.984    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-12-03 02:15:32.278    Could not open C:\Users\User\AppData\Local\Dropbox\events\store
2020-12-03 02:15:32.294    Could not open C:\Users\User\AppData\Local\Dropbox\instance1\sync\temp\6838bb783d068b50
2020-12-03 02:15:32.294    Could not open C:\Users\User\AppData\Local\Dropbox\instance1\sync\temp\95552ff7c4a391c5
2020-12-03 02:15:32.294    Could not open C:\Users\User\AppData\Local\Dropbox\instance1\sync\temp\c871ec1ed61d2e14
2020-12-03 02:16:11.894    Could not open C:\Users\User\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2020-12-03 02:16:11.894    Could not open C:\Users\User\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
2020-12-03 02:24:12.708    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2020-12-03 02:24:12.708    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2020-12-03 02:24:14.005    Could not open C:\Windows\System32\config\BBI
2020-12-03 02:55:29.810    Could not check E:\Program Files (x86)\Roxio Creator NXT Pro 6\Roxio Burn\Lang\ITA\HELP\Roxio Burn.chm\/images/burn_disc_image.jpg (format not supported)
2020-12-03 03:32:56.163    Could not check G:\DATA\Eudora Pro\attach\TodayOnly.pps (corrupt)
2020-12-03 03:41:47.394    Could not check G:\DEAL WITH THIS *****\DENUTY INVENTORY\Denuty from Flash Drive 2015 and earlier\DENUTY\DENUTY  AS OF 8-28\Inventories 082813\Backups\MJD postcards returned 081013 - Copy.xls (corrupt)
2020-12-03 03:41:51.848    Could not check G:\DEAL WITH THIS *****\DENUTY INVENTORY\Denuty from Flash Drive 2015 and earlier\DENUTY\DENUTY AS OF MARCH 2014\Denuty Inventories 030414\Backups\MJD Postcard Inventory 091513 all enterd.xls (corrupt)
2020-12-03 03:41:52.660    Could not check G:\DEAL WITH THIS *****\DENUTY INVENTORY\Denuty from Flash Drive 2015 and earlier\DENUTY\Denuty Binders 07232013.xls (corrupt)
2020-12-03 03:41:52.676    Could not check G:\DEAL WITH THIS *****\DENUTY INVENTORY\Denuty from Flash Drive 2015 and earlier\DENUTY\Denuty Binders 08-10-13 (2).xls (corrupt)
2020-12-03 03:45:10.610    Password protected file G:\DEAL WITH THIS *****\DI2011jm.pdf
2020-12-03 04:47:46.303    >>> Virus 'Mal/FakeAv-NL' found in file P:\Paint Shop Pro\thanksgiving6.exe
2020-12-03 04:47:46.303    >>> Virus 'Mal/FakeAv-NL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2020-12-03 04:47:46.303    >>> Virus 'Mal/FakeAv-NL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2020-12-03 04:54:43.013    Could not open LOGICAL:0018:00000000
2020-12-03 04:54:43.013    Could not open Y:\
2020-12-03 04:54:43.013    Could not open LOGICAL:0019:00000000
2020-12-03 04:54:43.028    Could not open Z:\
2020-12-03 04:54:44.373    The following items will be cleaned up:
2020-12-03 04:54:44.373    Mal/FakeAv-NL

 

 

 

Fixlog.txt AdwCleaner[S01].txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello Deano253,

Good to hear your system is ok for you, continue to clean up:

Uninstall the following program:

Sophos AV

http://www.askvg.com/how-to-completely-uninstall-remove-a-software-program-in-windows-without-using-3rd-party-software/

Also delete this folder if still present: C:\ProgramData\Sophos

Next,

Right click on FRST here: C:\Users\User\Desktop\FRST.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator"

If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST to uninstall

That action will remove FRST and all created files and folders...

Next,

Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2

Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point

Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/

Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/

Malwarebytes Browser Guard (Free) for Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee

From there you should be good to go...

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept