Would it be safe for me to delete all files in C:\ProgramData\Spybot - Search & Destroy\Logs ?
Or just Check*.txt files?
Type: Posts; User: Chris Haslam; Keyword(s):
Would it be safe for me to delete all files in C:\ProgramData\Spybot - Search & Destroy\Logs ?
Or just Check*.txt files?
Files are dated 2022-02-26 thru 2022-04-23 and from 2019-10-07
KpRm .txt file
-------------
# Run at 2022-04-23 15:51:47
# KpRm (Kernel-panik) version 2.9.3
# Website https://kernel-panik.me/tool/kprm/
# Run by Chris from C:\Users\Chris\Desktop
# Computer...
I just looked at C:\ProgramData\Spybot - Search & Destroy\Quarantine using PowerDesk.
There are 146 files in this folder, including Generic.Ransom.VxLock.886DC9DE;Generic.Ransom.VxLock.*.zip The...
Done, on my PC
My wife's PC no longer shows VxLock
favicons.sqlite on her PC is 44 MB ! I found a way, in Mozilla Help, of copying existing bookmarks to a newly installed Firefox. Perhaps this will reduce size...
Posted to False Positives:
"A scan last night and again today, after the daily update, did not show VxLock. It appears that the problem is resolved."
Thank you for your help.
I will check my...
A scan last night and again today, after the daily update, did not show VxLock. It appears that the problem is resolved.
I have posted to False Positives and linked by thread to our thread.
See https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6
Juliet on Spybot Malware forum suspects false positive.
I found that I was already subscribed: back in 2019
The scan log is:
Search results from Spybot - Search & Destroy
2022-04-20 18:00:42
Scan took 00:10:21.
6 items found.
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change,...
Do I need to subscribe to the False Positives thread?
Working on reporting it
I can send you one of the zip files in SS&D\Quarantine, if that would be helpful --- and safe. These are spooky times!
How do I do that?
I used FileFinder to look for file names containing VXLOCK everywhere on my PC. The only files it found are in Spybot's Quarantine folder. They are .zip files
The scan log is:...
In a SS&D scan yesterday, VxLock didn't show, but it shows in a scan done today.
About the odd email:
I was not yet fully awake when it arrived in my inbox.
I can add that it had what looked like a PDF button
The email had shown in New email. I clicked on it, then on Open...
Happy Easter!
I downloaded and ran (as Administrator) KpRm as you suggested. Here's the log:
# Run at 2022-04-17 16:51:06
# KpRm (Kernel-panik) version 2.9.3
# Website...
Thank you for your further instructions. Your idea that this is a false positive are potentially comforting!
I am wondering a bit about EEK's new user interface. You wrote, in Post 13, that EEK...
I see that Farbar found 10 files. Trusting in your guidance, I believe that I am ready to remove tools and quarantine folders. Is there a risk in doing so?
I note that we have seen no sign of the...
What's the computer doing now?[/QUOTE]
Still sitting at the Scan Results window
scan_220415-161119.txt
-----------------------
Emsisoft Emergency Kit - Version 2021.9
Last update: 2022-04-15 12:42:23
My own Molly\Chris
MOLLY
Windows 7x86 Service Pack 1
Scan settings:
Hovering over each of the 2 shows that they are reporting on FRST.exe
I clicked Scan and Clean
13302
I clicked Malware Scan. After progress bar reached 100%, this showed:
13303
Clicking on View Report did nothing. I did nothing more.
I chose to run EEK.
What I got, after downloading, differed substantially from the steps in your instructions.
A folder named C:\EEK was created with Start Emergency Kit Scanner.exe in it.
I...
When I tried to download Emsisoft Emergence Kit, Firefox told me
13300
Thoughts?
Step 1 (of 2) done
fixlog.txt
--------
Fix result of Farbar Recovery Scan Tool (x86) Version: 13-04-2022 01
Ran by Chris (13-04-2022 14:12:14) Run:1
Running from C:\Users\Chris\Desktop
Loaded...
This PC is working well, so I ask whether doing what you suggest could make it run less well.
addition.txt
-----------
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-04-2022
Ran by Chris (09-04-2022 13:28:54)
Running from C:\Users\Chris\Desktop
Microsoft Windows 7...
Sorry for the delay in replying. gmail didn't forward your post to my normal email address.
I downloaded Frabar.[LIST]
I downloaded Farbar to the Desktop
I right-clicked on FRST.exe and...
I recognize none of the registry entries. Perhaps you do.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: ...
Prompts for Anti-Malware were somewhat different from those you listed.
I found no choice but to start a 14-day trial of Premium.
I read in the enigmasoftware.com article that VxLock sometimes...
I downloaded and ran Anti-Malware.
I told me that the SHA-2 update was missing so I chose to download and run the legacy version.
The prompts differed from what you listed, e.g. no Dashboard, but I...
I rebooted.
Ran SS&D again. E31AD1D6 had gone, but replaced by CB7B23BB
-----
My wife's PC has D995041C. She is rebooting.
...chris
How can I remove this virus?
SS&D ran this automatically today. It shows this virus. I clicked on Fix All selected.
I then ran SS&D again. This virus was still there.
...chris
Can I delete old system scan logs?
If so, how can I do it?
I am running Win 7
Thanks
Yes. Category is Viruses and Rule# is SpybotAV.
...chris
The situation is the same as earlier in this thread but I now have C:\Program Files\Dropbox\Client\80.4.126\win32job.cp37-win32.pyd . Before I had C:\Program...
It disappeared from the Spybot report but has now re-appeared.
Thanks
This item has reappeared. As you can see, DropBox is used on this computer.
...chris
I add:
Win 7 SP1 fully patched
Spybot 2.7 with lasts updates
From the log:
Gen:Variant.Graftor.116528: [SBI $SpybotAV] Executable (File, nothing done)
C:\Program Files\Dropbox\Client\win32job.cp36-win32.pyd
Category=Viruses
ThreatLevel=5
...
[Thanks. Will do
I rebooted then did a system scan. The threat was, myseriously, gone.
This was on my wife's computer so may be she did something -- but she is too well "trained" to invoke SS&D without...
Edit: Gen:Variant.Graftor.116528
...chris
Excerpt from System Scan log:
Gen:Variant.Graftor.116528: [SBI $SpybotAV] Executable (File, nothing done)
C:\Program Files\Dropbox\Client\win32job.cp36-win32.pyd
Category=Viruses
...