Search:

Can I delete old system scan logs?

If so, how can I do it?

I am running Win 7

Thanks

Yes. Category is Viruses and Rule# is SpybotAV.

...chris

The situation is the same as earlier in this thread but I now have C:\Program Files\Dropbox\Client\80.4.126\win32job.cp37-win32.pyd . Before I had C:\Program...

It disappeared from the Spybot report but has now re-appeared.

Thanks

This item has reappeared. As you can see, DropBox is used on this computer.

...chris

I add:

Win 7 SP1 fully patched

Spybot 2.7 with lasts updates

From the log:

Gen:Variant.Graftor.116528: [SBI $SpybotAV] Executable (File, nothing done)
C:\Program Files\Dropbox\Client\win32job.cp36-win32.pyd
Category=Viruses
ThreatLevel=5
...

[Thanks. Will do

I rebooted then did a system scan. The threat was, myseriously, gone.

This was on my wife's computer so may be she did something -- but she is too well "trained" to invoke SS&D without...

Edit: Gen:Variant.Graftor.116528

...chris

Excerpt from System Scan log:


Gen:Variant.Graftor.116528: [SBI $SpybotAV] Executable (File, nothing done)
C:\Program Files\Dropbox\Client\win32job.cp36-win32.pyd
Category=Viruses
...

The ticket is 2018010980000343.

I opened it on Jan 9, for my PC.

Tech Support answered on Jan 15 telling me to download an update. They had had email problems.

I did as they wrote, and...

Done

Revo:

DelFix left it behind. on the Desktop, I right-clicked on Revo's icon and chose Delete. This removed the icon, but Revo was still in Control Panel > Programs and Features. So I...

Yes I am

Directory C:\ProgramData\yes is now empty.

FileFinder is no longer listed in Control Panel > Programs and features.

fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Chris (05-09-2016 18:06:07) Run:3
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available...

My error: I saved the contents of the quote box to the wrong file name.

I have now saved to the correct file name.

Now fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x86) Version:...

SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 13:52 on 05/09/2016 by Chris
Administrator - Elevation successful

========== folderfind ==========

Searching for "FileFinder"...

fixlog.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Chris (administrator) on MOLLY (05-09-2016 10:26:18)
Running from C:\Users\Chris\Desktop
Loaded...

FileFinder still shows in Control Panel > Programs and Features. I did not try to uninstall it there, nor have I rebooted.

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Chris (administrator) on MOLLY (05-09-2016 10:26:18)
Running from C:\Users\Chris\Desktop
Loaded...

Log from EEK:

Emsisoft Emergency Kit - Version 11.9
Last update: 2016-09-05 10:15:27
User account: Molly\Chris
Computer name: MOLLY
OS version: Windows 7x86 Service Pack 1

Scan settings:

Thank you for your advice re application errors and the controller error. I will let sleeping dogs lie!

I have downloaded and run DelFix. I have deleted the leftover logs, files and tools.

Do...

I have been reading through this thread, and have a few questions:


In FRST.txt i notice that there are application errors involving wpwin16.exe (Corel WordPrefect X6) and ntdll.dll. Do you have...

Here is ESETScan.txt:

H:\DL\Cute PDF free printer driver\CuteWriter.zip a variant of

Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of

Win32/Bundled.Toolbar.Ask...

Results of Malwarebytes' Anti-Malware:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2016-09-01
Scan Time: 15:22
Logfile:
Administrator: Yes

Correction: JRT did finish eventually, with Notepad opening. The log in my previous post is what it produced.

I downloaded JRT
I exited SS&D Professional
I ran JRT
Within a few minutes, it got down to Shortcuts, and was still at Shortcuts after 20 minutes.
I exited JRT
I then thought hard about...

I have run AdwCleaner. It found 7 threats, all in HKLM\Software\Classes. I unchecked VBCore.CSharedString because VBCore is legitimate.

Here is AdwCleaner[C1].txt:

# AdwCleaner v6.010 - Logfile...

I uninstalled Expresso and Java 8 Update 40 before running FRST.

I ran FRST from desktop icon.

Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Chris (31-08-2016 22:39:38) Run:1
Running from C:\Users\Chris\Desktop...

I wrote: "BTW when I ran Firefox this time, I got a web page telling me that my PC is infected and inviting me to call a telephone number for help. When I picked SS&D forum from the History, I was...

Here is the aswMBR log file:

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-08-31 15:38:03
-----------------------------
15:38:03.522 OS Version: Windows 6.1.7601...

Additional info: I tried to uninstall FileFinder from the Control Panel. It did not uninstall. When I tried again, it told me to wait for the first uninstall to complete.

Here is FRST.txt:

Scan...

I downloaded and ran an exe, expecting to get a user manual. Instead, FileFinder icon appeared on my desktop. Also when I run Firefox, for which I normally have no home page, I see a variety of home...

Tashi,

Many thanks for you advice concerning this aspect of PC Matic.

I look forward to advice on other components of this package.

Do you recommend PC Matic?

I submitted the first file to virustotal. It found nothing odd.

I submitted the second file to virustotal. After computing the hashes, it said that this file has already been analyzed.

I...

Many thanks for the comforting words!

No. The files were created on 2012-05-25. I also checked for file and directories created on that date, across all her logical drives: very few files, and nothing suspicious. My check included system...

In the past, when I ran SS&D from the Desktop, when I clicked on Check for Problems, it offered to delete temporary files. It is not doing this today, neither on my PC nor on my wife's.

Any idea...

Thanks for replying.

This is on my wife's PC.

She does not have Rio Music Manager installed.

She is running XP SP2 with updates just prior to SP3.

Kaspersky Anti-virus is up to date and...

s30s, s38k and s3r0 files, all 30,019,808 bytes, are in the root of the G: drive. They have no extensions. They were created 10 minutes apart. No other files were created during this time period.
...

I took SS&D's recommendation: it deleted osa.exe.

Now on startup, Win2000 complains about a missing shortcut.

Has SS&D saved osa.exe for me, and if so how do I recover it?

...chris

I followed the instructions in your posting #12.

Both the MBAM and KAV scans were clean. A strange thing is that the last Event in the KAV log is on 2008-12-01 10:02:41 and says Process (PID...

Phil,

It is my wife's computer that this whole thread is about. I have no issues with mine (2000 SP4).

I really appreciate all your hard work on her behalf. It appears that Virtumonde is gone,...

Before we proceed to the final stages, there are two other issues with this PC:

1. Every few weeks, Firefox 3.0.12 aborts, a BSOD shows, and the PC reboots. This has been happening for at least...

I uninstalled SS&D 1.5 via Add/Remove Programs, accepted reboot, and installed v. 1.6.2.46, accepting all defaults and suggestions except changed D: to F:, and immunized.

I now understand more...

Phil,

I followed your instructions re HJT | "Do system scan only" with the two line items checked. With only HJT running, I clicked on "Fix Checked", and confirmed twice.

I ran ATF Cleaner,...