Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tens of times a day EICAR-Test-File (not a virus) - But is true?


  • Please log in to reply
No replies to this topic

#1 ilMike

ilMike

  • Members
  • 1 posts
  • OFFLINE
  •  

Posted 12 December 2015 - 05:00 PM

Hi guys, I have an issue similar to the one discussed in this topic. Every day, tens of times a day, bitdefender detect all this temp files EICAR-Test-File (not a virus)...

Everything start while I was looking for a torrent, but I have been tricked by the wrong one. From that moment, I wasn't able to stop this problem... scan on scan, this, those and that... Nothing. Every day there are these files that multiply constantly.
I'm using windows 10, thanks for your help.

 

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender                     
Bitdefender Antivirus Free Edition   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 65  
 Java version 32-bit out of Date! 
 Adobe Flash Player 19.0.0.226  
 Adobe Reader XI  
 Mozilla Firefox (42.0) 
 Google Chrome (47.0.2526.73) 
 Google Chrome (47.0.2526.80) 
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Antivirus Free Edition gzserv.exe  
 Bitdefender Antivirus Free Edition gziface.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 

****************************************************************
****************************************************************
****************************************************************
 
Farbar Service Scanner Version: 10-06-2014
Ran by C (administrator) on 12-12-2015 at 09:47:26
Running from "C:\Users\C\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
****************************************************************
****************************************************************
****************************************************************
 

Rkill 2.8.3 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/12/2015 06:37:57 PM in x64 mode.
Windows Version: Windows 10 Pro 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * HdAudAddService [Missing Service]
 
 * gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
  0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
  0.0.0.0 media.opencandy.com
  0.0.0.0 cdn.opencandy.com
  0.0.0.0 tracking.opencandy.com
  0.0.0.0 api.opencandy.com
  0.0.0.0 api.recommendedsw.com
  0.0.0.0 installer.betterinstaller.com
  0.0.0.0 installer.filebulldog.com
  0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
  0.0.0.0 inno.bisrv.com
  0.0.0.0 nsis.bisrv.com
  0.0.0.0 cdn.file2desktop.com
  0.0.0.0 cdn.goateastcach.us
  0.0.0.0 cdn.guttastatdk.us
  0.0.0.0 cdn.inskinmedia.com
  0.0.0.0 cdn.insta.oibundles2.com
  0.0.0.0 cdn.insta.playbryte.com
  0.0.0.0 cdn.llogetfastcach.us
  0.0.0.0 cdn.montiera.com
 
  20 out of 35 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 12/12/2015 06:38:13 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)
****************************************************************
****************************************************************
****************************************************************
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Data scansione: 12/12/2015
Ora scansione: 09:50
File di log: anti.txt
Amministratore: Sì
 
Versione: 2.2.0.1024
Database malware: v2015.12.12.01
Database rootkit: v2015.12.07.01
Licenza: Periodo di prova
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Auto-protezione: Disattivata
 
SO: Windows 10
CPU: x64
File system: NTFS
Utente: C
 
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 448104
Tempo impiegato: 14 min, 41 sec
 
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata
 
Processi: 0
(Nessun elemento nocivo rilevato)
 
Moduli: 0
(Nessun elemento nocivo rilevato)
 
Chiavi di registro: 0
(Nessun elemento nocivo rilevato)
 
Valori di registro: 0
(Nessun elemento nocivo rilevato)
 
Dati di registro: 0
(Nessun elemento nocivo rilevato)
 
Cartelle: 0
(Nessun elemento nocivo rilevato)
 
File: 1
PUP.Optional.InstallCore, C:\Users\C\Downloads\installer.zip, In quarantena, [c76ab4f087041e18b8620f3fc53c7f81], 
 
Settori fisici: 0
(Nessun elemento nocivo rilevato)
 
 
(end)
****************************************************************
****************************************************************
****************************************************************
 
# AdwCleaner v5.024 - Creato file registro eventi 11/12/2015 in 09:54:20
# Aggiornato 07/12/2015 da Xplode
# Database : 2015-12-07.3 [Server]
# Sistema operativo : Windows 10 Pro  (x64)
# Nome utente : C - MICHAEL
# In esecuzione da : C:\Users\C\Downloads\adwcleaner_5.024.exe
# Opzione : Pulizia
 
***** [ Servizi ] *****
 
 
***** [ Cartelle ] *****
 
[-] Cartella Eliminato : C:\Program Files (x86)\eSupport.com
[-] Cartella Eliminato : C:\Program Files (x86)\pc speed up
[-] Cartella Eliminato : C:\ProgramData\apn
[-] Cartella Eliminato : C:\Users\C\AppData\LoCal\eSupport.com
[-] Cartella Eliminato : C:\Users\C\AppData\LoCal\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
[-] Cartella Eliminato : C:\Users\C\AppData\Roaming\Nosibay
[-] Cartella Eliminato : C:\Users\C\AppData\Roaming\Store
[-] Cartella Eliminato : C:\Users\C\AppData\Roaming\WTools
[-] Cartella Eliminato : C:\Users\C\DoCuments\PCSpeedUp
[#] Cartella Eliminato : C:\WINDOWS\SysNative\Tasks\Boost
 
***** [ File ] *****
 
[-] File Eliminato : C:\END
[-] File Eliminato : C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Eliminato : C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage
[-] File Eliminato : C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ocdn01.topsmartdeals.com_0.localstorage
[-] File Eliminato : C:\Users\C\AppData\Roaming\Bubble Dock.boostrap.log
[-] File Eliminato : C:\Users\C\AppData\Roaming\Bubble Dock.installation.log
[-] File Eliminato : C:\Users\C\AppData\Roaming\Selection Tools.installation.log
[-] File Eliminato : C:\Users\C\AppData\Roaming\WindApp.boostrap.log
[-] File Eliminato : C:\Users\C\AppData\Roaming\WindApp.installation.log
[-] File Eliminato : C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\ZHfiTEJ8.default\user.js
 
***** [ DLLs ] *****
 
 
***** [ Collegamenti ] *****
 
 
***** [ Attività pianificate ] *****
 
[-] Attività Eliminata : PC SpeedUp Service Deactivator
 
***** [ Registry ] *****
 
[-] Chiave Eliminata : HKLM\SOFTWARE\Classes\PCSU.Registry
[-] Chiave Eliminata : HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ospd_us_013010155]
[-] Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Chiave Eliminata : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Chiave Eliminata : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Chiave Eliminata : HKCU\Software\eSupport.com
[-] Chiave Eliminata : HKCU\Software\Nosibay
[-] Chiave Eliminata : HKCU\Software\Store
[-] Chiave Eliminata : HKCU\Software\WTools
[-] Chiave Eliminata : HKCU\Software\DAILYPCCLEAN
[-] Chiave Eliminata : HKCU\Software\OB
[-] Chiave Eliminata : HKCU\Software\tstamptoken
[-] Chiave Eliminata : HKLM\SOFTWARE\SpaceSondPro
[-] Chiave Eliminata : [x64] HKLM\SOFTWARE\Speedchecker Limited
[-] Chiave Eliminata : HKU\.DEFAULT\Software\AskPartnerNetwork
 
***** [ Browser web ] *****
 
[-] [C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\ZHfiTEJ8.default\prefs.js] [Preference] Eliminata : user_pref("network.hxxp.request.max-start-delay", 0);
 
*************************
 
:: Chiavi "Tracing" eliminatas
:: Impostazioni Winsock azzerate
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3747 byte] ##########

****************************************************************
****************************************************************
****************************************************************
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Pro x64 
Ran by C (Administrator) on 12/12/2015 at 18:56:09,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 26 
 
Successfully deleted: C:\ProgramData\1418677942.1524.bin (File) 
Successfully deleted: C:\ProgramData\1418677942.2124.bin (File) 
Successfully deleted: C:\ProgramData\1418677942.2852.bin (File) 
Successfully deleted: C:\ProgramData\1418677942.4328.bin (File) 
Successfully deleted: C:\ProgramData\1418677942.5044.bin (File) 
Successfully deleted: C:\ProgramData\1418677942.5504.bin (File) 
Successfully deleted: C:\ProgramData\1418677942.5540.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.3772.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.3796.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.4944.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.4968.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.5000.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.5300.bin (File) 
Successfully deleted: C:\ProgramData\1418678511.5616.bin (File) 
Successfully deleted: C:\ProgramData\1418678768.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\C\AppData\Local\{61EAA540-47F8-4968-AECE-5A7E5E9453F9} (Empty Folder)
Successfully deleted: C:\Users\C\AppData\Local\{F1AF794A-01A3-464F-BC68-5E53071333AD} (Empty Folder)
Successfully deleted: C:\Users\C\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\C\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\C\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC © (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_C (Task)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_C.job (Task) 
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/12/2015 at 19:00:12,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


****************************************************************
****************************************************************
****************************************************************
 

2015-12-12 18:04:11.547 Sophos Virus Removal Tool version 2.5.5
2015-12-12 18:04:11.547 Copyright © 2009-2014 Sophos Limited. All rights reserved.
 
2015-12-12 18:04:11.547 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
 
2015-12-12 18:04:11.547 Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 WOW64
2015-12-12 18:04:11.547 Checking for updates...
2015-12-12 18:04:11.555 Update progress: proxy server not available
2015-12-12 18:04:15.338 Downloading updates...
2015-12-12 18:04:15.340 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2015-12-12 18:04:15.340 Update progress: [I49502] Found supplement SAVIW32 LATEST 
2015-12-12 18:04:15.341 Update progress: [I49502] Found supplement IDE523 LATEST 
2015-12-12 18:04:15.341 Update progress: [I49502] Found supplement IDE524 LATEST 
2015-12-12 18:04:15.341 Update progress: [I49502] Found supplement IDE525 LATEST 
2015-12-12 18:04:15.341 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-12-12 18:04:15.341 Update progress: [I19463] Syncing product SAVIW32 63
2015-12-12 18:04:15.577 Update progress: [I19463] Syncing product IDE523 121
2015-12-12 18:04:15.642 Installing updates...
2015-12-12 18:04:17.349 Option all = no
2015-12-12 18:04:45.668 Update progress: [I19463] Syncing product IDE524 24
2015-12-12 18:04:45.668 Update progress: [I19463] Syncing product IDE525 1
2015-12-12 18:04:50.666 Option recurse = yes
2015-12-12 18:04:50.666 Option archive = no
2015-12-12 18:04:50.666 Option service = yes
2015-12-12 18:04:50.666 Option confirm = yes
2015-12-12 18:04:50.666 Option sxl = yes
2015-12-12 18:04:50.666 Option max-data-age = 35
2015-12-12 18:04:50.666 Option EnableSafeClean = yes
2015-12-12 18:04:50.666 Option vdl-logging = yes
2015-12-12 18:04:50.666 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-12-12 18:04:50.666 Machine ID: 42ec5d38aa424f36a60c65d57c43cffb
2015-12-12 18:04:50.666 Component SVRTcli.exe version 2.5.5
2015-12-12 18:04:50.666 Component control.dll version 2.5.5
2015-12-12 18:04:50.667 Component SVRTservice.exe version 2.5.5
2015-12-12 18:04:50.667 Component engine\osdp.dll version 1.44.1.2230
2015-12-12 18:04:50.667 Component engine\veex.dll version 3.63.0.2230
2015-12-12 18:04:50.667 Component engine\savi.dll version 9.0.0.2230
2015-12-12 18:04:50.667 Component rkdisk.dll version 1.5.30.0
2015-12-12 18:04:50.667 Version info: Product version 2.5.5
2015-12-12 18:04:50.667 Version info: Detection engine 3.63.0
2015-12-12 18:04:50.667 Version info: Detection data 5.22
2015-12-12 18:04:50.667 Version info: Build date 08/12/2015
2015-12-12 18:04:50.667 Version info: Data files added 143
2015-12-12 18:04:50.667 Version info: Last successful update (not yet updated)
2015-12-12 18:04:50.667 Error level 1
2015-12-12 18:05:00.299 Update successful
2015-12-12 18:05:10.931 Option all = no
2015-12-12 18:05:10.931 Option recurse = yes
2015-12-12 18:05:10.931 Option archive = no
2015-12-12 18:05:10.931 Option service = yes
2015-12-12 18:05:10.931 Option confirm = yes
2015-12-12 18:05:10.931 Option sxl = yes
2015-12-12 18:05:10.932 Option max-data-age = 35
2015-12-12 18:05:10.932 Option EnableSafeClean = yes
2015-12-12 18:05:11.477 Option vdl-logging = yes
2015-12-12 18:05:11.479 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-12-12 18:05:11.479 Machine ID: 42ec5d38aa424f36a60c65d57c43cffb
2015-12-12 18:05:11.480 Component SVRTcli.exe version 2.5.5
2015-12-12 18:05:11.480 Component control.dll version 2.5.5
2015-12-12 18:05:11.480 Component SVRTservice.exe version 2.5.5
2015-12-12 18:05:11.480 Component engine\osdp.dll version 1.44.1.2230
2015-12-12 18:05:11.480 Component engine\veex.dll version 3.63.0.2230
2015-12-12 18:05:11.480 Component engine\savi.dll version 9.0.0.2230
2015-12-12 18:05:11.480 Component rkdisk.dll version 1.5.30.0
2015-12-12 18:05:11.480 Version info: Product version 2.5.5
2015-12-12 18:05:11.481 Version info: Detection engine 3.63.0
2015-12-12 18:05:11.481 Version info: Detection data 5.22
2015-12-12 18:05:11.481 Version info: Build date 08/12/2015
2015-12-12 18:05:11.481 Version info: Data files added 143
2015-12-12 18:05:11.481 Version info: Last successful update 12/12/2015 19:05:00
 
2015-12-12 19:04:36.741 Could not open C:\Boot\BCD
2015-12-12 19:05:37.569 Could not open C:\hiberfil.sys
2015-12-12 19:06:34.273 Could not open C:\pagefile.sys
2015-12-12 19:36:10.296 >>> Virus 'Mal/VMProtBad-A' found in file C:\Program Files (x86)\Project CARS\steam_api.dll
2015-12-12 19:40:11.896 Could not open C:\swapfile.sys
2015-12-12 19:40:12.323 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-12-12 19:40:12.323 Could not open C:\System Volume Information\{9ba3b7d2-9992-11e5-bf2d-5404a68aaaed}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-12-12 19:40:12.324 Could not open C:\System Volume Information\{be9d879b-a0f8-11e5-bf34-5404a68aaaed}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-12-12 19:40:12.324 Could not open C:\System Volume Information\{c543a382-9cf9-11e5-bf30-5404a68aaaed}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-12-12 19:40:12.324 Could not open C:\System Volume Information\{c543a3b5-9cf9-11e5-bf30-5404a68aaaed}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-12-12 19:41:37.041 Could not open C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Current Session
2015-12-12 19:41:37.042 Could not open C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2015-12-12 19:41:37.160 Could not check C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOCK (virus scan failed)
2015-12-12 19:41:37.243 Could not check C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2015-12-12 19:41:43.986 Could not check C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK (virus scan failed)
2015-12-12 19:41:44.067 Could not check C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)
2015-12-12 19:42:07.991 Could not check C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)
2015-12-12 19:42:08.383 Could not check C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2015-12-12 19:47:34.913 Could not open C:\Users\C\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCache\perUserCache_00030000AFDA473B\ec6dd137-8653-4a3c-9b4a-6c840eea5579
2015-12-12 20:03:04.949 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-12-12 20:03:04.949 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-12-12 20:03:08.798 Could not open C:\Windows\System32\config\BBI
2015-12-12 20:03:08.905 Could not open C:\Windows\System32\config\DRIVERS
2015-12-12 20:03:08.938 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-12-12 20:03:08.946 Could not open C:\Windows\System32\config\RegBack\SAM
2015-12-12 20:03:08.947 Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-12-12 20:03:08.948 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-12-12 20:03:08.949 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-12-12 20:23:26.505 The following items will be cleaned up:
2015-12-12 20:23:26.505 Mal/VMProtBad-A
2015-12-12 21:24:54.738 Threat 'Mal/VMProtBad-A' has been cleaned up.
2015-12-12 21:24:54.757 File "C:\Program Files (x86)\Project CARS\steam_api.dll" belongs to malware 'Mal/VMProtBad-A'.
2015-12-12 21:24:54.757 File "C:\Program Files (x86)\Project CARS\steam_api.dll" has been cleaned up.
2015-12-12 21:24:54.757 Removal successful
2015-12-12 21:24:54.990 Contents of SafeClean bin directory:
2015-12-12 21:24:55.004 {
2015-12-12 21:24:55.004    RecordID   : "0000000000000001",
2015-12-12 21:24:55.004    ItemType   : "1",
2015-12-12 21:24:55.004    Location   : "C:\Program Files (x86)\Project CARS\",
2015-12-12 21:24:55.004    FileName   : "steam_api.dll",
2015-12-12 21:24:55.005    ThreatName : "Mal/VMProtBad-A",
2015-12-12 21:24:55.005    Checksum   : "b3f4341e9286a298ad1c4f6ad1deb148a24c91b6c54c09f4dd76b18988ebe8de",
2015-12-12 21:24:55.005    TimeStamp  : "Sat Dec 12 22:24:47 2015"
2015-12-12 21:24:55.005 }
2015-12-12 21:24:55.548 Error level 0
 
2015-12-12 21:25:05.920 Scan completed.
2015-12-12 21:25:05.920
 
------------------------------------------------------------
 
2015-12-12 21:30:30.484 Sophos Virus Removal Tool version 2.5.5
2015-12-12 21:30:30.484 Copyright © 2009-2014 Sophos Limited. All rights reserved.
 
2015-12-12 21:30:30.484 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
 
2015-12-12 21:30:30.484 Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 WOW64
2015-12-12 21:30:30.484 Checking for updates...
2015-12-12 21:30:30.500 Update progress: proxy server not available
2015-12-12 21:30:42.633 Option all = no
2015-12-12 21:30:42.633 Option recurse = yes
2015-12-12 21:30:42.633 Option archive = no
2015-12-12 21:30:42.633 Option service = yes
2015-12-12 21:30:42.633 Option confirm = yes
2015-12-12 21:30:42.633 Option sxl = yes
2015-12-12 21:30:42.633 Option max-data-age = 35
2015-12-12 21:30:42.633 Option EnableSafeClean = yes
2015-12-12 21:30:44.289 Option vdl-logging = yes
2015-12-12 21:30:44.367 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-12-12 21:30:44.367 Machine ID: 42ec5d38aa424f36a60c65d57c43cffb
2015-12-12 21:30:44.570 Component SVRTcli.exe version 2.5.5
2015-12-12 21:30:44.570 Component control.dll version 2.5.5
2015-12-12 21:30:44.586 Component SVRTservice.exe version 2.5.5
2015-12-12 21:30:44.586 Component engine\osdp.dll version 1.44.1.2230
2015-12-12 21:30:44.586 Component engine\veex.dll version 3.63.0.2230
2015-12-12 21:30:44.586 Component engine\savi.dll version 9.0.0.2230
2015-12-12 21:30:44.711 Component rkdisk.dll version 1.5.30.0
2015-12-12 21:30:44.711 Version info: Product version 2.5.5
2015-12-12 21:30:44.711 Version info: Detection engine 3.63.0
2015-12-12 21:30:44.711 Version info: Detection data 5.22
2015-12-12 21:30:44.711 Version info: Build date 08/12/2015
2015-12-12 21:30:44.711 Version info: Data files added 143
2015-12-12 21:30:44.711 Version info: Last successful update 12/12/2015 19:05:00
2015-12-12 21:30:52.511 Downloading updates...
2015-12-12 21:30:52.527 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2015-12-12 21:30:52.527 Update progress: [I49502] Found supplement SAVIW32 LATEST 
2015-12-12 21:30:52.527 Update progress: [I49502] Found supplement IDE523 LATEST 
2015-12-12 21:30:52.527 Update progress: [I49502] Found supplement IDE524 LATEST 
2015-12-12 21:30:52.527 Update progress: [I49502] Found supplement IDE525 LATEST 
2015-12-12 21:30:52.527 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-12-12 21:30:52.527 Update progress: [I19463] Syncing product SAVIW32 63
2015-12-12 21:30:52.527 Update progress: [I19463] Syncing product IDE523 121
2015-12-12 21:30:52.917 Update progress: [I19463] Syncing product IDE524 25
2015-12-12 21:30:53.042 Installing updates...
2015-12-12 21:30:53.708 Error level 1
2015-12-12 21:30:53.833 Update progress: [I19463] Syncing product IDE525 1
2015-12-12 21:30:53.911 Update successful
2015-12-12 21:30:59.965 Option all = no
2015-12-12 21:30:59.965 Option recurse = yes
2015-12-12 21:30:59.965 Option archive = no
2015-12-12 21:30:59.966 Option service = yes
2015-12-12 21:30:59.966 Option confirm = yes
2015-12-12 21:30:59.966 Option sxl = yes
2015-12-12 21:30:59.967 Option max-data-age = 35
2015-12-12 21:30:59.967 Option EnableSafeClean = yes
2015-12-12 21:31:00.604 Option vdl-logging = yes
2015-12-12 21:31:00.626 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-12-12 21:31:00.626 Machine ID: 42ec5d38aa424f36a60c65d57c43cffb
2015-12-12 21:31:00.627 Component SVRTcli.exe version 2.5.5
2015-12-12 21:31:00.627 Component control.dll version 2.5.5
2015-12-12 21:31:00.627 Component SVRTservice.exe version 2.5.5
2015-12-12 21:31:00.628 Component engine\osdp.dll version 1.44.1.2230
2015-12-12 21:31:00.628 Component engine\veex.dll version 3.63.0.2230
2015-12-12 21:31:00.628 Component engine\savi.dll version 9.0.0.2230
2015-12-12 21:31:00.629 Component rkdisk.dll version 1.5.30.0
2015-12-12 21:31:00.629 Version info: Product version 2.5.5
2015-12-12 21:31:00.629 Version info: Detection engine 3.63.0
2015-12-12 21:31:00.629 Version info: Detection data 5.22
2015-12-12 21:31:00.629 Version info: Build date 08/12/2015
2015-12-12 21:31:00.629 Version info: Data files added 144
2015-12-12 21:31:00.629 Version info: Last successful update 12/12/2015 22:30:53
 

 





 

 



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users