#1bolush
bolush
- Members
- 2 posts
- OFFLINE
- Local time:12:01 AM
Posted 12 August 2023 - 06:10 PM
Windows10 Pro x64 22H2
OS build 19045.3324
Language: English (United States)
My Computer is infected with symsrv.dll and something else because
probably hack attack
Windows10 Pro x64 22H2
OS build 19045.3324
Language: English (United States)
One day, everything started to work strangely, from day to day everything began to be worse. On the same days I received e -mail that someone attacked my computer. This person wrote that if I send $ 1,000, he would send me a few codes that will solve my problems. I was so nervous that right away I removed this email, but probably it was my great mistake, because maybe I should keep finding who was this person. Now, it's too late. I will really appreciate it if someone helps me solve this problem because I really don't want to reinstall the whole system.
I used Farbar Recovery Scan Tools to show what's going on in my computer
P.S,
My English is my second language. Sorry if I made some mistakes.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2023
Ran by Administrator (12-08-2023 16:28:12)
Running from C:\Users\Administrator\Desktop\1
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2022-05-06 19:55:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3776247228-2480708340-185590438-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3776247228-2480708340-185590438-503 - Limited - Disabled)
Guest (S-1-5-21-3776247228-2480708340-185590438-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3776247228-2480708340-185590438-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: IObit Malware Fighter (Disabled - Out of date) {72254378-B0F2-858E-E23B-921FCAC3D529}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader (HKLM\...\{4A550EAA-A580-40F9-A5A8-399E055A9672}) (Version: 4.24.4.5430 - Open Media LLC)
7-Zip 23.01 (HKLM-x32\...\7-Zip) (Version: 23.01 - Igor Pavlov)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced SystemCare Pro (HKLM-x32\...\Advanced SystemCare Pro 16.5.0.237) (Version: - )
AfroBeats VST PC 64bit installer % (HKLM-x32\...\AfroBeats VST PC 64bit installer %) (Version: 1.00 - Dj Soupamodel)
AIDA64 6.88.6400 Final (HKLM-x32\...\AIDA64 6.88.6400 Final) (Version: - )
Any Video Converter Ultimate 7.1.7 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
AOMEI Partition Assistant 10.0.0 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: 10.0.0 - AOMEI International Network Limited.)
Ashampoo Music Studio 9 (HKLM-x32\...\{91B33C97-CB2D-82D7-7D29-553878AF5424}_is1) (Version: 9.0.2 - Ashampoo GmbH & Co. KG)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.78.1094 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{D3CF17E8-ECE2-4B16-86D3-1C6B2F94BF8C}) (Version: 5.44.0 - Kovid Goyal)
Classic Paint (HKLM\...\Classic Paint_is1) (Version: 1.1 - Winaero)
Complete Internet Repair 9.1.3.6099 (HKLM\...\Complete Internet Repair_is1) (Version: 9.1.3.6099 - Rizonesoft)
Data Rescue (HKLM\...\Data Rescue_is1) (Version: 6.0.7 - Prosoft Engineering, Inc.)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 2023.01.20 - Illustrate)
DiskGenius V5.5.0 (HKLM\...\{2661F2FA-56A7-415D-8196-C4CB3D3ACFFE}_is1) (Version: - Eassos Co., Ltd.)
Driver Booster (HKLM-x32\...\IObit Driver Booster Pro 10.6.0.141) (Version: - )
Droid Transfer (HKLM-x32\...\{4B8DD9F5-30DE-4426-834C-C3D7953C1FB4}) (Version: 1.59 - Wide Angle Software)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup 15.1 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 15.1 - EaseUS)
EasyFirewall 2023 (HKLM-x32\...\5eef7c9f-3a6b-4a01-9a03-fcaf46985023_is1) (Version: 1.04 - Abelssoft)
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools)
FileZilla 3.64.0 (HKLM-x32\...\FileZilla Client) (Version: 3.64.0 - Tim Kosse)
FoneLab Video Converter Ultimate 9.3.30 (HKLM-x32\...\{6483465A-9D56-4a2d-906C-D6363658804E}_is1) (Version: 9.3.30 - FoneLab)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.9.310 - Digital Wave Ltd)
FxSound (HKLM-x32\...\DFX) (Version: 13.028 - FxSound, LLC)
GetDataBack Pro version 5.57 (HKLM\...\GetDataBack Pro Install_is1) (Version: 5.57 - Runtime Software, LLC)
GlassWire 2.3 (remove only) (HKLM-x32\...\GlassWire 2.3) (Version: 2.3.444 - SecureMix LLC)
Google Chrome (HKLM\...\{0F859613-3794-38E2-9227-DE70F2A8E8BD}) (Version: 115.0.5790.171 - Google LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IM-Magic Partition Resizer Free (HKLM-x32\...\IM_Magic_PR) (Version: - IM-Magic Inc.)
Internet Download Manager (HKLM-x32\...\IDM 6.41.14) (Version: - )
Internet Download Manager (HKLM-x32\...\IDM 6.41.9) (Version: - )
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.41.11 - Tonec Inc.)
IObit Malware Fighter Pro 10 (HKLM-x32\...\IObit Malware Fighter Pro 10.3.0.1077) (Version: - )
iTop Screen Recorder (HKLM-x32\...\iTop Screen Recorder_is1) (Version: 4.1.0.879 - iTop Inc.)
iTop Screenshot (HKLM-x32\...\iTop Screenshot_is1) (Version: 1.2.3.544 - iTop Inc.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
K-Lite Codec Pack 17.6.8 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.8 - KLCP)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Lazesoft Recovery Suite version 4.5 Professional Edition (HKLM-x32\...\LS-32CB12D5-CC47-4BC8-BC97-0613CDCB0406_is1) (Version: 4.5 - Lazesoft)
Malwarebytes version 4.5.33.272 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.33.272 - Malwarebytes)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x86) (HKLM-x32\...\{46F7B664-9497-493D-8269-C39DE0F9C7BB}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x86) (HKLM-x32\...\{56205076-5F5F-408B-A2CC-EF72BFFBC6DD}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x86) (HKLM-x32\...\{4368217D-0EEE-4612-973D-CB228B37F17A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.16626.20134 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - pl-pl (HKLM\...\ProPlus2021Retail - pl-pl) (Version: 16.0.16626.20134 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.089.0426.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.8 (x86) (HKLM-x32\...\{2EA86F1A-CE4C-4696-8B6A-556D46294B2D}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x86) (HKLM-x32\...\{95474ef5-2654-4ae1-a60a-b68931b0e10d}) (Version: 6.0.8.31518 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation)
MiniLyrics (HKLM-x32\...\MiniLyrics) (Version: 7.7.49 - Crintsoft)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 116.0.2 (x64 en-US)) (Version: 116.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 116.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Ontrack Easy Recovery Toolkit (HKLM-x32\...\Ontrack Easy Recovery Toolkit) (Version: 15.2.0 - )
Open Subtitle Editor 0.1.2 (HKLM-x32\...\{6B3208C6-D2DE-4FE8-9DAB-B58AA32F8135}_is1) (Version: 0.1.2 - Discovery Open-Source Development Group)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 87.0.4390.25 (HKU\S-1-5-21-3776247228-2480708340-185590438-500\...\Opera 87.0.4390.25) (Version: 87.0.4390.25 - Opera Software)
Opera Stable 90.0.4480.80 (HKU\S-1-5-21-3776247228-2480708340-185590438-500\...\Opera 90.0.4480.80) (Version: 90.0.4480.80 - Opera Software)
Opera Stable 99.0.4788.9 (HKU\S-1-5-21-3776247228-2480708340-185590438-500\...\Opera 99.0.4788.9) (Version: 99.0.4788.9 - Opera Software)
Pale Moon 32.3.1 (x64 en-US) (HKLM\...\Pale Moon 32.3.1 (x64 en-US)) (Version: 32.3.1 - Moonchild Productions)
PC Auto Shutdown 7.4 (HKLM-x32\...\PC Auto Shutdown_is1) (Version: 7.4 - GoldSolution Software, Inc.)
PDF Reducer 4 Professional Edition (HKLM-x32\...\{CE4A1077-67A2-4D3C-B86D-1D47CAC3A795}) (Version: 4.0.7 - Orpalis)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.74.0 - Goversoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: - )
Revo Uninstaller Pro 5.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.1.5 - VS Revo Group, Ltd.)
RoboForm 8-6-1-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-6-1-1 - Siber Systems)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.50.0 - Samsung Electronics Co., Ltd.)
Security Task Manager 2.1j (HKLM-x32\...\Security Task Manager) (Version: 2.1j - Neuber Software)
Skype (HKLM-x32\...\Skype) (Version: - )
Skype version 8.100 (HKLM-x32\...\Skype_is1) (Version: 8.100 - Skype Technologies S.A.)
SmartFix Tool (HKLM\...\SmartFix) (Version: 2.4.7 - simplix)
Snagit 2023 (HKLM\...\{8AC76153-0A4F-491F-9934-A89EC99FCFFD}) (Version: 23.0.2 - TechSmith Corporation)
Sound Normalizer 7.99.9 (HKLM-x32\...\Sound Normalizer_is1) (Version: 7.99.9 - Kanz Software)
Speedy Duplicate Finder (HKLM-x32\...\{FB695B21-537A-4C06-B138-3D79D28F6F47}) (Version: 1.4.0 - Qiplex) Hidden
Speedy Duplicate Finder (HKLM-x32\...\Speedy Duplicate Finder 1.4.0) (Version: 1.4.0 - Qiplex)
Spotify (HKU\S-1-5-21-3776247228-2480708340-185590438-500\...\Spotify) (Version: 1.2.11.916.geb595a67 - Spotify AB)
Stellar Converter for Audio Video (HKLM\...\Stellar Converter for Audio Video_is1) (Version: 3.0.0.0 - Stellar Information Technology Pvt Ltd.)
Stellar Phoenix Windows Data Recovery (HKLM-x32\...\Stellar Phoenix Windows Data Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
Subtitle Edit (HKLM\...\SubtitleEdit_is1) (Version: 3.6.12.0 - Nikse)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 10.14 - NCH Software)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB Repair 8.1.3.1285 (HKLM\...\USB Repair_is1) (Version: 8.1.3.1285 - Rizonesoft)
USB Safely Remove 6.4.2.1297 Final (HKLM-x32\...\USB Safely Remove 6.4.2.1297 Final) (Version: - )
VideoDownloaderUltimate (HKU\S-1-5-21-3776247228-2480708340-185590438-500\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.207 - Link64)
VideoProc Converter (HKLM-x32\...\VideoProc Converter) (Version: 5.7 - Digiarty, Inc.)
VLC Media Player (HKLM-x32\...\VLC Media Player 3.0.18 Final) (Version: - )
Voice Shaper 1.0 (HKLM-x32\...\Voice Shaper_is1) (Version: - Alex Shovkoplyas, VE3NEA)
Volume Normalizer Master (HKLM-x32\...\Volume Normalizer Master_is1) (Version: - A4Video)
WD Desktop App 2.1.0.335 (HKLM-x32\...\{fdd55732-32b6-4783-9b31-db9ad9f96792}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.335 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.4.407 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{1993af7f-1716-4c45-96d9-addd25881464}) (Version: 2.1.0.130 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F150F4B6-43B7-4132-9460-017057950EF9}) (Version: 2.1.0.130 - Western Digital Technologies, Inc.) Hidden
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{3014bd63-c388-4f5c-8fb5-d45d99b75f0e}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD SES Driver Setup (HKLM-x32\...\{D9ABF771-729C-471F-A6DF-1010527DB376}) (Version: 2.1.0 - Western Digital) Hidden
WhiteSmoke (HKLM-x32\...\WhiteSmoke) (Version: 1.00.9000.0 - WhiteSmoke)
Windows 11 Installation Assistant (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.2063 - Microsoft Corporation)
Windows Driver Package - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Windows Driver Package - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.26.20220609 - Xilisoft)
Zoom (HKU\S-1-5-21-3776247228-2480708340-185590438-500\...\ZoomUMX) (Version: 5.15.6 (19959) - Zoom Video Communications, Inc.)
Zoom Skype for Business Plugin (HKLM-x32\...\{2C12D973-FEA6-4EC3-BC76-938F37A6013A}) (Version: 5.13.10 - Zoom)
Packages:
=========
Bluetooth Audio Receiver -> C:\Program Files\WindowsApps\55746MarkSmirnov.BluetoothAudioReveicer_1.1.5.0_x64__xwrbx6997tsfc [2023-07-10] (Mark Smirnov)
DNS Lookup - dig nslookup -> C:\Program Files\WindowsApps\WuhanBamiTechnologyCo.Ltd.DNSLookup-dignslookup_2.2.66.0_x86__ffvv9wsshj32c [2023-07-10] (Wuhan Bami Technology Co., Ltd.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2023-07-10] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-10] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {3541E7A5-9AF2-4DCD-BF2A-97A047795B2E} - C:\Windows\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {3541E7A5-9AF2-4DCD-BF2A-97A047795B2E} - C:\Windows\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {3541E7A5-9AF2-4DCD-BF2A-97A047795B2E} => C:\Windows\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {3541E7A5-9AF2-4DCD-BF2A-97A047795B2E} => C:\Windows\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Pro\ASCExtMenu_64.dll [2023-05-08] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2022-05-29] (Notepad++ -> )
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-11] (Goversoft LLC -> )
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2023-04-27] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2023\DLLx64\SnagitShellExt64.dll [2022-12-09] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Pro\ASCExtMenu_64.dll [2023-05-08] (IObit CO., LTD -> IObit)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-11] (Goversoft LLC -> )
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2023-04-27] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Pro\ASCExtMenu_64.dll [2023-05-08] (IObit CO., LTD -> IObit)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-11] (Goversoft LLC -> )
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Pro\ASCExtMenu_64.dll [2023-05-08] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Administrator\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-16] (Mega Limited -> )
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-11] (Goversoft LLC -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2023-04-27] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2023\DLLx64\SnagitShellExt64.dll [2022-12-09] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-11] (Goversoft LLC -> )
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk -> C:
Edited by bolush, 12 August 2023 - 06:22 PM.
- Back to top
BC AdBot (Login to Remove)
- BleepingComputer.com
- Register to remove ads
#2dennis_l
dennis_l
- Malware Response Team
- 3,810 posts
- OFFLINE
- Gender:Male
- Location:UK
- Local time:05:01 AM
Posted 13 August 2023 - 10:52 AM
Hi bolush,
My name is Dennis and I will assist you with your computer problems.
Please read through these guidelines before we start.
- Back up any important data, as a precaution, before starting this process.
- If you are unsure about anything then please ask. This makes the task much easier in the long run.
- Do not run any other tools or make changes to your system during the removal process.
- Please do not start a new topic and keep all replies in this thread.
- Follow the instructions in the sequence advised.
- Copy and paste the logs into the reply. I will advise if anything needs to be added as an attachment.
- Here at Bleeping Computer we are mostly volunteers, so please be patient with us. I’ll try to respond within 24 hours. You will be advised if it is expected to be longer than 48 hours.
- Please let me know if you are going to be delayed in responding. If you do not reply after 5 days, I’ll assume you do not want to continue and will close the topic.
- Sometimes things might seem to be resolved, but there may still need to be more checks necessary, so please wait until I give the all clear.
You have provided the Addition.txt results.
Please post the contents of the FRST.txt file, which was also generated by the FRST scan.
Dennis
- Back to top
#3dennis_l
dennis_l
- Malware Response Team
- 3,810 posts
- OFFLINE
- Gender:Male
- Location:UK
- Local time:05:01 AM
Posted 13 August 2023 - 11:08 AM
Also the Addition.txt is incomplete.
Please post both files as attachments, if you are having problems with copy and paste.
- Back to top
#4dennis_l
dennis_l
- Malware Response Team
- 3,810 posts
- OFFLINE
- Gender:Male
- Location:UK
- Local time:05:01 AM
Posted 16 August 2023 - 02:23 AM
Please advise if you still need help?
It has been 3 days since my last post.
If you have not replied within the next 48 hours, I will assume that you no longer need help and this topic will be closed.
- Back to top
#5dennis_l
dennis_l
- Malware Response Team
- 3,810 posts
- OFFLINE
- Gender:Male
- Location:UK
- Local time:05:01 AM
Posted 20 August 2023 - 01:19 PM
Please note that this topic is now closed, due to the lack of feedback.
If you still have problems, would you please send me or any Moderator a Personal Message (PM), requesting that it is re-opened, within the next 5 days.
Please include a link to the topic in the Personal Message.
- Back to top
