Solved C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe Malware

Status
Not open for further replies.

Srinidhi

New Member
Thread author
Oct 13, 2016
7
Hello,

I tried downloading some software yesterday and ended up downloading a .zip file . After i extracted it, my Antivirus immediately detected it as malware and moved it to the chest. I immediately deleted the downloaded file but the damage had already been done.

C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe

There is a suspicious file created in the above said path which is constantly been detected by my Antivirus software. I tried manually deleting the files but it pops back again after I close and open the file location.

I read some of your earlier replies to these kind of problems and tried removing. But I was not successful in removing the malware.

So here I have attached the FRST Logs for your reference.

I have also downloaded the Zemana Antimalware suggested by you and scanned my PC. It detected many proxy settings and a few other files also.
I am also uploading the Zemana Antimalware Scan Log for your reference..

Thanking you in advance for your consideration.

Hope to get a speedy reply!
 

Attachments

  • Addition.txt
    60.1 KB · Views: 5
  • FRST.txt
    46 KB · Views: 6
  • 2016.10.14-09.31.30-i0-t92-d17.txt
    10.4 KB · Views: 3

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
adwcleaner_new.png
Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.
  • Right-click on
    adwcleaner_new.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner



FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png

  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.
 

Srinidhi

New Member
Thread author
Oct 13, 2016
7
adwcleaner_new.png
Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.
  • Right-click on
    adwcleaner_new.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner



FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png

  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.



Hello,

Thank you for your time!

I did exactly as you asked me to.. Attached are the Adwcleaner and Farbar Logs for your reference.

Even after cleaning with Adwcleaner, my PC still is detecting a lot of threats.
Hoping to get a permanent solution.

Thanks
 

Attachments

  • Addition.txt
    58 KB · Views: 4
  • AdwCleaner[C0].txt
    4.1 KB · Views: 4
  • FRST.txt
    42.8 KB · Views: 6

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

  • fixlist.txt
    2.9 KB · Views: 44

Srinidhi

New Member
Thread author
Oct 13, 2016
7
FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.



Hello,

Attached is the Fixlog file as u requested..

Thanks
 

Attachments

  • Fixlog.txt
    9.8 KB · Views: 10

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
I think I missed something.

FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png

  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.
 

Srinidhi

New Member
Thread author
Oct 13, 2016
7
I think I missed something.

FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png

  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.


Hello,

Here are the fresh Scan results.

And By the way, The file in C:\ProgramData\Microsoft\Network\Dsq\network\Sysnetwk.exe and all its contents are deleted.

No antivirus (Zemana, Adwcleaner or Avast) is detecting any threats.

Thank you for all your help!
 

Attachments

  • Addition.txt
    57.9 KB · Views: 9
  • FRST.txt
    39.7 KB · Views: 10

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Okay, final fix:


FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

  • fixlist.txt
    867 bytes · Views: 54

Srinidhi

New Member
Thread author
Oct 13, 2016
7
Hello,

Attached is the Fixlog file after the final fix.

I have also attached the fresh FRST and Addition logs as well.

Thanks
 

Attachments

  • Addition.txt
    59.1 KB · Views: 2
  • Fixlog.txt
    3.2 KB · Views: 7
  • FRST.txt
    37.7 KB · Views: 1

Srinidhi

New Member
Thread author
Oct 13, 2016
7
Yeah!!

Its awesome.. No more threats are getting detected..

Thanks a ton for all your help and time!

You Rock!! Continue with the good work!

Thanks again.
 

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Since there are no more problems, we can declare this PC clean
thumbs_up_smiley.gif


Now, we can proceed with post-cleanup procedures. Let's remove my tools and create a new, non infected restore point concurrently deleting old ones.


Step 1. - Creation of system restore point and tools removal.


Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the
    51a5ce45263de-delfix.png
    icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run and wait until the tool completes his work.
  • All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt). I don't need it for review.
Tool deletes old system restore points and creates a fresh system restore point after cleaning.


Step 2. - Tips and tricks to keep your computer clean, safe and in a good shape.


Security tips - highly recommended reading:

Maintenance tips:

Additional software that I personally use and install on all my clients devices:

  • Zemana AntiMalware (paid version highly recommended) - to work as a supplement for your antivirus but with excellent remediation and protection
  • Zemana AntiLogger - keep everything you type on keyboard out of sight of bad guys trying to steal your credantials
  • Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
  • McShield - to prevent infections spread by removable media.
  • Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.
  • CryptoPrevent - tool for protection against Cryptolocker and similar ransomware infections.
  • Adblock - to surf the web without annoying ads!
  • Qualys BrowserCheck - cloud service that scans your browsers and plugins to see if they’re all up-to-date.


My help is free for everybody.
If you're happy with the help provided and/or wish to show your appreciaton, please consider a donation:
Thank you!​



Stay safe,
TwinHeadedEagle :)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top