Could someone take a look at my network and PC to ensure I am not infected.

Status
Not open for further replies.
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
A while back, I did some malware testing in a VM. The problem with this though is that I dont think I took good enough precautions against: malware escaping, and malware entering the network.
Could someone by any chance look at my network and ensure its not infected? Its my parents network and I dont want to be the reason something bad happens to the network, them, or me.
I would also like to check the computer for any infection I have accidentally caused.
 
Last edited:
  • Like
Reactions: upnorth
nasdaq

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,431
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


If you already have Malwarebytes installed just run it as suggested, If not:

Please download Malwarebytes Anti-Malware from Malwarebytes or from BleepingComputer
  • Right-click on the MBAM icon and select Run as administrator to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Once the MBAM dashboard opens, on the right detail pane click on the word %22Current%22 under the Scan Status to update the tool database.[/*]
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/*]
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/*]
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/*]
  • Note: The scan may take some time to finish, so please be patient.[/*]
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.[/*]
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/*]
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/*]
Please post the log for my review. Note: If asked to restart the computer, please do so immediately. === Please download AdwCleaner by Malwarebytes your Desktop.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Click the LogFile button and the report will open in Notepad.[/*]
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.[/*]
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Check off the element(s) you wish to keep.[/*]
  • Click on the Clean button follow the prompts.[/*]
  • A log file will automatically open after the scan has finished.[/*]
  • Please post the content of that log file with your next answer.[/*]
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).[/*]
=== Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer%27s Desktop. Ensure that you are in an Administrator Account Double-click to run it. When the tool opens click Yes to disclaimer. Check the boxes as seen here:
L7kNU5y.jpg
Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the %22more reply Options%22 button. [img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]] Attach the file(s). A 2 Steps process. Reply to this topic. Select the %22Choose a File%22 navigate to the location of the File. Click the file you wish to Attach. <- Step 1. Click Attach this file. <- Step 2. Click the Add reply button. Please post the logs for my review. Let me know what problems persists. Wait for further instructions p.s. The Farbar program is updated often. If it%27s identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided. You should restore the program from the Quarantine folder. <<<>>> ============ note to me ========== FRSTEnglish.exe is a renamed FRST.exe that allows it to output logs in English, instead of the system%27s language ==== MalwareTips REPLY --- Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer%27s Desktop. Ensure that you are in an Administrator Account Double-click to run it. When the tool opens click Yes to disclaimer. Check the boxes as seen here:
L7kNU5y.jpg
Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Please attach the logs for my review. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the %22more reply Options%22 button. [img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]] Let me know what problems persists. Wait for further instructions p.s. This program is updated often. If it%27s identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided. OR, you should restore the program from the Quarantine folder. ====']https://www.malwarebytes.com][/URL]Malwarebytes[/url] or
from BleepingComputer

  • Right-click on the MBAM icon and select Run as administrator to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.[/*]
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/*]
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/*]
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/*]
  • Note: The scan may take some time to finish, so please be patient.[/*]
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.[/*]
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/*]
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/*]
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Malwarebytes your Desktop.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Click the LogFile button and the report will open in Notepad.[/*]
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.[/*]
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Check off the element(s) you wish to keep.[/*]
  • Click on the Clean button follow the prompts.[/*]
  • A log file will automatically open after the scan has finished.[/*]
  • Please post the content of that log file with your next answer.[/*]
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).[/*]
===

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
L7kNU5y.jpg

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]

Attach the file(s). A 2 Steps process.
Reply to this topic.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach. <- Step 1.
Click Attach this file. <- Step 2.
Click the Add reply button.

Please post the logs for my review.

Let me know what problems persists.

Wait for further instructions

p.s.

The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
<<<>>>


============ note to me ==========
FRSTEnglish.exe is a renamed FRST.exe that allows it to output logs in English, instead of the system's language
====

MalwareTips REPLY ---

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
L7kNU5y.jpg

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]

Let me know what problems persists.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
 
  • Like
Reactions: upnorth
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
nasdaq said:
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


If you already have Malwarebytes installed just run it as suggested, If not:

Please download Malwarebytes Anti-Malware from Malwarebytes or from BleepingComputer
  • Right-click on the MBAM icon and select Run as administrator to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Once the MBAM dashboard opens, on the right detail pane click on the word %22Current%22 under the Scan Status to update the tool database.[/*]
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/*]
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/*]
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/*]
  • Note: The scan may take some time to finish, so please be patient.[/*]
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.[/*]
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/*]
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/*]
Please post the log for my review. Note: If asked to restart the computer, please do so immediately. === Please download AdwCleaner by Malwarebytes your Desktop.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Click the LogFile button and the report will open in Notepad.[/*]
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.[/*]
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Check off the element(s) you wish to keep.[/*]
  • Click on the Clean button follow the prompts.[/*]
  • A log file will automatically open after the scan has finished.[/*]
  • Please post the content of that log file with your next answer.[/*]
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).[/*]
=== Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer%27s Desktop. Ensure that you are in an Administrator Account Double-click to run it. When the tool opens click Yes to disclaimer. Check the boxes as seen here:
L7kNU5y.jpg
Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the %22more reply Options%22 button. [img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]] Attach the file(s). A 2 Steps process. Reply to this topic. Select the %22Choose a File%22 navigate to the location of the File. Click the file you wish to Attach. <- Step 1. Click Attach this file. <- Step 2. Click the Add reply button. Please post the logs for my review. Let me know what problems persists. Wait for further instructions p.s. The Farbar program is updated often. If it%27s identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided. You should restore the program from the Quarantine folder. <<<>>> ============ note to me ========== FRSTEnglish.exe is a renamed FRST.exe that allows it to output logs in English, instead of the system%27s language ==== MalwareTips REPLY --- Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer%27s Desktop. Ensure that you are in an Administrator Account Double-click to run it. When the tool opens click Yes to disclaimer. Check the boxes as seen here:
L7kNU5y.jpg
Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Please attach the logs for my review. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the %22more reply Options%22 button. [img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]] Let me know what problems persists. Wait for further instructions p.s. This program is updated often. If it%27s identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided. OR, you should restore the program from the Quarantine folder. ====']https://www.malwarebytes.com][/URL]Malwarebytes[/url] or
from BleepingComputer

  • Right-click on the MBAM icon and select Run as administrator to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.[/*]
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/*]
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/*]
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/*]
  • Note: The scan may take some time to finish, so please be patient.[/*]
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.[/*]
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/*]
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/*]
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Malwarebytes your Desktop.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Click the LogFile button and the report will open in Notepad.[/*]
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.[/*]
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.[/*]
  • Double click on AdwCleaner.exe to run the tool.[/*]
  • Click the Scan button and wait for the process to complete.[/*]
  • Check off the element(s) you wish to keep.[/*]
  • Click on the Clean button follow the prompts.[/*]
  • A log file will automatically open after the scan has finished.[/*]
  • Please post the content of that log file with your next answer.[/*]
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).[/*]
===

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
L7kNU5y.jpg

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]

Attach the file(s). A 2 Steps process.
Reply to this topic.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach. <- Step 1.
Click Attach this file. <- Step 2.
Click the Add reply button.

Please post the logs for my review.

Let me know what problems persists.

Wait for further instructions

p.s.

The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
<<<>>>


============ note to me ==========
FRSTEnglish.exe is a renamed FRST.exe that allows it to output logs in English, instead of the system's language
====

MalwareTips REPLY ---

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
L7kNU5y.jpg

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]

Let me know what problems persists.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
Click to expand...
I am currently at school. When I get home, I will do this, thank you.
 
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
Hello, here are the files:
The malware Malwarebytes detected was **probably** a malware sample I was using for testing and was not a infection.
 

Attachments

  • FRST.txt
    69.3 KB · Views: 3
  • AdwCleaner[S01].txt
    4 KB · Views: 4
  • Malwarebytes.txt
    1.4 KB · Views: 7
Last edited:
nasdaq

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,431
Hi,

In order to do a complete check I need to see the Addition.txt log that was created by the Farbar program.
You will find it in the C:\Users\vanar\Downloads folder.
 
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
nasdaq said:
Hi,

In order to do a complete check I need to see the Addition.txt log that was created by the Farbar program.
You will find it in the C:\Users\vanar\Downloads folder.
Click to expand...
Ok, I’ll supply it once I get home from school.
 
nasdaq

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,431
Hi,

In my opinion you are very well protected with Kaspersky.

AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

I suggest you disable Sophos protection while Kaspersky is enabled. Having both Enabled simultaneously will only slow down your computer.

AV: Sophos Intercept X (Enabled - Up to date) {4743D250-2B3A-D88E-89A5-EEB3104F258F}
FW: Sophos Intercept X (Enabled) {7F785375-6155-D9D6-A2FA-4786EE9C62F4}
<<<>>>

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.
 

Attachments

  • Fixlist.txt
    4.6 KB · Views: 3
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
nasdaq said:
Hi,

In my opinion you are very well protected with Kaspersky.

AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

I suggest you disable Sophos protection while Kaspersky is enabled. Having both Enabled simultaneously will only slow down your computer.

AV: Sophos Intercept X (Enabled - Up to date) {4743D250-2B3A-D88E-89A5-EEB3104F258F}
FW: Sophos Intercept X (Enabled) {7F785375-6155-D9D6-A2FA-4786EE9C62F4}
<<<>>>

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.
Click to expand...
Sophos is not installed, I do not understand why it it showing up, it could possibly be a trace?

I will provide the fixlog.txt later today.
 
nasdaq

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,431
Hi,

Remove these programs in bold using the Control Panel > Programs > Programs and Features...

AV: Sophos Intercept X (Enabled - Up to date) {4743D250-2B3A-D88E-89A5-EEB3104F258F}
FW: Sophos Intercept X (Enabled) {7F785375-6155-D9D6-A2FA-4786EE9C62F4}

If the programs have already been deleted the keys are still linsted in the Registry.

You will need to do he removal Manually.
How to Manually Remove Program Entries from the Apps & Features List

Follow the directives listed here.
www.majorgeeks.com

How to Manually Remove Program Entries from the Apps & Features List - MajorGeeks

There may come a time when you find that you've uninstalled a program in Apps & Features (Windows 10) or AddRemove Programs (Windows XP, 7, Vista, 8) but the entry is still there. This problem happens when a registry entry wasn't correctly removed during the uninstall.
www.majorgeeks.com

Restart tha the computer normally when completed.

p.s.
The is no arm done is you keep them. Nothing bad can come of it.
 
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
nasdaq said:
Hi,

Remove these programs in bold using the Control Panel > Programs > Programs and Features...

AV: Sophos Intercept X (Enabled - Up to date) {4743D250-2B3A-D88E-89A5-EEB3104F258F}
FW: Sophos Intercept X (Enabled) {7F785375-6155-D9D6-A2FA-4786EE9C62F4}

If the programs have already been deleted the keys are still linsted in the Registry.

You will need to do he removal Manually.
How to Manually Remove Program Entries from the Apps & Features List

Follow the directives listed here.
www.majorgeeks.com

How to Manually Remove Program Entries from the Apps & Features List - MajorGeeks

There may come a time when you find that you've uninstalled a program in Apps & Features (Windows 10) or AddRemove Programs (Windows XP, 7, Vista, 8) but the entry is still there. This problem happens when a registry entry wasn't correctly removed during the uninstall.
www.majorgeeks.com

Restart tha the computer normally when completed.

p.s.
The is no arm done is you keep them. Nothing bad can come of it.
Click to expand...
Hello, I am probably going to keep them and not have to go through the hassle of removing them as it shouldnt interfere with Kaspersky or other security software in any other way.
Are there any other issues I need to tackle, or do you think I am in the clear?
 
nasdaq

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,431
Hi,

I will keep this topic open for 6 days. Should you see something strange just call.
 
  • Like
Reactions: Jonny Quest
nasdaq

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,431
Hi,

Yes!

If this is to get you at ease run this one time Scan.
Sophos Virus Removal Tool

Please download Sophos Virus Removal Tool and save it to your computer's Desktop.
  • Right-click the icon and select Run as administrator.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Click the Next button.[/*]
  • Select 'I accept the terms in the license agreement', then click Next twice.[/*]
  • Click the Install button and wait until the installation is complete.[/*]
  • Click the Finish button. The tool created a shortcut icon on the Desktop of your computer.[/*]
  • Now, double-click the Sophos Virus Removal Tool shortcut icon to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug your Internet cable connection.[/*]
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.[/*]
    • Temporarily disable your anti-virus and real-time anti-spyware protection.[/*]
    [/*]
  • Click the "Start Scanning" button in the lower right to start the scan.[/*]
  • After starting the scan, do not use the computer until the scan has completed.[/*]
  • When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.[/*]
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.[/*]
  • If any threats are found click Details, then View Log file (bottom left-hand corner).[/*]
  • Copy and paste its contents in your next reply and note any errors encountered.[/*]
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup.[/*]
  • Click Exit to close the program.[/*]
  • If no threats were found, please confirm that result.[/*]
Note: Whenever necessary, the log will be in the following location:

Windows Vista and above:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log

Please post the contents of the log in your next reply and note any errors encountered.
==
 
Status
Not open for further replies.

Similar threads

Xeno1234
  • Locked
Need to check network and computer for malware.
Replies
15
Views
914
Windows Malware Removal Help & Support
nasdaq
nasdaq
F
  • Locked
I think my computer is infected and i need help solving it.
Replies
8
Views
528
Windows Malware Removal Help & Support
nasdaq
nasdaq
Looking4Loser
Waiting for reply Please help me my iPhone is infected
Replies
0
Views
659
Mobile Malware Removal Help & Support
Looking4Loser
Looking4Loser

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top