crypyofiles20202020 runsomware removal

Status
Not open for further replies.

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: Customer Support & Help Center | Malwarebytes
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-30-2020
# Duration: 00:00:05
# OS: Windows 7 Home Premium
# Cleaned: 116
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\SimilarSites
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\ProgramData\AVG Secure Search
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\dtdata
Deleted C:\Users\Eman Shafik S hafie\AppData\Local\DownloadManager
Deleted C:\Users\Eman Shafik S hafie\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Eman Shafik S hafie\AppData\Local\avg web tuneup
Deleted C:\Users\Eman Shafik S hafie\AppData\Roaming\337
Deleted C:\Users\Eman Shafik S hafie\AppData\Roaming\eType
Deleted C:\Users\Public\Documents\Guid
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

Deleted C:\Users\Eman Shafik S hafie\daemonprocess.txt
Deleted C:\Users\Public\Desktop\eBay.lnk
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\535588d1e568b941
Deleted HKCU\Software\APN PIP
Deleted HKCU\Software\AppDataLow\Software\RewardsArcadeSuite
Deleted HKCU\Software\AppDataLow\Toolbar
Deleted HKCU\Software\BackgroundContainer
Deleted HKCU\Software\Bitberry
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6565F37-655B-4C9E-AA5F-0307AC976ED4}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0001612C-7A4C-413E-AE24-A0533160057F}
Deleted HKCU\Software\Mozilla\Extends
Deleted HKCU\Software\ParetoLogic
Deleted HKCU\Software\V9
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted HKLM\Software\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Deleted HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Deleted HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Deleted HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Deleted HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Deleted HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Deleted HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Deleted HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Deleted HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Deleted HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Deleted HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Deleted HKLM\Software\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Deleted HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Deleted HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Deleted HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataController
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataController.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController.1
Deleted HKLM\Software\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Deleted HKLM\Software\Wow6432Node\535588d1e568b941
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\ParetoLogic
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Deleted HKLM\Software\Wow6432Node\hdcode
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-21-1851422913-262041211-1854196646-1000\Software\AppDataLow\Software\RewardsArcadeSuite

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted ZenSearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [16090 octets] - [30/07/2020 14:49:33]
AdwCleaner[S01].txt - [16152 octets] - [30/07/2020 14:53:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
 

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
The user account is gone. You executed the fix twice. The first removed it and the second couldn't find it anymore.

this means that the other account named wBzcwBE has gone?
 
  • Like
Reactions: upnorth

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
this means that the other account named wBzcwBE has gone?

Yes, the account is gone. It doesn't show in the Addition.txt anymore.
We are almost there.

ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.
  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your Anti-Virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme.
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click List found threats...
  • Click Export and save the file to your Desktop, naming it something such as "ESET Scan".
  • Click the Back button.
  • Note: If no threats were found, there will be no log to save.
  • Place a checkmark next to Uninstall application on close and click finish.
  • Re-enable your Anti-Virus software.
  • Attach the log in your next reply.
 

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
Please do not browse the Internet whilst your Anti-Virus is disabled.
i don't disable it, it works all the time.
 

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
I found my McAfee program had stopped and i didn't find it on the desktop so i installed it again
 

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
Click Start.
i have done all the steps until this step then it told me that there is unexpected error 101 had occurred??? i tried again but also the same message. i didn't find the antivirus to disable it so i didn't do this step which is disabling the antivirus
 

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
Links are marked green here. I copied instructions below:

Disable McAfee Antivirus
Please navigate to the system tray on the bottom right hand corner and look for a
mcafee.png
sign.
  • Right-click it -> chose "Exit."
  • A popup will warn that protection will now be disabled. Click on "Yes" to disable the Antivirus guard.

ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.
  • Double-click esetsmartinstaller_enu.exe to run the programme.
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click List found threats...
  • Click Export and save the file to your Desktop, naming it something such as "ESET Scan".
  • Click the Back button.
  • Note: If no threats were found, there will be no log to save.
  • Place a checkmark next to Uninstall application on close and click finish.
  • Re-enable your Anti-Virus software.
  • Attach the log in your next reply.
 
  • Like
Reactions: oldschool

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
i now uninstalled the antivirus and reinstalled it again, the sign appeared on Rt corner but i didn't find exit option after right clicking the sign
 

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
i did't find these options in the second program which you sent
i downloaded the second scan program and i have done quick scan at first but it did not detect anything then i have done full scan which detected 830 threats and the program removed them but i did not find any file for the results to send it to you
 
  • Like
Reactions: upnorth

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
i did't find these options in the second program which you sent
My bad. I should have checked if that program has a different interface.

Please open the following file and copy & paste the contents here:
C:\Users\Eman Shafik S hafie\AppData\Local\Temp\log.txt

Security Analysis
Please download Security Analysis by Rocket Grannie from here
  • Save it to your Desktop.
  • Close your security software to avoid potential conflicts.
  • Double click RGSA.exe
  • Click OK on the copyright-disclaimer
  • It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
  • The log will automatically open. Please copy and paste the contents of that log in this topic.

How is your computer doing? Is there anything else you want me to take care of like the Dell program?
 
  • Like
Reactions: upnorth

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
18:14:11 # product=EOS
# version=8
# esetonlinescanner.exe=3.4.2.0
# country="United States"
# lang=1033
18:16:31 Updating
18:16:31 Update Init
18:16:32 Update Download
18:20:50 esets_scanner_reload returned 0
18:20:50 g_uiModuleBuild: 46388
18:20:50 Update Finalize
18:20:50 Call m_esets_charon_send
18:20:50 Call m_esets_charon_destroy
18:20:50 Updated modules version: 46388
18:21:04 Call m_esets_charon_setup_create
18:21:04 Call m_esets_charon_create
18:21:04 m_esets_charon_create OK
18:21:04 Call m_esets_charon_start_send_thread
18:21:04 Call m_esets_charon_setup_set
18:21:04 m_esets_charon_setup_set OK
18:21:04 Scanner engine: 46388
19:06:26 Updating
19:06:26 Update Init
19:06:41 Update Download
19:06:43 g_uiModuleBuild: 46388
19:06:43 Update Finalize
19:06:43 Call m_esets_charon_send
19:06:43 Call m_esets_charon_destroy
19:06:43 Updated modules version: 46388
19:06:57 Call m_esets_charon_setup_create
19:06:57 Call m_esets_charon_create
19:06:57 m_esets_charon_setup_set ERROR
19:06:57 Scanner engine: 46388
19:32:17 Updating
19:32:17 Update Init
19:32:40 Update Download
19:32:42 g_uiModuleBuild: 46388
19:32:42 Update Finalize
19:32:42 Call m_esets_charon_send
19:32:42 Call m_esets_charon_destroy
19:32:42 Updated modules version: 46388
19:32:58 Call m_esets_charon_setup_create
19:32:58 Call m_esets_charon_create
19:32:58 m_esets_charon_setup_set ERROR
19:32:58 Scanner engine: 46388
23:39:30 Updating
23:39:30 Update Init
23:39:51 Update Download
23:40:22 esets_scanner_reload returned 0
23:40:22 g_uiModuleBuild: 46390
23:40:22 Update Finalize
23:40:22 Call m_esets_charon_send
23:40:22 Call m_esets_charon_destroy
23:40:22 Updated modules version: 46390
23:40:36 Call m_esets_charon_setup_create
23:40:36 Call m_esets_charon_create
23:40:36 m_esets_charon_setup_set ERROR
23:40:36 Scanner engine: 46390
01:47:12 Call m_esets_charon_send
01:47:12 Call m_esets_charon_destroy
01:47:25 # product=EOS
# version=8
# esetonlinescanner.exe=3.4.2.0
# country="United States"
# lang=1033
01:47:46 Call m_esets_charon_send
01:47:46 Call m_esets_charon_destroy
01:47:46 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=0
# esetonlinescanner.exe=3.4.2.0
# EOSSerial=2262b094423b554081da50632ed3465f
# engine=0
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=false
# sfx_checked=false
# utc_time=2020-08-08 23:47:46
# local_time=2020-08-09 01:47:46 (+0200, Egypt Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5138 16777213 85 94 204451 8792160 0 0
# compatibility_mode_1='Malwarebytes'
# compatibility_mode=18433 16777214 83 100 27151 4066917 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=0
# scan_type=190377920
# test=default
# stats_enabled=1
01:47:51 # product=EOS
# version=8
# esetonlinescanner.exe=3.4.2.0
# country="United States"
# lang=1033
01:48:15 Updating
01:48:15 Update Init
01:48:27 Update Download
01:48:41 g_uiModuleBuild: 46390
01:48:41 Update Finalize
01:48:41 Call m_esets_charon_send
01:48:41 Call m_esets_charon_destroy
01:48:41 Updated modules version: 46390
01:48:53 Call m_esets_charon_setup_create
01:48:53 Call m_esets_charon_create
01:48:53 m_esets_charon_create OK
01:48:53 Call m_esets_charon_start_send_thread
01:48:53 Call m_esets_charon_setup_set
01:48:53 m_esets_charon_setup_set OK
01:48:53 Scanner engine: 46390
07:22:25 Call m_esets_charon_send
07:22:25 Call m_esets_charon_destroy
07:29:15 # product=EOS
# version=8
# esetonlinescanner.exe=3.4.2.0
# country="United States"
# lang=1033
07:31:55 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# esetonlinescanner.exe=3.4.2.0
# EOSSerial=2262b094423b554081da50632ed3465f
# engine=0
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=false
# sfx_checked=false
# utc_time=2020-08-09 05:31:54
# local_time=2020-08-09 07:31:54 (+0200, Egypt Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5138 16777213 85 94 225099 8812808 0 0
# compatibility_mode_1='Malwarebytes'
# compatibility_mode=18433 16777214 83 100 47799 4087565 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=0
# scan_type=70015704
# test=default
# stats_enabled=1
07:32:50 # product=EOS
# version=8
# esetonlinescanner.exe=3.4.2.0
# country="United States"
# lang=1033
07:33:21 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# esetonlinescanner.exe=3.4.2.0
# EOSSerial=2262b094423b554081da50632ed3465f
# engine=0
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=false
# sfx_checked=false
# utc_time=2020-08-09 05:33:20
# local_time=2020-08-09 07:33:20 (+0200, Egypt Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5138 16777213 85 94 225185 8812894 0 0
# compatibility_mode_1='Malwarebytes'
# compatibility_mode=18433 16777214 83 100 47885 4087651 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=0
# scan_type=70180912
# test=default
# stats_enabled=1
 

Eman shafik

Level 1
Thread author
Jun 28, 2020
49
Please open the following file and copy & paste the contents here:
C:\Users\Eman Shafik S hafie\AppData\Local\Temp\log.txt
i didn't find the same pathway so i entered it in the search and it gave me the result which i sent you above is it that what you wanted
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top