2017-06-04 21:53:59.406 Sophos Virus Removal Tool version 2.6.0
2017-06-04 21:53:59.406 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.
2017-06-04 21:53:59.406 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2017-06-04 21:53:59.406 Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2017-06-04 21:53:59.406 Checking for updates...
2017-06-04 21:54:00.593 Update progress: proxy server not available
2017-06-04 21:54:03.265 Update error: failed to read remote metadata (error 4)
[T46381] ..\SUL\Handle.cpp:98 + SU::Handle::readRemoteMetadata()
[T75884] ..\SUL\Metadata.cpp:144 SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[E26245] Error fetching data from
http://dci.sophosupd.com/update/2/9e/29 ... a00871.dat: WinHttpSendRequest 12007
[I20317] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[E26245] Error fetching data from
http://dci.sophosupd.net/update/2/9e/29 ... a00871.dat: WinHttpSendRequest 12029
[I20317] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[E75373] Ran out of sophos aliases for this update source
[E35369] Out of update sources
[E99999] Out of sources
2017-06-04 21:54:22.343 Error initialising detection engine - virus data checksum error
2017-06-04 21:54:25.593 Error level 1
2017-06-04 21:54:32.859 Scan failed due to fatal error.
2017-06-04 21:54:32.859
------------------------------------------------------------
2017-06-04 21:54:34.812 Sophos Virus Removal Tool version 2.6.0
2017-06-04 21:54:34.812 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.
2017-06-04 21:54:34.812 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2017-06-04 21:54:34.812 Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2017-06-04 21:54:34.812 Checking for updates...
2017-06-04 21:54:35.859 Update progress: proxy server not available
2017-06-04 21:54:45.015 Error initialising detection engine - virus data checksum error
2017-06-04 21:54:51.359 Downloading updates...
2017-06-04 21:54:51.359 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-04 21:54:51.359 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-04 21:54:51.359 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-04 21:54:51.359 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-04 21:54:51.359 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-04 21:54:51.359 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-04 21:54:51.375 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-04 21:54:51.375 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-04 21:54:51.375 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-04 21:54:51.375 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-04 21:54:51.375 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-04 21:54:51.531 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-04 21:54:51.531 Update progress: [I19463] Product download size 165113825 bytes
2017-06-04 21:55:49.953 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-04 21:55:49.953 Update progress: [I19463] Product download size 1784068 bytes
2017-06-04 21:55:57.218 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-04 21:55:57.218 Update progress: [I19463] Product download size 2265483 bytes
2017-06-04 21:56:07.390 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-04 21:56:07.390 Update progress: [I19463] Product download size 353040 bytes
2017-06-04 21:56:12.421 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-04 21:56:13.468 Installing updates...
2017-06-04 21:56:14.078 Error level 1
2017-06-04 21:57:43.984 Update successful
2017-06-04 21:58:20.468 Option all = no
2017-06-04 21:58:20.468 Option recurse = yes
2017-06-04 21:58:20.468 Option archive = no
2017-06-04 21:58:20.468 Option service = yes
2017-06-04 21:58:20.468 Option confirm = yes
2017-06-04 21:58:20.468 Option sxl = yes
2017-06-04 21:58:20.468 Option max-data-age = 35
2017-06-04 21:58:20.468 Option vdl-logging = yes
2017-06-04 21:58:20.578 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-04 21:58:20.578 Machine ID: 5f788f5f83d4461292853faca75187c0
2017-06-04 21:58:20.593 Component SVRTcli.exe version 2.6.0
2017-06-04 21:58:20.593 Component control.dll version 2.6.0
2017-06-04 21:58:20.593 Component SVRTservice.exe version 2.6.0
2017-06-04 21:58:20.593 Component engine\osdp.dll version 1.44.1.2285
2017-06-04 21:58:20.593 Component engine\veex.dll version 3.68.5.2285
2017-06-04 21:58:20.593 Component engine\savi.dll version 9.0.7.2285
2017-06-04 21:58:20.593 Component rkdisk.dll version 1.5.31.1
2017-06-04 21:58:20.593 Version info: Product version 2.6.0
2017-06-04 21:58:20.593 Version info: Detection engine 3.68.5
2017-06-04 21:58:20.593 Version info: Detection data 5.39
2017-06-04 21:58:20.593 Version info: Build date 2.5.2017
2017-06-04 21:58:20.593 Version info: Data files added 296
2017-06-04 21:58:20.593 Version info: Last successful update 4.6.2017 23:57:43
2017-06-05 01:19:50.250 Warning: rootkit scan failed to open device "\\?\Volume{551a1f7f-acc6-11e6-aa1f-806d6172696f}" (87)
2017-06-05 02:16:10.687 >>> Virus 'Mal/VMProtBad-A' found in file C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP179\A0197279.dll
2017-06-05 02:16:10.750 >>> Virus 'Mal/VMProtBad-A' found in file HKCR\exefile\default
2017-06-05 02:44:20.125 Could not open LOGICAL:0003:00000000
2017-06-05 02:44:20.125 Could not open D:\
2017-06-05 02:47:33.421 Could not open LOGICAL:0005:00000000
2017-06-05 02:47:33.437 Could not open F:\
2017-06-05 02:47:33.703 The following items will be cleaned up:
2017-06-05 02:47:33.703 Mal/VMProtBad-A
2017-06-05 09:17:09.125 Threat 'Mal/VMProtBad-A' has been cleaned up.
2017-06-05 09:17:09.125 Registry value "HKCR\exefile\default" belongs to malware 'Mal/VMProtBad-A'.
2017-06-05 09:17:09.125 Registry value "HKCR\exefile\default" has been cleaned up.
2017-06-05 09:17:09.125 File "C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP179\A0197279.dll" belongs to malware 'Mal/VMProtBad-A'.
2017-06-05 09:17:09.125 File "C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP179\A0197279.dll" has been cleaned up.
2017-06-05 09:17:09.125 Removal successful
2017-06-05 09:17:10.015 Error level 0
2017-06-05 09:18:31.796 Scan completed.
2017-06-05 09:18:31.796
------------------------------------------------------------
2017-06-16 23:44:08.796 Sophos Virus Removal Tool version 2.6.0
2017-06-16 23:44:08.796 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.
2017-06-16 23:44:08.796 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2017-06-16 23:44:08.796 Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2017-06-16 23:44:08.796 Checking for updates...
2017-06-16 23:44:09.968 Update progress: proxy server not available
2017-06-16 23:45:18.484 Option all = no
2017-06-16 23:45:18.484 Option recurse = yes
2017-06-16 23:45:18.484 Option archive = no
2017-06-16 23:45:18.484 Option service = yes
2017-06-16 23:45:18.484 Option confirm = yes
2017-06-16 23:45:18.484 Option sxl = yes
2017-06-16 23:45:18.484 Option max-data-age = 35
2017-06-16 23:45:18.484 Option vdl-logging = yes
2017-06-16 23:45:18.531 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-16 23:45:18.531 Machine ID: 5f788f5f83d4461292853faca75187c0
2017-06-16 23:45:18.578 Component SVRTcli.exe version 2.6.0
2017-06-16 23:45:18.578 Component control.dll version 2.6.0
2017-06-16 23:45:18.578 Component SVRTservice.exe version 2.6.0
2017-06-16 23:45:18.578 Component engine\osdp.dll version 1.44.1.2285
2017-06-16 23:45:18.578 Component engine\veex.dll version 3.68.5.2285
2017-06-16 23:45:18.578 Component engine\savi.dll version 9.0.7.2285
2017-06-16 23:45:18.625 Component rkdisk.dll version 1.5.31.1
2017-06-16 23:45:18.625 Version info: Product version 2.6.0
2017-06-16 23:45:18.625 Version info: Detection engine 3.68.5
2017-06-16 23:45:18.625 Version info: Detection data 5.39
2017-06-16 23:45:18.625 Version info: Build date 2.5.2017
2017-06-16 23:45:18.625 Version info: Data files added 296
2017-06-16 23:45:18.625 Version info: Last successful update 4.6.2017 23:57:43
2017-06-16 23:45:44.281 Downloading updates...
2017-06-16 23:45:44.281 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-16 23:45:44.281 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-16 23:45:44.281 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-16 23:45:44.281 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-16 23:45:44.281 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-16 23:45:44.281 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-16 23:45:44.281 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-16 23:45:44.281 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-16 23:45:44.281 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-16 23:45:44.281 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-16 23:45:44.343 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-16 23:45:44.468 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-16 23:45:44.578 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-16 23:45:44.625 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-16 23:45:44.625 Update progress: [I19463] Product download size 826549 bytes
2017-06-16 23:45:48.046 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-16 23:45:48.218 Installing updates...
2017-06-16 23:45:49.640 Error level 1
2017-06-16 23:45:50.421 Update successful
2017-06-16 23:46:02.046 Option all = no
2017-06-16 23:46:02.046 Option recurse = yes
2017-06-16 23:46:02.046 Option archive = no
2017-06-16 23:46:02.046 Option service = yes
2017-06-16 23:46:02.046 Option confirm = yes
2017-06-16 23:46:02.046 Option sxl = yes
2017-06-16 23:46:02.046 Option max-data-age = 35
2017-06-16 23:46:02.046 Option vdl-logging = yes
2017-06-16 23:46:02.046 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-16 23:46:02.046 Machine ID: 5f788f5f83d4461292853faca75187c0
2017-06-16 23:46:02.046 Component SVRTcli.exe version 2.6.0
2017-06-16 23:46:02.046 Component control.dll version 2.6.0
2017-06-16 23:46:02.046 Component SVRTservice.exe version 2.6.0
2017-06-16 23:46:02.046 Component engine\osdp.dll version 1.44.1.2285
2017-06-16 23:46:02.062 Component engine\veex.dll version 3.68.5.2285
2017-06-16 23:46:02.062 Component engine\savi.dll version 9.0.7.2285
2017-06-16 23:46:02.062 Component rkdisk.dll version 1.5.31.1
2017-06-16 23:46:02.062 Version info: Product version 2.6.0
2017-06-16 23:46:02.062 Version info: Detection engine 3.68.5
2017-06-16 23:46:02.062 Version info: Detection data 5.39
2017-06-16 23:46:02.062 Version info: Build date 2.5.2017
2017-06-16 23:46:02.062 Version info: Data files added 348
2017-06-16 23:46:02.062 Version info: Last successful update 17.6.2017 1:45:50
2017-06-17 00:01:54.296 Warning: rootkit scan failed to open device "\\?\Volume{551a1f7f-acc6-11e6-aa1f-806d6172696f}" (87)
2017-06-17 00:18:51.171 >>> Virus 'Mal/Generic-S' found in file C:\Documents and Settings\Adam2\Local Settings\Temp\Setup (1).exe
2017-06-17 00:18:51.171 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2017-06-17 00:18:51.171 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2017-06-17 00:18:51.171 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-06-17 00:18:51.171 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500
2017-06-17 00:18:51.296 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2017-06-17 00:18:51.296 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1208
2017-06-17 01:18:02.953 Could not open LOGICAL:0003:00000000
2017-06-17 01:18:02.968 Could not open D:\
2017-06-17 01:18:02.984 Could not open LOGICAL:0005:00000000
2017-06-17 01:18:03.000 Could not open F:\
2017-06-17 01:18:03.156 The following items will be cleaned up:
2017-06-17 01:18:03.156 Mal/Generic-S
2017-06-17 01:19:36.390 Threat 'Mal/Generic-S' has been cleaned up.
2017-06-17 01:19:36.390 File "C:\Documents and Settings\Adam2\Local Settings\Temp\Setup (1).exe" belongs to malware 'Mal/Generic-S'.
2017-06-17 01:19:36.390 File "C:\Documents and Settings\Adam2\Local Settings\Temp\Setup (1).exe" has been cleaned up.
2017-06-17 01:19:36.390 Removal successful
2017-06-17 01:19:37.234 Error level 0