Suspected Trojan/Malware – posted in Virus, Trojan, Spyware, and Malware Removal Help: Recently I accidentally went to a bad site (asusnetwork). After realizing my mistake I scanned with Windows Defender, it found and removed a Trojan. Then scanned with Malwa…
Regarding about the Indexing, should I leave the Index Location setting default or are there specific locations/drives I should select or include before starting? If there is an option to include external drives (other than C:) we don't want to include those. Is that what you are seeing? Fix result of Farbar Recovery Scan Tool (x64) Version: 07-03-2026 Ran by BEN (07-03-2026 18:56:28) Run:1 Running from C:UsersBENDownloads Loaded Profiles: BEN Boot Mode: Normal ============================================== fixlist content: ***************** Start:: CreateRestorePoint: CloseProcesses: cmd: msinfo32 /nfo SystemSummary.nfo /categories +systemsummary HKUS-1-5-21-657302161-4191946336-1863979509-1001…Run: [AdobeBridge] => [X] HKUS-1-5-21-657302161-4191946336-1863979509-1001…Run: [GalaxyClient] => [X] S2 Autodesk; "C:AutodeskNetwork License Managerlmgrd.exe" [X] HKLM-x32…Run: [Adobe CCXProcess] => C:Program Files (x86)AdobeAdobe Creative Cloud ExperienceCCXProcess.exe (No File) FirewallRules: [TCP Query User{CFCF65C9-5978-4FD7-8625-0F922BC61F56}C:usersbenappdatalocaldiscordapp-1.0.9013discord.exe] => (Allow) C:usersbenappdatalocaldiscordapp-1.0.9013discord.exe => No File FirewallRules: [UDP Query User{66AA0039-98B9-42F7-8B87-C7A3496086D6}C:usersbenappdatalocaldiscordapp-1.0.9013discord.exe] => (Allow) C:usersbenappdatalocaldiscordapp-1.0.9013discord.exe => No File FirewallRules: [{4FAA4E93-6D9A-4936-9D97-5315457FC8DD}] => (Allow) D:Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{DEE0D3CC-6645-4314-83FF-F392148CD8BC}] => (Allow) D:Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{C93AC77B-B57A-4E2E-AF87-E9458A79EE8F}] => (Allow) D:Blade And SoulPurple2.25.224.3cefsharp.browsersubprocess.exe => No File FirewallRules: [{AD5D3AAB-53E0-4A2D-93E6-DA63BC071846}] => (Allow) D:Blade And SoulPurpleyetiyeti_v2.1.508.2503_globalpurpleon.exe => No File FirewallRules: [{C24A2BAA-3A78-4A54-B8F5-40EC2C0DC41E}] => (Allow) D:Blade And SoulPurplepurple-boxPurpleBox.exe => No File FirewallRules: [{AF89341F-EC5D-4B63-83A2-8B86109811A1}] => (Allow) D:Blade And SoulPurple2.25.310.1cefsharp.browsersubprocess.exe => No File AlternateDataStreams: C:UsersBEN:com.affinity.photo.2 [151] AlternateDataStreams: C:UsersBEN:com.affinity.photo.3 [197] 2026-03-05 20:48 – 2022-01-01 03:50 – 000008192 ___SH C:DumpStack.log.tmp cmd: netsh winsock reset catalog cmd: netsh int ip reset resetlog.txt Reg: reg export HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessDefaultsFirewallPolicyFirewallRules C:Firewall.reg C:Firewall.reg cmd: netsh advfirewall reset cmd: netsh advfirewall set allprofiles state ON cmd: bitsadmin /reset /allusers cmd: ipconfig /flushdns Removeproxy: hosts: cmd: sfc /scannow cmd: DISM /Online /Cleanup-Image /CheckHealth Emptytemp: End:: ***************** Restore point was successfully created.
Processes closed successfully. ========= msinfo32 /nfo SystemSummary.nfo /categories +systemsummary ========= 0 ========= End of CMD: ========= "HKUS-1-5-21-657302161-4191946336-1863979509-1001SoftwareMicrosoftWindowsCurrentVersionRun\AdobeBridge" => removed successfully "HKUS-1-5-21-657302161-4191946336-1863979509-1001SoftwareMicrosoftWindowsCurrentVersionRun\GalaxyClient" => removed successfully HKLMSystemCurrentControlSetServicesAutodesk => removed successfully Autodesk => service removed successfully "HKLMSoftwareWOW6432NodeMicrosoftWindowsCurrentVersionRun\Adobe CCXProcess" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{CFCF65C9-5978-4FD7-8625-0F922BC61F56}C:usersbenappdatalocaldiscordapp-1.0.9013discord.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{66AA0039-98B9-42F7-8B87-C7A3496086D6}C:usersbenappdatalocaldiscordapp-1.0.9013discord.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{4FAA4E93-6D9A-4936-9D97-5315457FC8DD}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{DEE0D3CC-6645-4314-83FF-F392148CD8BC}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{C93AC77B-B57A-4E2E-AF87-E9458A79EE8F}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AD5D3AAB-53E0-4A2D-93E6-DA63BC071846}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{C24A2BAA-3A78-4A54-B8F5-40EC2C0DC41E}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AF89341F-EC5D-4B63-83A2-8B86109811A1}" => removed successfully C:UsersBEN => ":com.affinity.photo.2" ADS removed successfully C:UsersBEN => ":com.affinity.photo.3" ADS removed successfully Could not move "C:DumpStack.log.tmp" => Scheduled to move on reboot.
========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ip reset resetlog.txt ========= Resetting Compartment Forwarding, OK! Resetting Compartment, OK! Resetting Control Protocol, OK! Resetting Echo Sequence Request, OK! Resetting Global, OK! Resetting Interface, OK!
Resetting Anycast Address, OK! Resetting Multicast Address, OK! Resetting Unicast Address, OK! Resetting Neighbor, OK! Resetting Path, OK! Resetting Potential, OK! Resetting Prefix Policy, OK! Resetting Proxy Neighbor, OK! Resetting Route, OK! Resetting Site Prefix, OK! Resetting Subinterface, OK! Resetting Wakeup Pattern, OK! Resetting Resolve Neighbor, OK! Resetting , OK! Resetting , OK! Resetting , OK!
Resetting , OK! Resetting , failed. Access is denied. Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= reg export HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessDefaultsFirewallPolicyFirewallRules C:Firewall.reg ========= The operation completed successfully.
========= End of Reg: ========= C:Firewall.reg => moved successfully ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Ok. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. © Copyright Microsoft Corp. {37A868AF-038A-4040-85E2-41BAA1A5A65E} canceled.
{8346CAB4-A7B6-4FE9-995D-481C839EE222} canceled. 2 out of 2 jobs canceled. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= RemoveProxy: ========= "HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\SavedLegacySettings" => removed successfully "HKUS-1-5-21-657302161-4191946336-1863979509-1001SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKUS-1-5-21-657302161-4191946336-1863979509-1001SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:WindowsSystem32Driversetchosts => moved successfully Hosts restored successfully.
========= sfc /scannow ========= Beginning system scan. This process will take some time. Beginning verification phase of system scan. Verification 0% complete. Verification 1% complete. Verification 1% complete. Verification 2% complete. Verification 3% complete. Verification 3% complete. Verification 4% complete. Verification 4% complete. Verification 5% complete. Verification 6% complete. Verification 6% complete.
Verification 7% complete. Verification 8% complete. Verification 8% complete. Verification 9% complete. Verification 9% complete. Verification 10% complete. Verification 11% complete. Verification 11% complete. Verification 12% complete. Verification 13% complete. Verification 13% complete. Verification 14% complete. Verification 14% complete. Verification 15% complete. Verification 16% complete. Verification 16% complete.
Verification 17% complete. Verification 17% complete. Verification 18% complete. Verification 19% complete. Verification 19% complete. Verification 20% complete. Verification 21% complete. Verification 21% complete. Verification 22% complete. Verification 22% complete. Verification 23% complete. Verification 24% complete. Verification 24% complete. Verification 25% complete. Verification 26% complete.
Verification 26% complete. Verification 27% complete. Verification 27% complete. Verification 28% complete. Verification 29% complete. Verification 29% complete. Verification 30% complete. Verification 30% complete. Verification 31% complete. Verification 32% complete. Verification 32% complete. Verification 33% complete. Verification 34% complete. Verification 34% complete. Verification 35% complete.
Verification 35% complete. Verification 36% complete. Verification 37% complete. Verification 37% complete. Verification 38% complete. Verification 39% complete. Verification 39% complete. Verification 40% complete. Verification 40% complete. Verification 41% complete. Verification 42% complete. Verification 42% complete. Verification 43% complete. Verification 43% complete. Verification 44% complete.
Verification 45% complete. Verification 45% complete. Verification 46% complete. Verification 47% complete. Verification 47% complete. Verification 48% complete. Verification 48% complete. Verification 49% complete. Verification 50% complete. Verification 50% complete. Verification 51% complete. Verification 52% complete. Verification 52% complete. Verification 53% complete. Verification 53% complete.
Verification 54% complete. Verification 55% complete. Verification 55% complete. Verification 56% complete. Verification 56% complete. Verification 57% complete. Verification 58% complete. Verification 58% complete. Verification 59% complete. Verification 60% complete. Verification 60% complete. Verification 61% complete. Verification 61% complete. Verification 62% complete. Verification 63% complete.
Verification 63% complete. Verification 64% complete. Verification 65% complete. Verification 65% complete. Verification 66% complete. Verification 66% complete. Verification 67% complete. Verification 68% complete. Verification 68% complete. Verification 69% complete. Verification 69% complete. Verification 70% complete. Verification 71% complete. Verification 71% complete. Verification 72% complete.
Verification 73% complete. Verification 73% complete. Verification 74% complete. Verification 74% complete. Verification 75% complete. Verification 76% complete. Verification 76% complete. Verification 77% complete. Verification 78% complete. Verification 78% complete. Verification 79% complete. Verification 79% complete. Verification 80% complete. Verification 81% complete. Verification 81% complete.
Verification 82% complete. Verification 83% complete. Verification 83% complete. Verification 84% complete. Verification 84% complete. Verification 85% complete. Verification 86% complete. Verification 86% complete. Verification 87% complete. Verification 87% complete. Verification 88% complete. Verification 89% complete. Verification 89% complete. Verification 90% complete. Verification 91% complete.
Verification 91% complete. Verification 92% complete. Verification 92% complete. Verification 93% complete. Verification 94% complete. Verification 94% complete. Verification 95% complete. Verification 96% complete. Verification 96% complete. Verification 97% complete. Verification 97% complete. Verification 98% complete. Verification 99% complete. Verification 99% complete. Verification 100% complete.
Windows Resource Protection did not find any integrity violations. ========= End of CMD: ========= ========= DISM /Online /Cleanup-Image /CheckHealth ========= Deployment Image Servicing and Management tool Version: 10.0.19041.3636 Image Version: 10.0.19045.6466 No component store corruption detected. The operation completed successfully. ========= End of CMD: ========= =========== EmptyTemp: ========== FlushDNS => completed BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2422648723 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 994012211 B Windows/system/drivers => 38347448 B Edge => 217615952 B Chrome => 1183936983 B Firefox => 1112085359 B Opera => 0 B LocalTemp, Local*.tmp, LocalLowTemp, RoamingTemp, Roaming*.tmp , IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 201141 B systemprofile32 => 0 B LocalService => 66358 B NetworkService => 963428 B BEN => 609488336 B RecycleBin => 62305411555 B EmptyTemp: => 64.2 GB temporary data Removed.
================================ Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-03-2026 19:16:39) C:DumpStack.log.tmp => Could not move ==== End of Fixlog 19:16:39 ==== MiniToolBox by Farbar Version: 13-05-2022 Ran by BEN (administrator) on 07-03-2026 at 19:18:42 Running from "C:UsersBENDownloads" Microsoft Windows 10 Home (X64) Model: MS-7D75 Manufacturer: Micro-Star International Co., Ltd.
Boot Mode: Normal *************************************************************************** ========================= IP Configuration: ================================ Realtek Gaming 2.5GbE Family Controller = Ethernet (Connected) # ———————————- # IPv4 Configuration # ———————————- pushd interface ipv4 reset popd # End of IPv4 configuration Windows IP Configuration Host Name .
. . . . . . . . . . . : DESKTOP-GDFVSCJ Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek Gaming 2.5GbE Family Controller Physical Address. . . .
. . . . . : 04-7C-16-57-C6-61 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::d73e:5aca:436a:a7df%9(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.50.121(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : March 7, 2026 7:16:26 PM Lease Expires .
. . . . . . . . . : March 8, 2026 7:16:25 PM Default Gateway . . . . . . . . . : 192.168.50.1 DHCP Server . . . . . . . . . . . : 192.168.50.1 DHCPv6 IAID . . . . . . . . . . . : 67402774 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-61-CE-28-04-7C-16-57-C6-61 DNS Servers . . . . . . . . . . . : 192.168.50.1 NetBIOS over Tcpip. . . . . . . . : Enabled Server: RT-AX86U-9EF0 Address: 192.168.50.1 Name: google.com Addresses: 2607:f8b0:4023:1803::65 2607:f8b0:4023:1803::8a 2607:f8b0:4023:1803::66 2607:f8b0:4023:1803::8b 142.250.139.139 142.250.139.101 142.250.139.138 142.250.139.102 142.250.139.100 142.250.139.113 Pinging google.com [142.250.139.113] with 32 bytes of data: Reply from 142.250.139.113: bytes=32 time=18ms TTL=113 Reply from 142.250.139.113: bytes=32 time=11ms TTL=113 Ping statistics for 142.250.139.113: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 11ms, Maximum = 18ms, Average = 14ms Server: RT-AX86U-9EF0 Address: 192.168.50.1 Name: yahoo.com Addresses: 2001:4998:44:3507::8000 2001:4998:24:120d::1:0 2001:4998:24:120d::1:1 2001:4998:44:3507::8001 2001:4998:124:1507::f000 2001:4998:124:1507::f001 74.6.231.21 74.6.143.25 74.6.143.26 98.137.11.164 74.6.231.20 98.137.11.163 Pinging yahoo.com [74.6.231.21] with 32 bytes of data: Reply from 74.6.231.21: bytes=32 time=55ms TTL=52 Reply from 74.6.231.21: bytes=32 time=55ms TTL=52 Ping statistics for 74.6.231.21: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 55ms, Maximum = 55ms, Average = 55ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 9…04 7c 16 57 c6 61 ……Realtek Gaming 2.5GbE Family Controller 1………………………Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.50.1 192.168.50.121 26 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 192.168.50.0 255.255.255.0 On-link 192.168.50.121 281 192.168.50.121 255.255.255.255 On-link 192.168.50.121 281 192.168.50.255 255.255.255.255 On-link 192.168.50.121 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 192.168.50.121 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 192.168.50.121 281 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 331 ::1/128 On-link 9 281 fe80::/64 On-link 9 281 fe80::d73e:5aca:436a:a7df/128 On-link 1 331 ff00::/8 On-link 9 281 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Devices: ================================ Name: Description: Class Guid: Manufacturer: Service: Device ID: ACPIAMDIF031 Problem: : The drivers for this device are not installed.
(Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Network Controller Description: Network Controller Class Guid: Manufacturer: Service: Device ID: PCIVEN_14C3&DEV_0616&SUBSYS_061614C3&REV_006&1CE298E7&0&00580011 Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Generic Bluetooth Adapter Description: Generic Bluetooth Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: GenericAdapter Service: BTHUSB Device ID: USBVID_0E8D&PID_0616&MI_009&13C806E8&0&0000 Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner.
For more information about how to diagnose the problem, see the hardware documentation. Name: PCI Encryption/Decryption Controller Description: PCI Encryption/Decryption Controller Class Guid: Manufacturer: Service: Device ID: PCIVEN_1022&DEV_1649&SUBSYS_7D751462&REV_004&1191C85F&0&0241 Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Description: Class Guid: Manufacturer: Service: Device ID: ACPIAMDI00522&DABA3FF&0 Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. **** End of log **** A SystemSummary file will be created on your Desktop. Please zip and upload the file here A SystemSummary file will be created on your Desktop.
Please zip and upload the file here I tried to upload, but it is greater than 10mb. Are there any place you would like me to upload to? The file size it 19mb.
Summary
This report covers the latest developments in samsung. The information presented highlights key changes and updates that are relevant to those following this topic.
Original Source: BleepingComputer | Published: March 7, 2026, 5:43 pm
Leave a Reply
You must be logged in to post a comment.